Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017 Ran by Gulek (administrator) on GULEK-PC (24-05-2017 21:43:06) Running from C:\Users\Gulek\Desktop\Nowy folder Loaded Profiles: Gulek (Available Profiles: Gulek & DefaultAppPool) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Musicmatch, Inc.) C:\Program Files (x86)\Musicmatch\Musicmatch Jukebox\MMDiag.exe (Musicmatch, Inc.) C:\Program Files (x86)\Musicmatch\Musicmatch Jukebox\mim.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Mozilla) C:\Users\Gulek\AppData\Local\Temp\nsuF4CB.tmp\download.exe (Mozilla Corporation) C:\Users\Gulek\AppData\Local\Temp\7zS2E80.tmp\setup.exe (Microsoft Corporation) C:\Windows\System32\regsvr32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NirSoft) C:\Users\Gulek\Downloads\myeventviewer-x64\MyEventViewer.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-04-05] (Adobe Systems Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: F - F:\autorun.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: L - L:\Setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {16fa681b-1750-11e5-91e9-00c2c60ec8cd} - F:\autorun.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {16fa682a-1750-11e5-91e9-00c2c60ec8cd} - E:\setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {235ccd98-0056-11e5-808e-00c2c60ec8cd} - L:\Setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {4f378167-d113-11e6-82f5-00c2c60ec8cd} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {7793c0ce-7358-11e5-99f7-00c2c60ec8cd} - H:\setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {b1d4e59d-c215-11e6-a270-00c2c60ec8cd} - E:\HiSuiteDownLoader.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-05-19] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-01-02] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BED5D8A7-702A-43A9-9C36-78BFEF9BF6C9}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{C40486E7-D7E0-4343-A4A8-9DBF7BCA1170}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-3358588553-51344018-1733655914-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=pl-pl BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-04] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-04] (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 1o4ouu3w.default FF ProfilePath: C:\Users\Gulek\AppData\Roaming\Mozilla\Firefox\Profiles\1o4ouu3w.default [2017-05-24] FF Extension: (TLS 1.3 A/B Test Experiment) - C:\Users\Gulek\AppData\Roaming\Mozilla\Firefox\Profiles\1o4ouu3w.default\features\{15baf91d-a17b-4d41-925f-35e3c1bcda3c}\tls13-comparison-all-v1@mozilla.org.xpi [2017-05-24] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-04-11] FF HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR HomePage: ChromeDefaultData -> hxxp://www.istartsurf.com/?type=sy&ts=1432298350&z=1b7e14261a30cda3757f9dbg7zdcboaoatbbcc1w9m&from=smt&uid=ST1000LM014-SSHD-8GB_W380XD11XXXXW380XD11 CHR StartupUrls: ChromeDefaultData -> "hxxp://www.trotux.com/?z=get_error&from=ftp&uid=ST1000LM014-SSHD-8GB_W380XD11XXXXW380XD11&type=hp" CHR Profile: C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-05-24] <==== ATTENTION CHR Extension: (Prezentacje Google) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-20] CHR Extension: (Przelewy24) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj [2017-02-21] CHR Extension: (Dokumenty Google) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-20] CHR Extension: (Dysk Google) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-20] CHR Extension: (YouTube) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-20] CHR Extension: (Arkusze Google) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-20] CHR Extension: (Dokumenty Google offline) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-20] CHR Extension: (AdBlock) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-20] CHR Extension: (Chrome Media Router) - C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-05-23] () R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd) R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-04-01] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-04-01] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-04-01] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-12-11] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2016-12-11] () R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [383264 2014-04-08] (SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259808 2014-04-08] (SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software) S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT Corporation.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-05-22] (Disc Soft Ltd) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2002-04-26] (DATOM Dariusz Cielebąk) [File not signed] R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2013-04-26] (Qualcomm Atheros Co., Ltd.) R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [187320 2017-05-22] (Malwarebytes) S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-24] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-24] (Malwarebytes) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw01.sys [11532704 2015-03-13] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-04-01] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [66608 2017-04-01] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 USBET; C:\Windows\System32\DRIVERS\ETdrv.sys [6423168 2012-11-26] (Etron) S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X] S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 BTCOM; system32\DRIVERS\btcomport.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-24 21:42 - 2017-05-24 21:43 - 00000000 ____D C:\FRST 2017-05-24 21:40 - 2017-05-24 21:43 - 00000000 ____D C:\Users\Gulek\Downloads\myeventviewer-x64 2017-05-24 21:40 - 2017-05-24 21:40 - 00081951 _____ C:\Users\Gulek\Downloads\myeventviewer-x64.zip 2017-05-24 21:11 - 2017-05-24 21:11 - 02748276 _____ C:\Users\Gulek\Downloads\IKUCIhyOdtKXorns.rar 2017-05-24 20:56 - 2017-05-24 21:01 - 947070088 _____ (Microsoft Corporation) C:\Users\Gulek\Downloads\windows6.1-KB976932-X64.exe 2017-05-24 20:30 - 2017-05-24 20:43 - 00000000 ____D C:\Users\Gulek\AppData\LocalLow\Mozilla 2017-05-24 20:29 - 2017-05-24 20:36 - 00000000 ____D C:\Users\Gulek\AppData\Local\Mozilla 2017-05-24 20:29 - 2017-05-24 20:30 - 00000000 ____D C:\Users\Gulek\AppData\Roaming\Mozilla 2017-05-24 20:28 - 2017-05-24 20:28 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-24 20:28 - 2017-05-24 20:28 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-05-24 20:27 - 2017-05-24 20:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-24 20:25 - 2017-05-24 20:26 - 44845544 _____ (Mozilla) C:\Users\Gulek\Downloads\Firefox Setup 53.0.3.exe 2017-05-24 20:23 - 2017-05-24 20:25 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-05-24 20:19 - 2017-05-24 20:19 - 00246200 _____ (Mozilla) C:\Users\Gulek\Downloads\Firefox Setup Stub 53.0.3.exe 2017-05-24 20:09 - 2017-05-24 20:09 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2017-05-24 20:09 - 2017-05-24 20:09 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents 2017-05-24 20:09 - 2017-05-24 20:09 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos 2017-05-24 20:09 - 2017-05-24 20:09 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures 2017-05-24 20:09 - 2017-05-24 20:09 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music 2017-05-24 20:09 - 2017-05-24 20:09 - 00000000 ____D C:\Users\DefaultAppPool 2017-05-24 20:09 - 2016-01-11 21:03 - 00002144 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2017-05-24 20:09 - 2016-01-03 19:02 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help 2017-05-24 20:09 - 2009-07-14 09:45 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs 2017-05-24 20:03 - 2017-05-24 20:03 - 00037925 _____ C:\Users\Gulek\Downloads\slimj (1).txt 2017-05-24 19:59 - 2017-05-24 19:59 - 00037925 _____ C:\Users\Gulek\Downloads\slimj.txt 2017-05-24 19:58 - 2017-05-24 19:58 - 00000000 ____D C:\affbc53050a3cf8f6ae2b8613968c581 2017-05-24 19:26 - 2017-05-24 19:26 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-05-24 19:21 - 2017-05-24 19:22 - 14408760 _____ (Microsoft Corporation) C:\Users\Gulek\Downloads\vc_redist.x86.exe 2017-05-24 19:21 - 2017-05-24 19:21 - 15254392 _____ (Microsoft Corporation) C:\Users\Gulek\Downloads\vc_redist.x64 (3).exe 2017-05-23 23:47 - 2017-05-23 23:47 - 00000000 ____D C:\d6b3d333bfbbb1c69afe68c7e17493 2017-05-23 23:45 - 2017-05-23 23:45 - 00000000 ____D C:\c88482c3685985e20b 2017-05-23 23:41 - 2017-05-23 23:41 - 00000000 ____D C:\Windows\SysWOW64\BestPractices 2017-05-23 23:40 - 2017-05-23 23:40 - 00000000 ____D C:\Windows\system32\BestPractices 2017-05-23 23:40 - 2017-05-23 23:40 - 00000000 ____D C:\inetpub 2017-05-23 23:36 - 2017-05-23 23:36 - 00000000 ____D C:\b28567c9a1837245a6c12b 2017-05-23 23:35 - 2017-05-23 23:35 - 01034556 _____ C:\Users\Gulek\Downloads\Windows6.1-KB2999226-x64 (1).msu 2017-05-23 23:06 - 2017-05-23 23:06 - 15301888 _____ (Microsoft Corporation) C:\Users\Gulek\Downloads\vc_redist.x64 (2).exe 2017-05-23 23:04 - 2017-05-23 23:04 - 14572000 _____ (Microsoft Corporation) C:\Users\Gulek\Downloads\vc_redist.x64 (1).exe 2017-05-23 23:00 - 2017-05-23 23:00 - 00000000 ____D C:\9e8185ebec831479b37f951b091492 2017-05-23 22:31 - 2017-05-23 22:32 - 14572000 _____ (Microsoft Corporation) C:\Users\Gulek\Downloads\vc_redist.x64.exe 2017-05-23 21:48 - 2017-05-23 21:48 - 00000222 _____ C:\Users\Gulek\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url 2017-05-23 21:48 - 2017-05-23 21:48 - 00000000 ____D C:\Users\Gulek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-05-23 21:41 - 2017-05-23 21:41 - 00000000 ____D C:\Users\Gulek\AppData\Local\CrashDumps 2017-05-23 21:34 - 2017-05-23 21:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-05-23 21:34 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-05-23 21:34 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll 2017-05-23 21:34 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-05-23 21:34 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe 2017-05-23 21:34 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-05-23 21:28 - 2017-05-18 09:33 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 35349440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 35282040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 28593088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 17426520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 16436488 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 14271608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-05-23 21:28 - 2017-05-18 09:33 - 13402816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 11027968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 10551072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 09248328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 03437688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 03020920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438233.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 01606592 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438233.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 01055680 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00993912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00964216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00507688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2017-05-23 21:28 - 2017-05-18 09:33 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2017-05-23 21:18 - 2017-05-23 21:18 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-23 21:18 - 2017-05-23 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-05-23 21:18 - 2017-04-01 05:20 - 01882168 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-05-23 21:18 - 2017-04-01 05:20 - 01756728 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2017-05-23 21:18 - 2017-04-01 05:20 - 01470520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-05-23 21:18 - 2017-04-01 05:20 - 01318968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2017-05-23 21:18 - 2017-04-01 05:20 - 00121912 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2017-05-23 21:17 - 2017-05-23 21:17 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-23 21:16 - 2017-05-23 21:16 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-23 21:16 - 2017-05-23 21:16 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-23 21:16 - 2017-05-23 21:16 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-23 21:16 - 2017-05-23 21:16 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-23 21:16 - 2017-05-23 21:16 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-05-23 21:16 - 2017-04-01 05:20 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2017-05-23 21:15 - 2017-05-18 07:55 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2017-05-23 21:15 - 2017-05-18 07:48 - 00548984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-05-23 21:15 - 2017-05-18 07:48 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-05-23 21:13 - 2017-05-18 09:33 - 04090016 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-05-23 21:13 - 2017-05-18 09:33 - 03603672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-05-23 21:13 - 2017-04-02 18:12 - 00218040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2017-05-23 21:13 - 2017-04-02 18:12 - 00046008 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2017-05-23 21:13 - 2017-04-01 05:20 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll 2017-05-23 21:13 - 2017-04-01 05:20 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll 2017-05-23 21:13 - 2017-04-01 05:20 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-05-23 21:13 - 2017-04-01 05:20 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2017-05-23 21:13 - 2017-04-01 02:41 - 00172592 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-05-23 21:13 - 2017-04-01 02:41 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-05-23 21:13 - 2017-04-01 02:41 - 00076840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2017-05-23 21:13 - 2017-04-01 02:41 - 00066608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-05-23 21:10 - 2017-05-23 21:11 - 395336888 _____ (NVIDIA Corporation) C:\Users\Gulek\Downloads\381.65-desktop-win8-win7-64bit-international-whql.exe 2017-05-23 20:57 - 2017-05-23 23:22 - 00000000 ____D C:\Users\Gulek\AppData\Local\NVIDIA Corporation 2017-05-23 20:57 - 2017-05-23 21:18 - 00000000 ____D C:\Users\Gulek\AppData\Local\NVIDIA 2017-05-23 20:55 - 2017-05-23 21:17 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-05-23 20:55 - 2017-05-16 20:09 - 07993157 _____ C:\Windows\system32\nvcoproc.bin 2017-05-23 20:52 - 2017-04-02 18:12 - 01600560 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2017-05-23 20:52 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll 2017-05-23 20:52 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll 2017-05-23 20:51 - 2017-05-23 20:51 - 00000000 ____D C:\NVIDIA 2017-05-22 23:49 - 2017-05-22 23:49 - 04206080 _____ (crosire) C:\Users\Gulek\Downloads\ReShade_Setup_3.0.7.exe 2017-05-22 22:53 - 2017-05-24 19:13 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-05-22 22:53 - 2017-05-22 22:54 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-05-22 22:53 - 2017-05-22 22:53 - 00187320 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-05-22 22:53 - 2017-05-22 22:53 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-05-22 22:52 - 2017-05-22 22:52 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-05-22 22:52 - 2017-05-22 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-05-22 22:52 - 2017-05-22 22:52 - 00000000 ____D C:\Program Files\Malwarebytes 2017-05-22 22:52 - 2017-05-09 16:37 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-05-22 21:51 - 2017-05-22 21:51 - 00000222 _____ C:\Users\Gulek\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server).url 2017-05-22 21:41 - 2017-05-22 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft 2017-05-22 21:40 - 2017-05-22 21:40 - 00000000 ____D C:\Users\Gulek\AppData\Local\IIIQF 2017-05-22 21:37 - 2016-08-10 12:56 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2017-05-22 21:37 - 2016-08-10 12:53 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\API-MS-Win-core-file-l2-1-0.dll 2017-05-22 21:36 - 2016-08-10 12:50 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2017-05-22 21:35 - 2017-05-22 21:35 - 00000000 ____D C:\Users\Gulek\Downloads\api-ms-win-crt-runtime-l1-1-0 (2) 2017-05-22 21:35 - 2016-08-10 16:27 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-05-22 21:34 - 2017-05-22 21:34 - 00003630 _____ C:\Users\Gulek\Downloads\api-ms-win-crt-runtime-l1-1-0 (2).zip 2017-05-22 21:07 - 2017-05-22 21:07 - 07798790 _____ C:\Users\Gulek\Downloads\qsg-ea829.pdf 2017-05-22 21:06 - 2017-05-22 21:06 - 02665963 _____ C:\Users\Gulek\Downloads\ea829e_ifu-ea829-lattespress.pdf 2017-05-22 19:23 - 2017-05-22 19:23 - 00000000 ____D C:\Users\Gulek\AppData\Local\GWX 2017-05-21 23:13 - 2017-05-22 21:38 - 00000000 ____D C:\Users\Gulek\Downloads\api-ms-win-core-synch-l1-2-0 (1) 2017-05-21 23:13 - 2017-05-21 23:13 - 00002728 _____ C:\Users\Gulek\Downloads\api-ms-win-core-synch-l1-2-0 (1).zip 2017-05-21 23:11 - 2017-05-21 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client 2017-05-21 23:11 - 2017-05-21 23:43 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client 2017-05-21 23:11 - 2017-05-21 23:11 - 00000000 ____D C:\Users\Gulek\AppData\Roaming\DLL-files.com 2017-05-21 23:11 - 2017-05-21 23:11 - 00000000 ____D C:\Users\Gulek\AppData\Roaming\DFXCT 2017-05-21 23:10 - 2017-05-22 21:37 - 00000000 ____D C:\Users\Gulek\Downloads\api-ms-win-core-localization-l1-2-0 (1) 2017-05-21 23:10 - 2017-05-21 23:10 - 00008442 _____ C:\Users\Gulek\Downloads\api-ms-win-core-localization-l1-2-0 (1).zip 2017-05-21 23:09 - 2017-05-21 23:09 - 01034556 _____ C:\Users\Gulek\Downloads\Windows6.1-KB2999226-x64.msu 2017-05-21 23:09 - 2017-05-21 23:09 - 00000000 ____D C:\10219f34f387225431 2017-05-21 23:07 - 2017-05-22 21:37 - 00000000 ____D C:\Users\Gulek\Downloads\api-ms-win-core-file-l2-1-0 (1) 2017-05-21 23:07 - 2017-05-21 23:07 - 00007681 _____ C:\Users\Gulek\Downloads\api-ms-win-core-file-l2-1-0 (1).zip 2017-05-21 23:06 - 2017-05-22 21:36 - 00000000 ____D C:\Users\Gulek\Downloads\api-ms-win-core-timezone-l1-1-0 (1) 2017-05-21 23:05 - 2017-05-21 23:05 - 00007638 _____ C:\Users\Gulek\Downloads\api-ms-win-core-timezone-l1-1-0 (1).zip 2017-05-21 22:20 - 2017-05-22 23:11 - 00000000 ____D C:\Users\Gulek\Downloads\api-ms-win-crt-runtime-l1-1-0 (1) 2017-05-21 22:20 - 2017-05-21 22:20 - 00003630 _____ C:\Users\Gulek\Downloads\api-ms-win-crt-runtime-l1-1-0 (1).zip 2017-05-19 23:18 - 2017-05-19 23:18 - 02769844 _____ C:\Users\Gulek\Downloads\TKn3JuQ09A03Z105.rar 2017-05-19 18:55 - 2017-05-19 18:55 - 00283301 _____ C:\Users\Gulek\Downloads\Wyrok z dnia 10.05.2017r..pdf 2017-05-16 20:17 - 2017-05-16 20:17 - 02764180 _____ C:\Users\Gulek\Downloads\2f8VD6nIQf1PuHIW.rar 2017-05-14 11:51 - 2017-05-14 11:51 - 02766004 _____ C:\Users\Gulek\Downloads\yFaVXJzgvsagaWPR.rar 2017-05-14 11:51 - 2017-05-14 11:51 - 02766004 _____ C:\Users\Gulek\Downloads\mc19NwSCR7HfCHGz.rar 2017-05-12 23:24 - 2017-05-12 23:25 - 124422711 _____ C:\Users\Gulek\Downloads\8ad49940b44342b623913aee6c158bfd.flv 2017-05-12 23:20 - 2017-05-12 23:20 - 76546507 _____ C:\Users\Gulek\Downloads\f3cbc7c523e6c440bed12106f28a8894.flv 2017-05-11 22:48 - 2017-05-11 22:48 - 00000000 ____D C:\Users\Gulek\Documents\4A Games 2017-05-11 22:46 - 2017-05-11 22:46 - 00000000 ____D C:\Users\Gulek\AppData\Local\4A Games 2017-05-09 16:53 - 2017-05-09 16:53 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-05-06 18:03 - 2017-05-06 18:03 - 02781524 _____ C:\Users\Gulek\Downloads\ppdA59neiHZVkAd6.rar 2017-04-30 19:43 - 2017-04-30 19:47 - 00000000 ____D C:\Users\Gulek\AppData\Local\osu! 2017-04-30 19:43 - 2017-04-30 19:43 - 00000946 _____ C:\Users\Gulek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2017-04-30 19:43 - 2017-04-30 19:43 - 00000000 ____D C:\Users\Gulek\Downloads\Localisation 2017-04-30 19:42 - 2017-04-30 19:42 - 04479168 _____ (ppy) C:\Users\Gulek\Downloads\osu!install.exe 2017-04-27 23:05 - 2017-04-27 23:05 - 00000000 ____D C:\Users\Gulek\AppData\Roaming\Google 2017-04-25 20:51 - 2017-04-25 20:51 - 00002944 _____ C:\Windows\System32\Tasks\{98194FD4-A78B-47CE-9BD0-ACFB042C1CE3} 2017-04-25 19:03 - 2017-04-25 19:03 - 02753124 _____ C:\Users\Gulek\Downloads\L9wT1stfkuk1Klq9.rar 2017-04-25 19:02 - 2017-04-25 19:02 - 02753124 _____ C:\Users\Gulek\Downloads\i3nlITY3y4iOWXXg.rar ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-24 21:43 - 2016-11-20 13:42 - 00000000 ____D C:\Users\Gulek\Desktop\Nowy folder 2017-05-24 21:12 - 2017-04-07 19:37 - 00000000 ____D C:\Users\Gulek\Desktop\Cheat 2017-05-24 21:08 - 2009-07-14 06:45 - 00019968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-05-24 21:08 - 2009-07-14 06:45 - 00019968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-05-24 20:33 - 2015-05-19 14:01 - 00000000 ____D C:\Users\Gulek\AppData\Roaming\uTorrent 2017-05-24 20:27 - 2016-08-11 15:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-24 19:29 - 2015-05-18 18:34 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-24 19:26 - 2015-05-18 19:06 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-24 19:24 - 2016-03-03 22:21 - 00000000 ____D C:\Program Files (x86)\Steam 2017-05-24 19:13 - 2016-11-02 21:42 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2017-05-24 19:13 - 2015-05-30 11:19 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-05-24 19:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-23 23:41 - 2016-11-02 21:39 - 01770356 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-05-23 23:41 - 2015-05-18 22:00 - 00820348 _____ C:\Windows\system32\perfh015.dat 2017-05-23 23:41 - 2015-05-18 22:00 - 00190722 _____ C:\Windows\system32\perfc015.dat 2017-05-23 23:41 - 2009-07-14 07:13 - 01864790 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-23 23:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv 2017-05-23 23:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv 2017-05-23 23:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-05-23 23:22 - 2016-12-17 22:26 - 00003172 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-05-23 23:22 - 2016-01-11 21:03 - 00002200 _____ C:\Users\Gulek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2017-05-23 23:22 - 2016-01-11 21:03 - 00000000 ___RD C:\Users\Gulek\OneDrive 2017-05-23 22:42 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2017-05-23 21:35 - 2015-05-18 19:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-05-23 21:18 - 2015-05-18 19:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-05-22 23:03 - 2016-11-30 21:34 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6 2017-05-22 22:52 - 2015-05-30 11:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-05-21 23:47 - 2015-12-24 16:14 - 00053248 ___SH C:\Users\Gulek\Desktop\Thumbs.db 2017-05-21 23:45 - 2015-05-18 17:42 - 00000000 ____D C:\Users\Gulek 2017-05-21 23:44 - 2017-01-07 13:59 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2017-05-21 23:44 - 2016-11-14 18:42 - 00000000 ____D C:\Program Files (x86)\ETRON 2017-05-21 23:44 - 2016-01-02 19:00 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2017-05-21 23:44 - 2015-12-03 18:40 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2017-05-21 23:44 - 2015-05-21 18:18 - 00000000 ___SD C:\Windows\system32\GWX 2017-05-21 23:44 - 2015-05-18 18:36 - 00000000 ___HD C:\Windows\system32\WLANProfiles 2017-05-21 23:43 - 2016-05-30 21:58 - 00000000 ____D C:\Program Files (x86)\Athenasoft 2017-05-21 23:43 - 2009-07-14 09:45 - 00000000 ___RD C:\Users\Public\Recorded TV 2017-05-21 23:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2017-05-18 21:29 - 2016-12-18 12:13 - 00000000 ____D C:\Users\Gulek\AppData\Local\ElevatedDiagnostics 2017-05-18 09:33 - 2013-12-26 19:42 - 20066768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-05-18 09:33 - 2013-12-26 19:42 - 00042897 _____ C:\Windows\system32\nvinfo.pb 2017-05-18 07:48 - 2015-05-18 19:05 - 06437824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-05-18 07:48 - 2015-05-18 19:05 - 02479736 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-05-18 07:48 - 2015-05-18 19:05 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-05-18 07:48 - 2015-05-18 19:05 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-05-18 07:48 - 2015-05-18 19:05 - 00146880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll 2017-05-18 07:48 - 2015-05-18 19:05 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-05-16 22:38 - 2015-05-18 18:40 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-16 22:38 - 2015-05-18 18:40 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-13 18:52 - 2015-05-29 16:16 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2017-05-11 23:54 - 2017-03-16 00:30 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-05-11 22:41 - 2016-10-01 16:14 - 00000000 ____D C:\Users\Gulek\AppData\Local\Arma 3 2017-05-11 20:59 - 2016-07-01 20:32 - 00000000 ____D C:\Users\Gulek\Desktop\zdjecia 2017-05-09 16:54 - 2016-07-13 15:28 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468416524 2017-05-09 16:53 - 2015-05-29 16:16 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-05-09 16:53 - 2015-05-29 16:16 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-05-09 16:53 - 2015-05-29 16:16 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-05-09 16:53 - 2015-05-29 16:16 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-05-09 16:53 - 2015-05-29 16:16 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-05-09 16:53 - 2015-05-29 16:16 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-05-09 16:52 - 2017-03-16 00:30 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-05-09 16:52 - 2017-03-16 00:30 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-05-09 16:52 - 2017-03-16 00:30 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-05-09 16:52 - 2017-03-16 00:30 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-05-09 16:52 - 2016-07-12 17:09 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-05-09 16:52 - 2015-05-29 16:16 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-05-07 12:28 - 2017-04-22 16:14 - 00000000 ____D C:\Users\Gulek\Desktop\New Folder 2017-05-07 01:13 - 2016-01-02 19:38 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-04-28 22:29 - 2015-05-18 18:38 - 00003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-28 22:29 - 2015-05-18 18:38 - 00003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2016-10-17 20:57 - 2005-01-21 08:53 - 0045056 ____R () C:\Program Files (x86)\SetAttrib.exe 2016-06-15 17:02 - 2016-06-15 17:02 - 0000990 _____ () C:\Users\Gulek\AppData\Local\recently-used.xbel 2016-01-02 20:16 - 2016-01-02 20:31 - 0000847 _____ () C:\ProgramData\hpzinstall.log 2016-11-27 20:08 - 2016-11-27 20:08 - 0000016 _____ () C:\ProgramData\mntemp Some files in TEMP: ==================== 2017-05-14 19:35 - 2017-04-20 09:17 - 0050720 _____ (HP Inc.) C:\Users\Gulek\AppData\Local\Temp\ACLMInstaller.exe 2013-10-28 18:47 - 2015-10-03 04:18 - 0835592 _____ (NVIDIA Corporation) C:\Users\Gulek\AppData\Local\Temp\nvSCPAPI64.dll 2017-05-23 20:53 - 2017-04-01 03:36 - 0369208 _____ (NVIDIA Corporation) C:\Users\Gulek\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-05-14 13:19 ==================== End of FRST.txt ============================