Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015 Ran by Daniel (administrator) on DANIEL (20-08-2015 14:22:31) Running from C:\Users\Daniel\Desktop Loaded Profiles: Daniel (Available Profiles: Daniel) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe () C:\Program Files (x86)\screenSHU\screenSHU.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\plugin-nm-server.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659736 2014-11-26] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-23] (Intel Corporation) HKU\S-1-5-21-1964153532-139224943-451156895-1000\...\Run: [screenSHU] => C:\Program Files (x86)\screenSHU\screenSHU.exe [2112000 2013-09-04] () HKU\S-1-5-21-1964153532-139224943-451156895-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd) HKU\S-1-5-21-1964153532-139224943-451156895-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-1964153532-139224943-451156895-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1964153532-139224943-451156895-1000\...\Run: [GoogleChromeAutoLaunch_9CB2B8404301F8169D10E27C4B481A41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1964153532-139224943-451156895-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-03] (Kaspersky Lab ZAO) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-14] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-03] (Kaspersky Lab ZAO) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-14] (Oracle Corporation) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-03] (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-04-03] (Kaspersky Lab ZAO) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-05] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-04-03] (Kaspersky Lab ZAO) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-05] (Oracle Corporation) BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-04-03] (Kaspersky Lab ZAO) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{0901DADA-E80A-42D7-91EF-235E34BB8BBE}: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{0AFF6DE7-C77C-448A-ABE3-6EB8AEF5D276}: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{16EE2487-D595-49C6-BAD6-44600ED3432F}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{437576A3-ED96-426F-BF84-5EC3C654A10F}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{AB8B52D4-BB67-4F40-936B-5DBFBE2A9829}: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{CFDCDFF6-B730-4F36-A3B6-CC0E10DA0984}: [DhcpNameServer] 194.204.159.1 194.204.152.34 Tcpip\..\Interfaces\{FC385D53-41C9-4313-AE06-B778009F73A6}: [DhcpNameServer] 194.204.159.1 194.204.152.34 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-14] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-05] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-04-03] () FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-04-03] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-04-03] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-04-03] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-04-03] FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-04-03] Chrome: ======= CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Steam inventory helper) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-08-17] CHR Extension: (Adblock for Youtube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-03-30] CHR Extension: (Kaspersky Protection) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-03] CHR Extension: (Tampermonkey) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-06-16] CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-24] CHR Extension: (Download Ninja) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gklhnpfkcfpkjcihhjbgmhgkcajamlmd [2015-05-15] CHR Extension: (Agario Extended – Enhance Agar.io Gameplay) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflicjopopjcpojfoefhbpdncmjbcbin [2015-05-18] CHR Extension: (ClipConverter) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\njjjgjlocdhecpgdcfjblcnfebfnmhpp [2015-04-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-20] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-07] (Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-01-12] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation) R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2015-01-12] (Advanced Micro Devices) R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation) R5 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation) R5 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) R5 CNG; C:\Windows\System32\Drivers\cng.sys [458824 2015-01-15] (Microsoft Corporation) R5 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation) R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-03-26] (DT Soft Ltd) R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation) R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation) U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2015-01-12] (Microsoft Corporation) R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2015-01-12] (Microsoft Corporation) S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [6784 2009-02-11] (SweetLow) [File not signed] R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.) R5 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [22800 2015-03-23] (Intel Corporation) R5 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-04-03] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-04-03] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-04-03] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO) R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-01-15] (Microsoft Corporation) R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2015-01-15] (Microsoft Corporation) R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation) R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation) R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation) R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation) R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2015-01-12] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation) R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2015-01-12] (Microsoft Corporation) R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation) R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation) R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation) R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation) R5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] (Microsoft Corporation) R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2015-01-12] (Microsoft Corporation) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2015-01-12] (Microsoft Corporation) R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation) R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation) R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation) R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation) R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2015-01-12] (Microsoft Corporation) R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [59856 2014-05-06] (Windows (R) Win 7 DDK provider) S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-20 14:22 - 2015-08-20 14:22 - 00024319 _____ C:\Users\Daniel\Desktop\FRST.txt 2015-08-20 14:15 - 2015-08-20 14:15 - 02173952 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe 2015-08-20 14:06 - 2015-08-20 14:06 - 00000000 ____D C:\Users\Daniel\AppData\Local\Crossbrowse 2015-08-20 14:02 - 2015-08-20 14:02 - 00584704 _____ C:\Users\Daniel\AppData\Roaming\winyhg.exe 2015-08-20 14:02 - 2015-08-20 14:02 - 00003214 _____ C:\Windows\System32\Tasks\winyhg 2015-08-20 14:02 - 2015-08-20 14:02 - 00000103 ___SH C:\Users\Daniel\AppData\Roaming\winyhg.bat 2015-08-20 14:02 - 2015-08-20 14:02 - 00000016 ___SH C:\Users\Daniel\AppData\Roaming\useridafile 2015-08-20 13:28 - 2015-08-20 13:44 - 00001022 _____ C:\Windows\Tasks\suv1f7deU4Gv3h8ZwUSFjdH.job 2015-08-20 13:28 - 2015-08-20 13:28 - 00004046 _____ C:\Windows\System32\Tasks\suv1f7deU4Gv3h8ZwUSFjdH 2015-08-20 13:28 - 2015-08-20 13:28 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashRpt 2015-08-20 13:27 - 2015-08-20 13:29 - 00000000 ____D C:\ProgramData\update 2015-08-20 13:27 - 2015-08-20 13:28 - 00000000 ____D C:\ProgramData\DWinManProD 2015-08-20 13:27 - 2015-08-20 13:27 - 00000000 ____D C:\Program Files (x86)\MiniLite 2015-08-20 13:27 - 2015-08-20 13:27 - 00000000 _____ C:\Windows\prleth.sys 2015-08-20 13:27 - 2015-08-20 13:27 - 00000000 _____ C:\Windows\hgfs.sys 2015-08-20 12:55 - 2015-08-20 12:55 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-08-20 12:55 - 2015-08-20 12:55 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll 2015-08-20 12:55 - 2015-08-20 12:55 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll 2015-08-20 12:55 - 2015-08-20 12:55 - 00113629 _____ C:\Windows\SysWOW64\slmgr.vbs 2015-08-20 12:55 - 2015-08-20 12:55 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winver.exe 2015-08-17 20:35 - 2015-08-17 20:35 - 00003040 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe 2015-08-17 20:35 - 2015-08-17 20:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf 2015-08-17 20:35 - 2015-08-17 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse 2015-08-17 20:35 - 2015-08-17 20:35 - 00000000 ____D C:\Program Files\Microsoft IntelliPoint 2015-08-14 14:37 - 2015-08-14 14:37 - 00000000 ____D C:\Users\Daniel\Desktop\Penx-Dissaster-2014 2015-08-12 05:30 - 2015-08-12 05:30 - 00000000 ____D C:\Users\Daniel\Desktop\Eripe - Opium LP %282015%29 2015-08-11 18:53 - 2015-08-11 18:53 - 00100013 _____ C:\Users\Daniel\Desktop\THEDEMOVAULT_CSGO_movieconfig.rar 2015-08-07 13:17 - 2015-08-07 13:17 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2015-08-02 19:39 - 2015-08-02 19:39 - 00000000 ____D C:\Program Files (x86)\LocK-A-FoLdeR 2015-08-01 18:57 - 2015-08-18 23:21 - 00000000 ____D C:\Users\Daniel\Desktop\Nowy folder (2) 2015-08-01 15:35 - 2015-08-01 15:35 - 00001325 _____ C:\Users\Public\Desktop\The Walking Dead Season 2.lnk 2015-08-01 15:35 - 2015-08-01 15:35 - 00000000 ____D C:\Users\Daniel\Documents\Telltale Games 2015-08-01 15:35 - 2015-08-01 15:35 - 00000000 ____D C:\ProgramData\RELOADED 2015-08-01 15:35 - 2015-08-01 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTX Box Team 2015-08-01 15:31 - 2015-08-01 15:31 - 00000000 ____D C:\Program Files (x86)\GTX Box Team 2015-08-01 15:28 - 2015-08-01 15:28 - 00000000 ____D C:\Users\Daniel\Desktop\The.Walking.Dead.Season.1.POLISH.REPACK-GBT 2015-08-01 12:31 - 2008-04-13 22:15 - 00010368 _____ (Microsoft Corporation) C:\Windows\system32\hidusb.sys 2015-07-30 21:49 - 2015-07-30 21:50 - 00000010 _____ C:\Users\Daniel\Desktop\Nowy dokument tekstowy (2).txt 2015-07-29 22:26 - 2015-07-29 22:26 - 00000440 _____ C:\Users\Daniel\Desktop\Nowy dokument tekstowy.txt 2015-07-29 18:49 - 2015-07-29 18:49 - 00000915 _____ C:\Users\Public\Desktop\AIMP3.lnk 2015-07-27 14:37 - 2015-07-27 14:37 - 00000000 ____D C:\Temp 2015-07-27 14:37 - 2015-07-27 14:37 - 00000000 ____D C:\ProgramData\HTC 2015-07-27 14:37 - 2015-07-27 14:37 - 00000000 ____D C:\Program Files (x86)\HTC 2015-07-23 16:47 - 2015-07-23 16:56 - 00000000 ____D C:\Users\Daniel\Desktop\Nowy folder 2015-07-23 12:06 - 2015-07-23 12:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2015-07-23 12:06 - 2015-07-23 12:06 - 00000000 ____D C:\Program Files (x86)\Intel 2015-07-23 12:06 - 2015-07-23 12:06 - 00000000 ____D C:\Intel 2015-07-23 12:06 - 2015-03-23 18:34 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll 2015-07-23 12:05 - 2015-03-23 18:34 - 00800016 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys 2015-07-23 12:05 - 2015-03-23 18:34 - 00390416 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys 2015-07-23 12:05 - 2015-03-23 18:34 - 00022800 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys 2015-07-22 14:18 - 2009-02-11 13:25 - 00006784 _____ (SweetLow) C:\Windows\system32\Drivers\hidusbf.sys 2015-07-22 13:32 - 2015-07-22 13:32 - 00000000 ____D C:\Users\Daniel\AppData\Local\CEF 2015-07-21 20:14 - 2015-07-21 20:14 - 00003190 _____ C:\Windows\System32\Tasks\{56383B7A-D56E-4459-873F-F123CC326996} 2015-07-21 17:44 - 2015-07-21 17:44 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\PC Suite 2015-07-21 17:44 - 2015-07-21 17:44 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Nokia 2015-07-21 17:44 - 2015-07-21 17:44 - 00000000 ____D C:\ProgramData\PC Suite 2015-07-21 17:44 - 2015-07-21 17:44 - 00000000 ____D C:\Program Files\DIFX 2015-07-21 17:44 - 2012-10-17 13:53 - 00026112 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys 2015-07-21 17:43 - 2015-07-23 18:27 - 00000000 ____D C:\ProgramData\Installations 2015-07-21 17:32 - 2015-07-23 17:20 - 00000000 ____D C:\Program Files (x86)\NSS 2015-07-21 17:32 - 2006-08-29 16:56 - 00032377 _____ (B-phreaks) C:\Windows\system32\Drivers\prodigy.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-20 14:22 - 2015-03-18 00:08 - 00000000 ____D C:\FRST 2015-08-20 14:21 - 2015-03-22 17:56 - 00000000 ____D C:\AdwCleaner 2015-08-20 14:20 - 2015-03-26 01:42 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DAEMON Tools Pro 2015-08-20 14:13 - 2015-02-20 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-20 13:58 - 2015-02-20 15:49 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-20 13:58 - 2015-02-20 14:55 - 01584632 ____N C:\Windows\WindowsUpdate.log 2015-08-20 13:53 - 2015-02-20 15:32 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-20 13:50 - 2011-04-12 15:21 - 00739706 _____ C:\Windows\system32\perfh015.dat 2015-08-20 13:50 - 2011-04-12 15:21 - 00155280 _____ C:\Windows\system32\perfc015.dat 2015-08-20 13:50 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-20 13:44 - 2015-04-03 05:26 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-08-20 13:44 - 2015-02-23 20:11 - 00000000 ____D C:\Users\Daniel\AppData\Local\screenSHU 2015-08-20 13:44 - 2015-02-20 15:32 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-20 13:44 - 2015-02-20 15:01 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-20 13:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-20 13:43 - 2009-07-14 06:45 - 00021040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-20 13:43 - 2009-07-14 06:45 - 00021040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-20 13:40 - 2015-02-20 17:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AIMP3 2015-08-20 13:36 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-20 13:34 - 2015-02-20 15:02 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2015-08-20 13:33 - 2015-05-03 04:50 - 00000687 _____ C:\Users\Daniel\Desktop\GTA V.lnk 2015-08-20 13:33 - 2015-02-20 14:53 - 00001341 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-20 13:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2015-08-19 18:11 - 2015-05-21 21:14 - 00002340 _____ C:\Users\Daniel\Desktop\Bezpieczne pieniądze.lnk 2015-08-19 16:37 - 2015-07-01 18:09 - 00000000 ____D C:\Users\Daniel\Desktop\aero 2015-08-18 23:29 - 2015-04-03 04:46 - 00000000 ____D C:\Users\Daniel\Desktop\mp3 2015-08-18 18:12 - 2015-02-23 23:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client 2015-08-18 11:37 - 2015-02-20 15:23 - 00111912 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-18 11:30 - 2015-02-20 14:48 - 05058648 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-12 17:41 - 2015-07-10 17:05 - 00003672 _____ C:\Users\Daniel\Documents\PrawkoB2013P.tmp 2015-08-11 19:03 - 2015-02-20 23:44 - 00000219 _____ C:\Users\Daniel\Desktop\Counter-Strike Global Offensive.url 2015-08-10 13:28 - 2015-02-13 00:27 - 01640128 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-08-07 21:18 - 2015-07-14 19:17 - 00000000 ____D C:\Users\Daniel\AppData\Local\Microsoft Games 2015-08-04 21:22 - 2015-02-23 23:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-07-29 18:49 - 2015-02-20 17:05 - 00000000 ____D C:\Program Files (x86)\AIMP3 2015-07-23 18:27 - 2015-07-19 15:42 - 00000000 ____D C:\Program Files (x86)\Nokia 2015-07-23 17:20 - 2015-07-19 15:42 - 00000000 ____D C:\ProgramData\Nokia 2015-07-23 17:19 - 2015-05-09 19:04 - 00000000 ____D C:\Program Files (x86)\Kingo ROOT 2015-07-23 11:25 - 2015-03-26 23:15 - 00000443 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-07-21 18:28 - 2015-02-20 14:57 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-21 17:18 - 2015-07-19 15:50 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\NaviFirmPlus 2015-07-21 17:06 - 2015-02-20 14:53 - 00000000 ____D C:\Users\Daniel\AppData\Local\VirtualStore ==================== Files in the root of some directories ======= 2015-05-20 17:13 - 2015-07-07 11:48 - 0000132 _____ () C:\Users\Daniel\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Daniel\AppData\Roaming\suv1f7deU4Gv3h8ZwUSFjdH 2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Daniel\AppData\Roaming\suv1f7deU4Gv3h8ZwUSFjdH.exe 2015-08-20 14:02 - 2015-08-20 14:02 - 0000016 ___SH () C:\Users\Daniel\AppData\Roaming\useridafile 2015-08-20 14:02 - 2015-08-20 14:02 - 0000103 ___SH () C:\Users\Daniel\AppData\Roaming\winyhg.bat 2015-08-20 14:02 - 2015-08-20 14:02 - 0584704 _____ () C:\Users\Daniel\AppData\Roaming\winyhg.exe 2015-02-21 14:42 - 2015-02-21 14:42 - 0007666 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg 2015-02-20 14:58 - 2015-02-20 14:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Daniel\AppData\Local\Temp\9135.exe C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll C:\Users\Daniel\AppData\Local\Temp\tu17p84.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll [2010-11-21 05:24] - [2010-11-21 05:24] - 1008640 ____A (Microsoft Corporation) 8D0F86272C524052236761CABF6E7AFE C:\Windows\SysWOW64\User32.dll [2015-08-20 12:55] - [2015-08-20 12:55] - 0833024 ____A (Microsoft Corporation) E01EBE6A0C7B306763667FDC60A0B25A C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <===== ATTENTION LastRegBack: 2015-08-12 20:51 ==================== End of log ============================