Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 Ran by eafae (administrator) on EQWDFWA (14-02-2016 23:00:35) Running from C:\Users\eafae\Downloads Loaded Profiles: eafae (Available Profiles: eafae) Platform: Windows 8.1 Pro (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Arcai.com) C:\Program Files (x86)\netcut\netcut.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\eafae\AppData\Local\Installer\Installiwebar_18987\ytdieamodc_amodc_inst.exe () C:\Users\eafae\AppData\Local\Installer\Installiwebar_18987\ytdieamodc_amodc_inst.exe () C:\ProgramData\Airtostrong\Airtostrong.exe () C:\ProgramData\Airtostrong\Airtostrong.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-03-12] (Razer Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-02-02] (Electronic Arts) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7744568 2015-10-18] (GOG.com) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [51840 2015-06-03] (Locktime Software) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [4711000 2015-06-02] (AAA Internet Publishing, Inc.) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\...\MountPoints2: {27ce1369-9a2e-11e4-824f-806e6f6e6963} - "E:\_AUTORUN\AUTORUN.EXE" AppInit_DLLs: C:\ProgramData\Airtostrong\Icetouch.dll => C:\ProgramData\Airtostrong\Icetouch.dll [805376 2016-02-14] () AppInit_DLLs-x32: C:\ProgramData\Airtostrong\Damdamstrong.dll => C:\ProgramData\Airtostrong\Damdamstrong.dll [257536 2016-02-14] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-05-30] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-13] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2015-07-18] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{50758027-CD0D-418D-80DC-61A6C0BABC25}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{50758027-CD0D-418D-80DC-61A6C0BABC25}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Internet Explorer: ================== HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdA6x4-YNMBuKnGEAxJ5OMXABfmoDlN5kEqlKjBbgKXXu9vSLjyLsInNx0uZUCmcnGPvQ7f7AQCXI_s1uU8B_yETmJFTRKNed6w8jXHtNkssAJ3tCqzp3DiIgNfyAFL1FwrGNatFZjNn0ukYB_-hbeqi-mF_d0k,&q={searchTerms} HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdA6x4-YNMBuKnGEAxJ5OMXABfmoDlN5kEqlKjBbgKXXu9vSLjyLsInNx0uZUCmcnG-uDl7JI5MZ6v6csCTS1zMfk3w-WMYPMi3JZF5hs48u0qa-59mAJ2ZdQCVq9aivBjpV4STqYr4a-hmJBwHaZb3-bDUgRZ8, HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdA6x4-YNMBuKnGEAxJ5OMXABfmoDlN5kEqlKjBbgKXXu9vSLjyLsInNx0uZUCmcnGPvQ7f7AQCXI_s1uU8B_yETmJFTRKNed6w8jXHtNkssAJ3tCqzp3DiIgNfyAFL1FwrGNatFZjNn0ukYB_-hbeqi-mF_d0k,&q={searchTerms} HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdA6x4-YNMBuKnGEAxJ5OMXABfmoDlN5kEqlKjBbgKXXu9vSLjyLsInNx0uZUCmcnGPvQ7f7AQCXI_s1uU8B_yETmJFTRKNed6w8jXHtNkssAJ3tCqzp3DiIgNfyAFL1FwrGNatFZjNn0ukYB_-hbeqi-mF_d0k,&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdA6x4-YNMBuKnGEAxJ5OMXABfmoDlN5kEqlKjBbgKXXu9vSLjyLsInNx0uZUCmcnGPvQ7f7AQCXI_s1uU8B_yETmJFTRKNed6w8jXHtNkssAJ3tCqzp3DiIgNfyAFL1FwrGNatFZjNn0ukYB_-hbeqi-mF_d0k,&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdA6x4-YNMBuKnGEAxJ5OMXABfmoDlN5kEqlKjBbgKXXu9vSLjyLsInNx0uZUCmcnGPvQ7f7AQCXI_s1uU8B_yETmJFTRKNed6w8jXHtNkssAJ3tCqzp3DiIgNfyAFL1FwrGNatFZjNn0ukYB_-hbeqi-mF_d0k,&q={searchTerms} SearchScopes: HKU\S-1-5-21-4040340981-3488949422-2698820681-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B3vZOxc6r0vkIwdA6x4-YNMBuKnGEAxJ5OMXABfmoDlN5kEqlKjBbgKXXu9vSLjyLsInNx0uZUCmcnGPvQ7f7AQCXI_s1uU8B_yETmJFTRKNed6w8jXHtNkssAJ3tCqzp3DiIgNfyAFL1FwrGNatFZjNn0ukYB_-hbeqi-mF_d0k,&q={searchTerms} BHO-x32: Native Info -> {20ffc3e2-8613-4800-a80c-73ae470177af} -> C:\Program Files (x86)\Native Info\Extensions\20ffc3e2-8613-4800-a80c-73ae470177af.dll [2016-02-01] () FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-21] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-21] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-4040340981-3488949422-2698820681-1001: SkypePlugin -> C:\Users\eafae\AppData\Local\SkypePlugin\7.13.0.71\npGatewayNpapi.dll [2016-01-15] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-4040340981-3488949422-2698820681-1001: SkypePlugin64 -> C:\Users\eafae\AppData\Local\SkypePlugin\7.13.0.71\npGatewayNpapi-x64.dll [2016-01-15] (Skype Technologies S.A.) Chrome: ======= CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7aIXx5VT_ng2BrU_HyFbe2hu_BqcXhoqyXNd58xpDCb5RwwpuC0nrD6_lG1Ivv-K10FOx49mQkYIn1Op7SUzbE8taQwVgkviYUPIoktpOn_LZuhKR9CQS7K9AYBRCqQzg-C9NSbsYU9I23gKFAW4OR6Ep0kbRY, CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggaIw4MV10QQBhAcAxZTA1HFlcOeQhaVhRGEFdGcgBcUgwVFVAFIk0FA1oDB0VXfV5bFElXTwhtIU1RF1w4T1NM" CHR StartupUrls: Default -> "hxxp://google.pl/" CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNeoIGShepo8uLJ7aIXx5VT_ng2BrU_HyFbe2hu_BqcXhoqyXNd58xpDCb5RwwpuC0nrD6_lG1Ivv-K10J0u4YIwGgGq5Ok1Gq7df1yRBO5qC9zmQ-Ettk973Q7rQo8QbAa29FfXdfOlu65Z01HdTogtKe3eshCfYYsSuK7YiZRI8,&q={searchTerms} CHR DefaultSearchKeyword: Default -> feed.sonic-search.com CHR Profile: C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Easy Auto Refresh) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-01-26] CHR Extension: (Prezentacje Google) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-20] CHR Extension: (Dokumenty Google) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-20] CHR Extension: (Dysk Google) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (Połączenia przez Skype) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-01-24] CHR Extension: (YouTube) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Adblock Plus) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-06] CHR Extension: (Google Search) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Arkusze Google) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-20] CHR Extension: (LoungeDestroyer) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-01-31] CHR Extension: (Dokumenty Google offline) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Native Info) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmiooiffebfjcenandlhnkcigkjnlegh [2016-02-02] [UpdateUrl: hxxp://cdn.usenativeinfo.com/update] <==== ATTENTION CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Gmail) - C:\Users\eafae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed] R2 Airtostrong; C:\ProgramData\\Airtostrong\\Airtostrong.exe [527360 2016-02-14] () [File not signed] R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-18] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-02-13] (GOG.com) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.) R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [321664 2015-06-03] (Locktime Software) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3643520 2016-01-07] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-02] (Electronic Arts) S2 pyodqctneweowyooa; C:\Users\eafae\AppData\Local\itcom.exe [28160 2016-01-11] () [File not signed] R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] () R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S2 Service Mgr NativeInfo; "C:\ProgramData\074d595f-0c31-4ea0-91ea-d03ba1a766fb\plugincontainer.exe" [X] <==== ATTENTION S2 Update Mgr NativeInfo; "C:\Program Files (x86)\Common Files\074d595f-0c31-4ea0-91ea-d03ba1a766fb\updater.exe" [X] <==== ATTENTION ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] () R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-20] () R3 ip100Avista; C:\Windows\system32\DRIVERS\ipfnd51.sys [37888 2009-03-18] (IC Plus Corp. ) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R1 MpKsl07649399; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{791933DB-F1F7-4BAB-A014-ACD42A54DE00}\MpKsl07649399.sys [44928 2016-02-08] (Microsoft Corporation) R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [120720 2015-06-03] (Locktime Software) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.) R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [32792 2015-06-01] (SteelSeries ApS) R3 sshid; C:\Windows\System32\drivers\sshid.sys [43616 2015-06-01] (SteelSeries ApS) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 NPF; system32\drivers\NPF.sys [X] U3 kwldapob; \??\C:\Users\eafae\AppData\Local\Temp\kwldapob.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-14 23:00 - 2016-02-14 23:00 - 00380416 _____ C:\Users\eafae\Downloads\fvsw3kkh.exe 2016-02-14 23:00 - 2016-02-14 23:00 - 00020565 _____ C:\Users\eafae\Downloads\FRST.txt 2016-02-14 22:59 - 2016-02-14 23:00 - 00000000 ____D C:\FRST 2016-02-14 22:58 - 2016-02-14 22:58 - 03278982 _____ () C:\Program Files\Common Files\11kw1zdf.exe 2016-02-14 22:58 - 2016-02-14 22:58 - 02370560 _____ (Farbar) C:\Users\eafae\Downloads\FRST64.exe 2016-02-14 22:58 - 2016-02-14 22:58 - 00003704 _____ C:\Windows\System32\Tasks\Inst_Rep 2016-02-14 22:58 - 2016-02-14 22:58 - 00002393 _____ C:\Windows\SysWOW64\findit.xml 2016-02-14 22:58 - 2016-02-14 22:58 - 00000000 ____D C:\ProgramData\Airtostrongs 2016-02-14 22:58 - 2016-02-14 22:58 - 00000000 ____D C:\ProgramData\Airtostrong 2016-02-14 22:56 - 2016-02-14 22:56 - 00003388 _____ C:\Windows\System32\Tasks\ndb3jyhj 2016-02-14 22:56 - 2016-02-14 22:56 - 00000000 ____D C:\Program Files\Common Files\k3rc4xhk 2016-02-14 22:55 - 2016-02-14 22:55 - 00003020 _____ C:\Windows\System32\Tasks\MSIAfterburner 2016-02-14 22:49 - 2016-02-14 22:51 - 00000000 ____D C:\AdwCleaner 2016-02-14 22:49 - 2016-02-14 22:49 - 01508352 _____ C:\Users\eafae\Downloads\adwcleaner_5.033.exe 2016-02-13 17:34 - 2016-02-13 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 3® - Dziki Gon [GOG.com] 2016-02-13 15:59 - 2016-02-13 15:59 - 00001980 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2016-02-13 15:59 - 2016-02-13 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2016-02-09 20:05 - 2016-02-09 20:05 - 00124628 _____ C:\Users\eafae\Downloads\Wniosek-o-wydanie-dowodu-osobistego.pdf 2016-02-03 16:55 - 2016-02-03 16:55 - 00000000 ____D C:\Users\eafae\Documents\Criterion Games 2016-02-02 22:36 - 2016-02-02 22:36 - 00001321 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk 2016-02-02 22:36 - 2016-02-02 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted 2016-02-02 13:59 - 2016-02-02 13:59 - 00002339 _____ C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty 2 SinglePlayer.lnk 2016-02-02 13:59 - 2016-02-02 13:59 - 00002339 _____ C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty 2 MultiPlayer.lnk 2016-02-02 13:59 - 2016-02-02 13:59 - 00002277 _____ C:\Users\eafae\Desktop\Call of Duty 2 SinglePlayer.lnk 2016-02-02 13:58 - 2016-02-02 13:58 - 26527756 _____ C:\Users\eafae\Downloads\callofduty2_1.2.zip 2016-02-02 12:55 - 2016-02-02 13:59 - 00000000 ____D C:\Users\eafae\Downloads\Call of Duty 2 full game MP - SP -=AviaRa=- 2016-02-02 12:54 - 2016-02-02 17:21 - 00000000 ____D C:\Users\eafae\AppData\LocalLow\uTorrent 2016-02-02 11:49 - 2016-02-02 11:49 - 00324624 _____ C:\Windows\Minidump\020216-15062-01.dmp 2016-02-01 22:58 - 2016-02-01 22:58 - 00000000 ____D C:\Program Files (x86)\Native Info 2016-01-24 22:00 - 2016-01-24 22:00 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-01-24 22:00 - 2016-01-24 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-01-24 21:59 - 2016-01-24 21:59 - 01504384 _____ (Skype Technologies S.A.) C:\Users\eafae\Downloads\SkypeSetup (1).exe 2016-01-24 21:55 - 2016-01-24 21:55 - 00000000 ____D C:\Users\eafae\AppData\Local\SkypePlugin 2016-01-24 21:54 - 2016-01-24 21:55 - 14229504 _____ C:\Users\eafae\Downloads\SkypeWebPlugin.msi 2016-01-23 12:32 - 2016-01-23 12:32 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2016-01-23 12:32 - 2016-01-07 13:10 - 03643520 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des 2016-01-23 12:32 - 2004-12-30 13:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys 2016-01-23 12:32 - 2003-07-15 22:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd 2016-01-23 12:17 - 2016-01-23 12:17 - 00001397 _____ C:\Users\Public\Desktop\Metin2.lnk 2016-01-23 12:17 - 2016-01-23 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 2016-01-23 11:53 - 2016-01-23 11:54 - 20261624 _____ (Gameforge ) C:\Users\eafae\Downloads\Metin2_GameforgeLiveSetup (2).exe 2016-01-23 00:43 - 2016-01-23 00:44 - 20261624 _____ (Gameforge ) C:\Users\eafae\Downloads\Metin2_GameforgeLiveSetup (1).exe 2016-01-23 00:34 - 2016-02-02 19:48 - 00000000 ____D C:\Users\eafae\Downloads\Gameforge Live 2016-01-23 00:34 - 2016-01-23 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2016-01-23 00:34 - 2016-01-23 11:55 - 00000000 ____D C:\Program Files (x86)\GameforgeLive 2016-01-23 00:34 - 2016-01-23 00:34 - 00000000 ____D C:\Users\eafae\AppData\Local\Gameforge4d 2016-01-23 00:33 - 2016-01-23 00:33 - 20261624 _____ (Gameforge ) C:\Users\eafae\Downloads\Metin2_GameforgeLiveSetup.exe 2016-01-19 23:18 - 2016-01-19 23:18 - 00100740 _____ C:\Users\eafae\Downloads\FV_201601_281505549_06331_b.pdf 2016-01-19 23:16 - 2016-01-19 23:16 - 00112884 _____ C:\Users\eafae\Downloads\FV_201512_281505549_04953_b.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-14 22:59 - 2015-01-13 04:15 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{31FC1C9C-7A86-47FF-81DD-80D814602890} 2016-02-14 22:58 - 2015-04-20 18:55 - 00001334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-14 22:58 - 2015-01-12 08:54 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4040340981-3488949422-2698820681-1001 2016-02-14 22:58 - 2015-01-12 08:48 - 00000997 _____ C:\Users\eafae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-02-14 22:54 - 2015-02-02 18:27 - 00000000 ____D C:\Users\eafae\AppData\Local\LogMeIn Hamachi 2016-02-14 22:54 - 2015-01-13 04:34 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-14 22:53 - 2015-04-20 18:52 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-14 22:53 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-14 22:52 - 2015-01-13 04:20 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-14 22:34 - 2015-04-20 18:52 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-14 21:53 - 2015-02-08 18:09 - 00000000 ____D C:\Users\eafae\AppData\Roaming\TS3Client 2016-02-14 17:58 - 2015-05-19 16:25 - 00000000 ____D C:\Users\eafae\Documents\The Witcher 3 2016-02-14 12:38 - 2015-12-13 21:29 - 00000000 ___RD C:\Users\eafae\Desktop\plp 2016-02-13 15:59 - 2015-12-25 12:10 - 00000000 ____D C:\Program Files\McAfee Security Scan 2016-02-10 22:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-10 22:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2016-02-07 22:02 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-02-07 00:42 - 2015-01-12 08:48 - 00000000 ____D C:\Users\eafae 2016-02-03 16:54 - 2015-01-13 07:37 - 00000000 ____D C:\ProgramData\Origin 2016-02-02 21:05 - 2015-01-13 07:46 - 00000000 ____D C:\Program Files (x86)\Origin Games 2016-02-02 21:01 - 2015-01-13 07:36 - 00000000 ____D C:\Program Files (x86)\Origin 2016-02-02 17:21 - 2015-01-27 21:19 - 00000000 ____D C:\Users\eafae\AppData\Roaming\uTorrent 2016-02-02 12:29 - 2015-04-20 18:52 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 12:29 - 2015-04-20 18:52 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-02 11:50 - 2015-01-21 17:55 - 00000612 __RSH C:\ProgramData\ntuser.pol 2016-02-02 11:49 - 2015-06-04 13:10 - 00000000 ____D C:\Windows\Minidump 2016-01-31 20:13 - 2015-02-19 10:07 - 00000000 ____D C:\Users\eafae\AppData\Local\Steam 2016-01-30 17:33 - 2015-01-29 16:22 - 00000000 ____D C:\Users\eafae\AppData\Roaming\Skype 2016-01-24 22:00 - 2015-01-29 16:22 - 00000000 ____D C:\Users\eafae\AppData\Local\Skype 2016-01-24 22:00 - 2015-01-29 16:22 - 00000000 ____D C:\ProgramData\Skype ==================== Files in the root of some directories ======= 2016-02-14 22:58 - 2016-02-14 22:58 - 3278982 _____ () C:\Program Files\Common Files\11kw1zdf.exe 2016-01-11 12:24 - 2016-01-11 12:24 - 0041472 _____ () C:\Users\eafae\AppData\Local\itcom.dat 2016-01-11 12:24 - 2016-01-11 12:24 - 0028160 _____ () C:\Users\eafae\AppData\Local\itcom.exe 2016-01-11 12:24 - 2016-01-11 12:24 - 0000187 _____ () C:\Users\eafae\AppData\Local\itcom.exe.config Some files in TEMP: ==================== C:\Users\eafae\AppData\Local\Temp\149C.exe C:\Users\eafae\AppData\Local\Temp\IndigoIs.exe C:\Users\eafae\AppData\Local\Temp\nsi8121.exe C:\Users\eafae\AppData\Local\Temp\Ozerhold.exe C:\Users\eafae\AppData\Local\Temp\Skin.dll C:\Users\eafae\AppData\Local\Temp\sqlite3.dll C:\Users\eafae\AppData\Local\Temp\Toncom.exe C:\Users\eafae\AppData\Local\Temp\ytdieamodc_amodc_inst.exe C:\Users\eafae\AppData\Local\Temp\{010F7D3D-AC2D-4DE3-9C25-95F4A2905658}.dll C:\Users\eafae\AppData\Local\Temp\{0217071A-AD01-47F7-8556-CB2900BBD1CB}.dll C:\Users\eafae\AppData\Local\Temp\{12E0582E-982B-4232-83F8-168EFFD6B3A6}.dll C:\Users\eafae\AppData\Local\Temp\{17A60A6C-1758-4221-A398-F9D40C5BCD17}.dll C:\Users\eafae\AppData\Local\Temp\{1DAF5614-9DD3-49EB-BA53-3B1AD21FA519}.dll C:\Users\eafae\AppData\Local\Temp\{24F2E7A0-4FAB-435B-BF43-5DF3352EA97C}.dll C:\Users\eafae\AppData\Local\Temp\{3A0145AC-1B64-4380-9AF7-5DF3DD3EA8DB}.dll C:\Users\eafae\AppData\Local\Temp\{3A82B376-7F24-405C-A854-BA8EC52053F9}.dll C:\Users\eafae\AppData\Local\Temp\{3C82A830-37A8-4E4D-9B02-C15F83A30395}.dll C:\Users\eafae\AppData\Local\Temp\{3CC41BA7-AEDB-4AED-B05F-C076F97410B7}.dll C:\Users\eafae\AppData\Local\Temp\{46D5F671-616C-4D7C-9C63-DCE0232D3EC5}.dll C:\Users\eafae\AppData\Local\Temp\{4A142BAA-D587-4022-BE7A-4379C1527397}.dll C:\Users\eafae\AppData\Local\Temp\{4A1CF4B5-E289-44DD-9C15-29AF223CC988}.dll C:\Users\eafae\AppData\Local\Temp\{4D769671-23F4-4922-A731-B565C0F85E11}.dll C:\Users\eafae\AppData\Local\Temp\{50F946A7-D17C-48DF-8B33-F0B2B3706C1F}.dll C:\Users\eafae\AppData\Local\Temp\{54E66289-E41E-4694-81AD-61AD3558CCBD}.dll C:\Users\eafae\AppData\Local\Temp\{5EC80BE2-DB70-4A61-AFBE-95577E8F53A0}.dll C:\Users\eafae\AppData\Local\Temp\{60CB5F8F-DEF5-4AED-A908-8BAFD943FB8B}.dll C:\Users\eafae\AppData\Local\Temp\{67B1BF23-BC99-4202-9DBD-1364E3B2A4FD}.dll C:\Users\eafae\AppData\Local\Temp\{67E0C248-27C5-41F0-95AE-8B121BFBCEBD}.dll C:\Users\eafae\AppData\Local\Temp\{67E59F15-F744-4655-9755-1AB09997D5F6}.dll C:\Users\eafae\AppData\Local\Temp\{6F551295-05ED-42DC-8C21-4D12045238D0}.dll C:\Users\eafae\AppData\Local\Temp\{81500AC3-0245-40B9-A06A-E5020FF4A784}.dll C:\Users\eafae\AppData\Local\Temp\{8DD630DA-12CC-4CFE-BEF2-7681CCA2ECE9}.dll C:\Users\eafae\AppData\Local\Temp\{8E5439B9-CB47-485D-9242-FDE97896D035}.dll C:\Users\eafae\AppData\Local\Temp\{8FDC638A-5130-45BE-BDEB-946159B36CB1}.dll C:\Users\eafae\AppData\Local\Temp\{9124928F-3B23-4631-B57D-5C2AB3A17404}.dll C:\Users\eafae\AppData\Local\Temp\{9144FE69-C1DF-40D1-A3DD-42ABEF289032}.dll C:\Users\eafae\AppData\Local\Temp\{91BFA923-2B8F-4AC7-B941-0D7605F9FA5A}.dll C:\Users\eafae\AppData\Local\Temp\{97BAFFD6-91CB-43A9-BCB2-CA1CDE91E9E9}.dll C:\Users\eafae\AppData\Local\Temp\{A0CA814B-A3E3-4BF5-8103-7E3D414000DE}.dll C:\Users\eafae\AppData\Local\Temp\{A57F7C1C-2A8D-4C81-8CB2-5AB816036899}.dll C:\Users\eafae\AppData\Local\Temp\{A895C74B-93B0-4475-9315-8E1869639234}.dll C:\Users\eafae\AppData\Local\Temp\{AB4716DE-0511-4865-9867-D9EAE5C14FD2}.dll C:\Users\eafae\AppData\Local\Temp\{AD2D124E-B3EC-4AC5-8224-0C5C8877BA55}.dll C:\Users\eafae\AppData\Local\Temp\{AD969961-525D-41D0-9715-EBE4AA7667D7}.dll C:\Users\eafae\AppData\Local\Temp\{AEF1E0C5-ECC2-47F4-8FDA-743A288B4D3F}.dll C:\Users\eafae\AppData\Local\Temp\{AFC1444C-2A3C-4AEA-AD7C-197B7A98DA81}.dll C:\Users\eafae\AppData\Local\Temp\{AFC4DD9B-4CEB-4903-83AC-E5EBA60402C0}.dll C:\Users\eafae\AppData\Local\Temp\{B0EF1CAC-6656-49E1-A11F-36381C01322E}.dll C:\Users\eafae\AppData\Local\Temp\{B78C1EC8-AC35-4FBB-8151-85379706B67C}.dll C:\Users\eafae\AppData\Local\Temp\{B8AEEA83-2E11-4A4D-8139-8C4C87CFECE5}.dll C:\Users\eafae\AppData\Local\Temp\{BB1AAEE5-0F17-4C6B-AFDC-E453AB908281}.dll C:\Users\eafae\AppData\Local\Temp\{BDA8513C-CF10-4FF5-B5E3-0AC6B52B5035}.dll C:\Users\eafae\AppData\Local\Temp\{C841E921-D347-4160-AF72-B193B2A8A0BF}.dll C:\Users\eafae\AppData\Local\Temp\{CC2EE8B8-4219-41A8-BC1C-8E5A05D4F837}.dll C:\Users\eafae\AppData\Local\Temp\{D210864B-F23E-40D4-B85B-CEF98B91E66C}.dll C:\Users\eafae\AppData\Local\Temp\{D51463EF-3335-448B-A4B8-3E7DE084552F}.dll C:\Users\eafae\AppData\Local\Temp\{DA5ED041-1754-4791-9471-F8614360D9C5}.dll C:\Users\eafae\AppData\Local\Temp\{E0828925-CBE3-48C5-B594-36E8D43B5737}.dll C:\Users\eafae\AppData\Local\Temp\{E3F9CB79-8E6D-4BB1-AC8E-861530BD1454}.dll C:\Users\eafae\AppData\Local\Temp\{E69487A1-B5AD-4003-9A7B-4071944B5E30}.dll C:\Users\eafae\AppData\Local\Temp\{E75EA07A-18A4-49F4-A32A-B1AE94950AAE}.dll C:\Users\eafae\AppData\Local\Temp\{E8DDDC76-74D0-4949-A34E-F2D80DF4B58A}.dll C:\Users\eafae\AppData\Local\Temp\{EBA56C68-C461-4CC3-B5F5-7A35CBAF311B}.dll C:\Users\eafae\AppData\Local\Temp\{EDDFA556-0498-4614-AE35-9B50D3E7305E}.dll C:\Users\eafae\AppData\Local\Temp\{F57EA600-83BA-461D-8253-9563AFF3618D}.dll C:\Users\eafae\AppData\Local\Temp\{F8F39ADC-66FB-43DF-959B-8790BA24890A}.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-02-14 18:11 ==================== End of FRST.txt ============================