Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020 Ran by RazGlaz (administrator) on RAZGLAZ-PC (NCR Corporation 7606-1509-8801) (20-12-2020 18:56:50) Running from C:\Users\RazGlaz\Downloads Loaded Profiles: RazGlaz Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <31> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (JRD COMMUNICATION (SHENZHEN) LTD -> ) C:\Program Files (x86)\Play_Poland\MW40\BackgroundService\ServiceManager.exe (Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2020-03-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2020-03-26] (Intel Corporation -> Intel Corporation) HKU\S-1-5-21-2161612417-3863296993-4172168737-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation) HKU\S-1-5-21-2161612417-3863296993-4172168737-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2161612417-3863296993-4172168737-1000\...\Run: [RazGlaz] => explorer.exe hxxp://exinariuminix.info <==== ATTENTION HKU\S-1-5-21-2161612417-3863296993-4172168737-1000\...\MountPoints2: {5192a81c-0bb2-11e9-a415-02262f04077b} - G:\autorun.exe HKU\S-1-5-21-2161612417-3863296993-4172168737-1000\...\MountPoints2: {5192a836-0bb2-11e9-a415-02262f04077b} - H:\AUTOSTARTER.EXE HKU\S-1-5-21-2161612417-3863296993-4172168737-1000\...\MountPoints2: {c37ef2c8-f5b3-11e8-b08c-806e6f6e6963} - E:\autorun.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-12] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0478D65D-C244-4729-9D91-F209A7AB7465} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1AC85BB7-F04A-412E-87CC-39282F26D8E7} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2106456 2019-12-08] (NVIDIA Corporation -> ) Task: {215D971E-0DEC-47BB-9DE3-68B968AC6EB1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {22D5640D-C42B-43DF-8ED4-2BF9DB54A753} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {24069074-8126-41AF-80FD-B88AE0ED545A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3B721CDD-2CB3-4803-81E2-4EF8E8FC13FF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3C41A534-16FA-4FE1-B89A-F30FEABE9B2E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5BD6170E-CD6D-4B07-A881-F8956805760C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-08] (Google Inc -> Google Inc.) Task: {97D627B3-B80E-49E5-A0BD-40C016C4B060} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B212FF42-101F-4111-9C3F-C0E84B2D3410} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-08] (Google Inc -> Google Inc.) Task: {C9114876-21E1-40B9-B759-D1AC6FE21ED9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D56243D5-1317-4302-87D2-5CF6CEFBFE2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {D85BF085-7FE9-43B2-B272-F35EB1BA73ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-22] (Avast Software s.r.o. -> Avast Software) Task: {E6534DE0-CCA6-45A6-8F2D-2B58036A113A} - System32\Tasks\RazGlaz => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v RazGlaz /t REG_SZ /d "explorer.exe http://exinariuminix.info" <==== ATTENTION Task: {E9C70DB7-C114-4E5C-BCEC-2367D71E8B59} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {E9EC942D-EDCB-4DAE-B5D0-D7BD071D6EE5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {EAFFD00F-D9D6-45FE-9EAE-3AAFA93EB39A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{0A4E56BA-47B5-479C-B3EC-EDF132509DB4}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{5401EB55-AA06-4351-9559-5AFB08DCAD69}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{8C8F100C-1619-4292-9623-979FA5678C96}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{BD25E8D6-D647-43E0-A3B8-E302E8CE4DDA}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{C0175FF1-FA73-4707-A209-E1B5DD492647}: [DhcpNameServer] 192.168.100.1 FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) Chrome: ======= CHR Profile: C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default [2020-12-20] CHR Extension: (Prezentacje) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-08] CHR Extension: (Dokumenty) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-08] CHR Extension: (Dysk Google) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-08] CHR Extension: (YouTube) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-08] CHR Extension: (Arkusze) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-08] CHR Extension: (Dokumenty Google offline) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-05] CHR Extension: (Video DownloadHelper) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-12-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13] CHR Extension: (Gmail) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-08] CHR Extension: (Chrome Media Router) - C:\Users\RazGlaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-13] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4777392 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) R2 Play_Poland MIFI40 Modem Device Helper; C:\Program Files (x86)\Play_Poland\MW40\BackgroundService\ServiceManager.exe [78120 2016-06-17] (JRD COMMUNICATION (SHENZHEN) LTD -> ) R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-15] (Realtek Semiconductor Corp -> ) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed] R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2019-01-19] (Tages SA -> ) S3 cpuz148; C:\Windows\temp\cpuz148\cpuz148_x64.sys [35360 2019-05-04] (CPUID S.A.R.L.U. -> CPUID) S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-12-29] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-12-29] (Disc Soft Ltd -> Disc Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2019-01-19] (Tages SA -> ) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [5086464 2016-04-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R0 secnvme; C:\Windows\System32\DRIVERS\secnvme.sys [90648 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R0 secnvmeF; C:\Windows\System32\DRIVERS\secnvmeF.sys [30456 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Novus\NMS\OpenHardwareMonitorService.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-20 18:56 - 2020-12-20 18:57 - 000015360 _____ C:\Users\RazGlaz\Downloads\FRST.txt 2020-12-20 18:56 - 2020-12-20 18:56 - 002286592 _____ (Farbar) C:\Users\RazGlaz\Downloads\FRST64.exe 2020-12-20 18:56 - 2020-12-20 18:56 - 000000000 ____D C:\FRST 2020-12-20 10:27 - 2020-12-20 10:27 - 001947056 _____ (CPUID, Inc. ) C:\Users\RazGlaz\Downloads\cpu-z_1.94-en.exe 2020-12-20 10:27 - 2020-12-20 10:27 - 000000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2020-12-20 10:27 - 2020-12-20 10:27 - 000000869 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk 2020-12-19 22:03 - 2020-12-20 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2020-12-19 22:03 - 2020-12-20 10:27 - 000000000 ____D C:\Program Files\CPUID 2020-12-19 22:03 - 2020-12-19 22:03 - 000000930 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2020-12-19 22:03 - 2020-12-19 22:03 - 000000930 _____ C:\ProgramData\Desktop\CPUID HWMonitor.lnk 2020-12-19 22:02 - 2020-12-19 22:02 - 001319136 _____ (CPUID, Inc. ) C:\Users\RazGlaz\Downloads\hwmonitor_1.43.exe ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-20 18:51 - 2020-01-26 16:04 - 000000000 ____D C:\Program Files\CCleaner 2020-12-20 18:49 - 2018-12-08 13:58 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-20 18:47 - 2018-12-26 18:28 - 000000000 ____D C:\Program Files (x86)\Steam 2020-12-20 18:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-12-20 18:46 - 2009-07-14 05:45 - 000015680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-12-20 18:46 - 2009-07-14 05:45 - 000015680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-12-20 18:38 - 2019-12-29 18:37 - 000740180 _____ C:\Windows\system32\perfh015.dat 2020-12-20 18:38 - 2019-12-29 18:37 - 000155754 _____ C:\Windows\system32\perfc015.dat 2020-12-20 18:38 - 2009-07-14 06:13 - 001669606 _____ C:\Windows\system32\PerfStringBackup.INI 2020-12-20 18:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2020-12-20 10:25 - 2020-09-05 18:20 - 000000000 ____D C:\Program Files (x86)\SpeedFan 2020-12-19 23:32 - 2020-04-01 06:35 - 000000000 ____D C:\Users\RazGlaz\AppData\Roaming\vlc 2020-12-19 21:01 - 2020-01-26 16:04 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-12-19 20:59 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2020-12-12 11:34 - 2018-12-08 13:28 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-12 11:34 - 2018-12-08 13:28 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-12-12 11:34 - 2018-12-08 13:28 - 000002189 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-12-05 21:33 - 2018-12-08 13:26 - 000003482 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-05 21:33 - 2018-12-08 13:26 - 000003354 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======== 2019-11-11 15:47 - 2019-11-11 15:47 - 000000729 _____ () C:\Users\RazGlaz\AppData\Local\recently-used.xbel 2008-02-05 14:28 - 2008-02-05 14:28 - 000000051 _____ () C:\Users\RazGlaz\AppData\Local\setup.txt ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\User32.dll [2018-12-26 18:49] - [2016-11-10 17:32] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E C:\Windows\SysWOW64\User32.dll [2019-01-19 19:43] - [2019-01-19 19:43] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356 LastRegBack: 2020-12-19 23:18 ==================== End of FRST.txt ========================