Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by PC (administrator) on PC-PC on 30-05-2015 12:30:57 Running from C:\Users\PC\Desktop Loaded Profiles: PC (Available Profiles: PC) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (France Telecom SA) C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Valve Corporation) C:\Gry\Steam\Steam.exe (Valve Corporation) C:\Gry\Steam\bin\steamwebhelper.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (Valve Corporation) C:\Gry\Steam\bin\steamwebhelper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\PC\Desktop\0v2u8491.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation) HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKU\S-1-5-21-448808044-3182844176-1093121363-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-448808044-3182844176-1093121363-1000\...\Run: [Steam] => C:\Gry\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-448808044-3182844176-1093121363-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-448808044-3182844176-1093121363-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 FireFox: ======== FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\nnssvkye.default-1430169013544 FF SelectedSearchEngine: AVG Secure Search FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin HKU\S-1-5-21-448808044-3182844176-1093121363-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-05-06] FF Extension: Live HTTP headers - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\nnssvkye.default-1430169013544\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2015-05-29] FF Extension: Firebug - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\nnssvkye.default-1430169013544\Extensions\firebug@software.joehewitt.com.xpi [2015-04-29] Chrome: ======= CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Bookmark Manager) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-14] CHR Extension: (Drive Notepad) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikhncegaj [2015-02-28] CHR Extension: (Agario Extended – Enhance Agar.io Gameplay) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflicjopopjcpojfoefhbpdncmjbcbin [2015-05-20] CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-04-13] () S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-29] (EasyAntiCheat Ltd) R2 FTRTSVC; C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [90112 2009-10-14] (France Telecom SA) [File not signed] R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.) S2 HiPatchService; C:\Gry\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-30] (Electronic Arts) S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-11] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation) S3 celavimushost; "C:\Gry\LigaCSGO\CEVO\CSGO Client Beta\CelavimusClientHelper.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-05-04] (AVG Technologies CZ, s.r.o.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-23] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2014-07-28] (Intel Corporation) S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [6784 2009-02-11] (SweetLow) [File not signed] S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [116864 2009-08-04] (Huawei Technologies Co., Ltd.) [File not signed] S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [116224 2009-08-04] (Huawei Technologies Co., Ltd.) [File not signed] R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-02-26] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation) R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [X] U3 pxldapoc; \??\C:\Users\PC\AppData\Local\Temp\pxldapoc.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2072-04-17 20:38 - 2015-04-27 23:10 - 00000000 ____D () C:\Users\PC\Desktop\Stare dane programu Firefox 2072-03-03 09:25 - 2072-03-03 09:25 - 00000000 ____D () C:\ProgramData\Avg_Update_0215tb 2015-05-30 12:30 - 2015-05-30 12:31 - 00017902 _____ () C:\Users\PC\Desktop\FRST.txt 2015-05-30 12:30 - 2015-05-30 12:31 - 00000000 ____D () C:\FRST 2015-05-30 12:28 - 2015-05-30 12:28 - 02108928 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe 2015-05-30 12:26 - 2015-05-30 12:26 - 00001098 _____ () C:\DelFix.txt 2015-05-28 06:22 - 2015-05-28 06:24 - 00000000 ____D () C:\Users\PC\Downloads\FTP 2015-05-28 05:13 - 2015-05-28 05:13 - 02752772 _____ () C:\Users\PC\Downloads\socialnettabs172.rar 2015-05-27 12:59 - 2015-05-27 12:59 - 00140538 _____ () C:\Users\PC\Downloads\friday-damn.mp4 2015-05-27 10:54 - 2015-05-27 10:54 - 18026779 _____ () C:\Users\PC\Downloads\Darude Astley - Sandroll.mp4 2015-05-27 10:52 - 2015-05-27 10:52 - 08297991 _____ () C:\Users\PC\Downloads\Epic Sax Guy - MLG Airhorn Remix.mp4 2015-05-27 10:49 - 2015-05-27 10:49 - 01501375 _____ () C:\Users\PC\Downloads\REMOVE WEED.mp4 2015-05-27 10:48 - 2015-05-27 10:48 - 02819050 _____ () C:\Users\PC\Downloads\REMOVE WEED 720p (Video Only).mp4 2015-05-27 10:41 - 2015-05-27 10:41 - 26202121 _____ () C:\Users\PC\Downloads\REMOVE 8-BIT.mp4 2015-05-27 06:39 - 2015-05-27 06:39 - 00002021 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk 2015-05-27 06:39 - 2015-05-27 06:39 - 00001997 _____ () C:\Users\PC\Desktop\888poker.lnk 2015-05-27 06:39 - 2015-05-27 06:39 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker 2015-05-27 06:39 - 2015-05-27 06:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker 2015-05-27 06:08 - 2015-05-27 06:08 - 01081072 _____ (Unity Technologies ApS) C:\Users\PC\Downloads\UnityWebPlayer.exe 2015-05-25 00:53 - 2015-05-25 01:02 - 00021336 _____ () C:\Users\PC\Documents\Untitled.veg 2015-05-25 00:53 - 2015-05-25 00:53 - 00015160 _____ () C:\Users\PC\Documents\Untitled.veg.bak 2015-05-25 00:32 - 2015-05-25 00:34 - 00074696 _____ () C:\Users\PC\Desktop\TEDE - PAŻAŁSTA (prod. SIR MICH) - VANILLAHAJS 2015.sfk 2015-05-25 00:32 - 2015-05-25 00:32 - 09552916 _____ () C:\Users\PC\Desktop\TEDE - PAŻAŁSTA (prod. SIR MICH) - VANILLAHAJS 2015.wav 2015-05-25 00:31 - 2015-05-25 00:32 - 00274336 _____ () C:\Users\PC\Desktop\TEDE - PAŻAŁSTA (prod. SIR MICH) - VANILLAHAJS 2015.mp4.sfk 2015-05-25 00:31 - 2015-05-25 00:31 - 15174141 _____ () C:\Users\PC\Desktop\TEDE - PAŻAŁSTA (prod. SIR MICH) - VANILLAHAJS 2015.mp4 2015-05-24 22:29 - 2015-05-24 22:29 - 00000203 _____ () C:\Users\PC\Desktop\Team Fortress 2.url 2015-05-23 04:00 - 2015-05-23 04:00 - 00001197 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk 2015-05-23 04:00 - 2015-05-23 04:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client 2015-05-23 04:00 - 2015-05-23 04:00 - 00000000 ____D () C:\Program Files (x86)\CEVO 2015-05-23 03:55 - 2015-05-23 03:55 - 24006320 _____ ( ) C:\Users\PC\Downloads\CEVO CSGO Client.exe 2015-05-22 07:21 - 2015-05-22 07:21 - 00561248 _____ (Oracle Corporation) C:\Users\PC\Downloads\jxpiinstall.exe 2015-05-22 06:05 - 2015-05-22 06:05 - 00000000 ____D () C:\ProgramData\Socialclub 2015-05-21 20:44 - 2015-05-21 20:44 - 00946592 _____ (NetBet Poker) C:\Users\PC\Downloads\SetupPoker.exe 2015-05-21 20:29 - 2015-05-21 20:29 - 02350736 _____ (PKR Ltd) C:\Users\PC\Downloads\pkrinstall.exe 2015-05-21 11:20 - 2015-05-21 11:20 - 00000000 ____D () C:\Users\PC\AppData\Local\Avg 2015-05-20 21:41 - 2015-05-20 21:41 - 00001630 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winner Poker.lnk 2015-05-20 21:41 - 2015-05-20 21:41 - 00001618 _____ () C:\Users\Public\Desktop\Winner Poker.lnk 2015-05-20 21:40 - 2015-05-20 21:41 - 00000000 ____D () C:\Program Files (x86)\Winner Poker 2015-05-19 21:39 - 2015-05-19 21:40 - 00338944 _____ () C:\Users\PC\Downloads\Skype Laughter Chain.mp4.sfk 2015-05-19 21:39 - 2015-05-19 21:40 - 00142080 _____ () C:\Users\PC\Downloads\Hahaha.mp4.sfk 2015-05-19 21:39 - 2015-05-19 21:39 - 11645561 _____ () C:\Users\PC\Downloads\Skype Laughter Chain.mp4 2015-05-19 21:39 - 2015-05-19 21:39 - 04281277 _____ () C:\Users\PC\Downloads\Hahaha.mp4 2015-05-19 18:21 - 2015-05-19 18:21 - 14225256 _____ () C:\Users\PC\Downloads\Jesse pinkman best moments.mp4 2015-05-19 09:16 - 2015-05-19 09:16 - 00359302 _____ () C:\Users\PC\Downloads\OutlookEX 1.0.0.0.zip 2015-05-19 03:31 - 2015-05-19 03:31 - 00005393 _____ () C:\Users\PC\Desktop\ruby.rb 2015-05-19 03:30 - 2015-05-19 03:33 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.2.2-p95-x64 2015-05-19 03:30 - 2015-05-19 03:33 - 00000000 ____D () C:\Ruby22-x64 2015-05-19 03:30 - 2015-05-19 03:30 - 18026431 _____ (RubyInstaller Team ) C:\Users\PC\Downloads\rubyinstaller-2.2.2-x64.exe 2015-05-15 14:20 - 2015-05-15 16:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-15 04:18 - 2015-05-15 04:18 - 00000000 ____D () C:\Users\PC\AppData\Local\Rockstar Games 2015-05-15 04:17 - 2015-05-15 12:04 - 00000000 ____D () C:\Program Files\Rockstar Games 2015-05-15 04:17 - 2015-05-15 12:04 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2015-05-15 03:58 - 2015-05-22 06:04 - 00000080 _____ () C:\Users\PC\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 2015-05-15 03:58 - 2015-05-15 04:19 - 00000000 ____D () C:\Users\PC\Documents\Rockstar Games 2015-05-15 03:36 - 2015-05-15 04:25 - 00000597 _____ () C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2015-05-15 03:36 - 2015-05-15 04:25 - 00000597 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk 2015-05-11 21:38 - 2015-05-11 21:40 - 00375144 _____ () C:\Windows\Minidump\051115-30716-01.dmp 2015-05-11 21:38 - 2015-05-11 21:38 - 601811297 _____ () C:\Windows\MEMORY.DMP 2015-05-11 20:27 - 2015-05-11 20:27 - 00000000 ____D () C:\Users\PC\AppData\Roaming\AMD 2015-05-11 06:19 - 2015-05-11 06:19 - 00000206 _____ () C:\Users\PC\Desktop\Path of Exile.url 2015-05-11 06:06 - 2015-05-11 06:06 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-05-11 06:05 - 2015-05-11 06:05 - 00000000 ____D () C:\ProgramData\ATI 2015-05-11 06:04 - 2015-05-27 22:54 - 00004456 _____ () C:\Windows\PFRO.log 2015-05-11 04:53 - 2015-05-30 00:01 - 00017444 _____ () C:\Windows\setupact.log 2015-05-11 04:53 - 2015-05-11 04:53 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-11 03:39 - 2015-05-11 03:39 - 00001508 _____ () C:\Users\Public\Desktop\Path of Exile.lnk 2015-05-11 03:39 - 2015-05-11 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games 2015-05-11 03:36 - 2015-05-11 03:36 - 07835648 _____ () C:\Users\PC\Downloads\PathOfExileInstaller.msi 2015-05-11 03:26 - 2015-05-11 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2015-05-11 03:25 - 2015-05-30 12:23 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Raptr 2015-05-11 03:25 - 2015-05-19 17:23 - 00000000 ____D () C:\Program Files (x86)\Raptr 2015-05-11 03:25 - 2015-05-11 03:25 - 00053564 _____ () C:\Windows\SysWOW64\CCCInstall_201505110325133935.log 2015-05-11 03:25 - 2015-05-11 03:25 - 00000000 ____D () C:\Users\PC\AppData\Roaming\library_dir 2015-05-11 03:25 - 2015-05-11 03:25 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2015-05-11 03:24 - 2015-05-11 03:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-05-11 03:23 - 2015-05-11 03:23 - 00000000 ____D () C:\Program Files (x86)\AMD 2015-05-11 03:16 - 2015-05-11 03:20 - 00000000 ____D () C:\Program Files\AMD 2015-05-11 03:08 - 2015-05-11 03:09 - 305225392 _____ (AMD Inc.) C:\Users\PC\Downloads\amd-catalyst-15.4beta-64bit-win7-apr9.exe 2015-05-11 03:06 - 2015-05-11 03:07 - 302470552 _____ (AMD Inc.) C:\Users\PC\Downloads\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe 2015-05-11 03:04 - 2015-05-11 03:07 - 00000000 ____D () C:\Users\PC\Documents\Battlefield 4 2015-05-10 20:36 - 2015-05-10 21:58 - 00000006 _____ () C:\Users\PC\Desktop\New Text Document (2).txt 2015-05-09 13:08 - 2015-05-09 13:09 - 00141577 _____ () C:\Users\PC\Downloads\ExcelCOM_UDF.au3 2015-05-09 13:07 - 2015-05-09 13:12 - 00009796 _____ () C:\Users\PC\Downloads\Outlook_Test.au3 2015-05-07 13:50 - 2015-05-07 13:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys 2015-05-07 13:49 - 2015-05-07 13:49 - 00253920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys 2015-05-07 13:49 - 2015-05-07 13:49 - 00220128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys 2015-05-06 21:51 - 2015-05-06 21:51 - 00458395 _____ () C:\Users\PC\Downloads\shot-20150506-1671-ocq3ce.jpeg 2015-05-06 21:50 - 2015-05-06 21:50 - 00467909 _____ () C:\Users\PC\Downloads\shot-20150506-1671-8zp8ul.jpeg 2015-05-06 18:26 - 2015-05-06 18:26 - 00000000 ____D () C:\Users\PC\Documents\hwmonitor_1.27 2015-05-05 13:33 - 2015-05-05 13:33 - 00000000 ____D () C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2015-05-04 14:14 - 2015-05-04 14:14 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys 2015-05-01 14:12 - 2015-05-01 14:12 - 00017661 _____ () C:\Users\PC\Desktop\gmer.txt 2015-05-01 13:43 - 2015-05-01 13:43 - 00380416 _____ () C:\Users\PC\Desktop\0v2u8491.exe 2015-04-30 23:18 - 2015-04-30 23:18 - 00000000 ____D () C:\Users\PC\AppData\Local\ESN 2015-04-30 23:16 - 2015-04-30 23:16 - 01533584 _____ () C:\Users\PC\Downloads\battlelog-web-plugins_2.6.2_157.exe 2015-04-30 23:01 - 2015-04-30 23:07 - 00000000 ____D () C:\Users\PC\AppData\Local\Origin 2015-04-30 23:00 - 2015-04-30 23:00 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk 2015-04-30 23:00 - 2015-04-30 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-04-30 23:00 - 2015-04-30 23:00 - 00000000 ____D () C:\Program Files (x86)\Origin ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-30 12:25 - 2014-10-17 00:05 - 01334132 _____ () C:\Windows\WindowsUpdate.log 2015-05-30 12:24 - 2014-10-17 00:25 - 00006462 _____ () C:\Windows\SysWOW64\Gms.log 2015-05-30 05:44 - 2014-10-17 00:09 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-30 05:22 - 2015-04-15 23:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-30 02:51 - 2014-10-20 11:42 - 00000000 ____D () C:\Users\PC\AppData\Roaming\OBS 2015-05-30 02:22 - 2014-10-21 09:20 - 00000000 ____D () C:\Users\PC\AppData\Roaming\vlc 2015-05-30 00:01 - 2014-10-17 00:09 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-30 00:00 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-29 21:07 - 2014-12-28 19:34 - 00000000 ____D () C:\ProgramData\MFAData 2015-05-28 10:02 - 2014-10-21 09:16 - 00000000 ____D () C:\Users\PC\AppData\Roaming\tixati 2015-05-27 22:54 - 2014-11-13 12:02 - 00000000 ____D () C:\Users\PC\AppData\Local\Unity 2015-05-27 06:41 - 2014-10-26 19:48 - 00000000 ____D () C:\Users\PC\Documents\888poker 2015-05-27 06:40 - 2015-04-29 01:02 - 00000000 ____D () C:\Users\PC\AppData\Roaming\PacificPoker 2015-05-27 06:39 - 2015-04-29 01:02 - 00000000 ____D () C:\Program Files (x86)\PacificPoker 2015-05-27 06:39 - 2014-10-26 19:48 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-05-27 06:28 - 2015-01-05 21:21 - 00000000 ____D () C:\Program Files (x86)\William Hill Poker 2015-05-26 12:20 - 2014-11-12 05:24 - 00000000 ____D () C:\Users\PC\AppData\Local\Popcorn-Time 2015-05-26 01:34 - 2015-04-16 16:59 - 00001573 _____ () C:\Users\PC\Desktop\New Text Document.txt 2015-05-26 00:46 - 2015-04-14 21:14 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-24 22:29 - 2014-10-17 00:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-05-24 07:00 - 2014-12-10 17:00 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype 2015-05-24 03:11 - 2015-04-23 02:20 - 00000000 ____D () C:\AutoEmpire 2015-05-23 08:31 - 2014-10-20 08:01 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2015-05-23 04:13 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2015-05-22 07:26 - 2014-11-23 20:52 - 00000000 ____D () C:\ProgramData\Oracle 2015-05-22 07:23 - 2014-11-23 20:52 - 00000000 ____D () C:\Program Files (x86)\Java 2015-05-22 07:22 - 2014-11-23 20:52 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-05-21 11:21 - 2015-04-25 00:31 - 00000995 _____ () C:\Users\Public\Desktop\AVG 2015.lnk 2015-05-21 11:21 - 2015-01-27 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-05-21 03:46 - 2014-10-17 03:22 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TS3Client 2015-05-19 05:39 - 2014-10-17 00:09 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-19 05:39 - 2014-10-17 00:09 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-15 16:02 - 2015-02-02 00:58 - 00000000 ____D () C:\Program Files (x86)\AutoIt3 2015-05-15 03:34 - 2014-10-23 20:13 - 00000000 ____D () C:\Users\PC\AppData\Roaming\DAEMON Tools Lite 2015-05-14 22:28 - 2015-04-16 01:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAMS 2015-05-11 21:38 - 2014-10-18 00:43 - 00000000 ____D () C:\Windows\Minidump 2015-05-11 09:46 - 2014-12-28 19:44 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar 2015-05-11 06:10 - 2014-10-17 01:54 - 00000000 ____D () C:\ProgramData\Origin 2015-05-11 05:24 - 2015-02-17 00:02 - 00000000 ____D () C:\Games 2015-05-11 05:24 - 2014-12-16 14:27 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics 2015-05-11 05:22 - 2014-11-01 11:32 - 00000000 ____D () C:\MSI 2015-05-11 05:22 - 2014-10-17 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI 2015-05-11 04:52 - 2014-10-17 00:36 - 00000000 ____D () C:\Program Files (x86)\MSI 2015-05-11 04:11 - 2014-10-17 01:58 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-05-11 04:11 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-11 04:00 - 2014-12-28 19:43 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp 2015-05-11 03:58 - 2015-04-22 23:33 - 00000000 ____D () C:\Program Files (x86)\Email Sender Deluxe 2015-05-11 03:57 - 2015-01-02 08:55 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive 2015-05-11 03:52 - 2015-01-02 10:19 - 00000000 ____D () C:\Users\PC\Documents\ArmA 2 2015-05-11 03:42 - 2014-10-25 05:52 - 00000000 ____D () C:\Users\PC\Documents\My Games 2015-05-11 03:37 - 2014-10-17 02:04 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Natural Selection 2 2015-05-11 03:29 - 2014-10-17 03:21 - 00000000 ____D () C:\Users\PC\AppData\Local\PAYDAY 2 2015-05-11 03:25 - 2014-10-17 01:04 - 00000000 ____D () C:\ProgramData\AMD 2015-05-11 03:22 - 2014-10-17 00:34 - 00000000 ____D () C:\Program Files\ATI Technologies 2015-05-11 03:16 - 2014-10-17 00:19 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-11 03:12 - 2014-10-17 01:02 - 00000000 ____D () C:\AMD 2015-05-11 02:55 - 2014-10-17 03:30 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-05-11 02:55 - 2014-10-17 03:30 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2015-05-11 02:55 - 2014-10-17 03:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-05-11 01:56 - 2014-10-18 08:32 - 00348672 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2015-05-10 20:51 - 2009-07-14 07:13 - 00885596 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-10 04:41 - 2014-10-17 01:40 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2015-05-10 04:41 - 2014-10-17 01:40 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2015-05-10 04:41 - 2014-10-17 01:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-05-09 17:26 - 2015-01-02 12:42 - 00000000 ____D () C:\Users\PC\AppData\Local\ArmA 2 OA 2015-05-07 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-05-05 13:33 - 2014-10-17 02:30 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Adobe 2015-05-04 11:56 - 2015-04-15 21:25 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Notepad++ 2015-05-01 13:36 - 2009-07-14 07:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT ==================== Files in the root of some directories ======= 2015-01-30 03:18 - 2015-01-30 03:28 - 0000132 _____ () C:\Users\PC\AppData\Roaming\Adobe GIF Format CS6 Prefs 2015-01-28 22:22 - 2015-02-09 17:40 - 0000132 _____ () C:\Users\PC\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-03-01 01:34 - 2015-03-01 01:34 - 0056554 _____ () C:\Users\PC\AppData\Roaming\icarus-dxdiag.xml 2014-10-21 06:39 - 2014-10-21 07:23 - 0000097 _____ () C:\Users\PC\AppData\Roaming\LauncherSettings_live.cfg 2014-10-21 06:32 - 2014-10-21 06:47 - 0000040 _____ () C:\Users\PC\AppData\Roaming\TheHunterSettings_steam_live.cfg 2015-02-18 01:13 - 2015-02-18 01:13 - 0000000 ___SH () C:\Users\PC\AppData\Local\LumaEmu 2015-03-21 04:10 - 2015-03-21 04:10 - 0007627 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 15:26 ==================== End of log ============================