Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-06-2015 01 Ran by Korek (administrator) on KOREK-KOMPUTER on 23-06-2015 18:24:48 Running from C:\Users\Korek\Downloads Loaded Profiles: Korek (Available Profiles: Korek) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polski (Polska) Internet Explorer Version 10 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (welcome back) C:\Users\Korek\AppData\Local\Host installer\202798632_installcube.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-29] (Advanced Micro Devices, Inc.) HKLM\...\Run: [NeroCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKU\S-1-5-21-3568612267-3032798025-2432032161-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) HKU\S-1-5-21-3568612267-3032798025-2432032161-1000\...\Run: [uTorrent] => C:\Users\Korek\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.) HKU\S-1-5-21-3568612267-3032798025-2432032161-1000\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [3000704 2014-01-29] (ALLPlayer Group Ltd.) HKU\S-1-5-21-3568612267-3032798025-2432032161-1000\...\Run: [IPLA!] => C:\Program Files\ipla\ipla.exe [21360736 2014-12-12] (Redefine Sp z o.o.) HKU\S-1-5-21-3568612267-3032798025-2432032161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2010-01-12] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3568612267-3032798025-2432032161-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-3568612267-3032798025-2432032161-1000\Software\Microsoft\Internet Explorer\Main,Search Page = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-01-19] (Oracle Corporation) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-19] (Oracle Corporation) DPF: {68282C51-9459-467B-95BF-3C0E89627E55} Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] Tcpip\..\Interfaces\{9F961439-C909-45A1-BB2D-0EC1B37B1658}: [NameServer], Tcpip\..\Interfaces\{B5BBEE0F-2046-4F89-BC22-CDCDDE33DB85}: [NameServer],,,,,,,,, FireFox: ======== FF ProfilePath: C:\Users\Korek\AppData\Roaming\Mozilla\Firefox\Profiles\5kphwxk6.default FF Plugin: -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-11] () FF Plugin:,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-19] (Oracle Corporation) FF Plugin:,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-19] (Oracle Corporation) FF Plugin:,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3568612267-3032798025-2432032161-1000: -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-10-05] () FF user.js: detected! => C:\Users\Korek\AppData\Roaming\Mozilla\Firefox\Profiles\5kphwxk6.default\user.js [2015-06-23] FF Extension: Adblock Plus - C:\Users\Korek\AppData\Roaming\Mozilla\Firefox\Profiles\5kphwxk6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-17] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2014-11-19] () [File not signed] R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82168 2013-11-21] (EZB Systems, Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2014-11-19] () [File not signed] R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1174880 2012-02-14] (Ralink Technology Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-12-28] (Duplex Secure Ltd.) S3 TSSK; C:\Windows\System32\tssk.sys [67896 2015-06-22] (电脑管家) U3 a1ljj9f8; C:\Windows\system32\Drivers\a1ljj9f8.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder) U3 aw5ox84b; C:\Windows\system32\Drivers\aw5ox84b.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder) S3 catchme; \??\C:\Users\Korek\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-23 18:22 - 2015-06-23 18:22 - 00002966 _____ C:\Users\Korek\Desktop\AdwCleaner[R3].txt 2015-06-23 18:21 - 2015-06-23 18:22 - 00000000 ____D C:\AdwCleaner 2015-06-23 16:04 - 2015-06-23 16:04 - 00014840 _____ C:\ComboFix.txt 2015-06-23 15:44 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-06-23 15:44 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-06-23 15:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-06-23 15:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-06-23 15:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-06-23 15:44 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-06-23 15:44 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-06-23 15:44 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-06-23 15:39 - 2015-06-23 16:04 - 00000000 ____D C:\Qoobox 2015-06-23 15:38 - 2015-06-23 16:03 - 00000000 ____D C:\Windows\erdnt 2015-06-23 15:33 - 2015-06-23 15:37 - 05629494 ____R (Swearware) C:\Users\Korek\Downloads\ComboFix.exe 2015-06-23 08:28 - 2015-06-23 18:25 - 00008448 _____ C:\Users\Korek\Downloads\FRST.txt 2015-06-23 08:25 - 2015-06-23 18:24 - 00000000 ____D C:\FRST 2015-06-23 08:25 - 2015-06-23 08:25 - 01148928 _____ (Farbar) C:\Users\Korek\Downloads\FRST.exe 2015-06-23 08:04 - 2015-06-23 08:04 - 00030392 _____ (Tencent) C:\Windows\system32\Drivers\TS888.sys 2015-06-23 07:56 - 2015-06-23 16:01 - 00000534 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_0215pit_RML.job 2015-06-22 23:21 - 2015-06-23 18:18 - 00000526 _____ C:\Windows\Tasks\AVG_SYS_TASK_0215pit.job 2015-06-22 23:21 - 2015-06-23 18:18 - 00000392 _____ C:\Windows\Tasks\AVG_SYS_TASK_0215pit_DELETE.job 2015-06-22 23:21 - 2015-06-23 18:16 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Avg_Update_0215pit 2015-06-22 23:21 - 2015-06-23 18:16 - 00000000 ____D C:\ProgramData\Avg_Update_0215pit 2015-06-22 21:58 - 2015-06-23 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-06-22 21:57 - 2015-06-23 08:13 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-06-22 21:15 - 2015-06-22 21:15 - 00000000 ____D C:\Users\Korek\AppData\Roaming\AVG2015 2015-06-22 21:14 - 2015-06-23 16:20 - 00000000 ____D C:\Program Files\Common Files\AV 2015-06-22 21:14 - 2015-06-22 21:14 - 00000000 ____D C:\Users\Korek\AppData\Roaming\TuneUp Software 2015-06-22 21:12 - 2015-06-23 18:18 - 00000000 ____D C:\ProgramData\AVG2015 2015-06-22 21:12 - 2015-06-23 16:19 - 00000000 ____D C:\$AVG 2015-06-22 21:12 - 2015-06-22 21:12 - 00000000 ____D C:\ProgramData\TXQMPC 2015-06-22 21:08 - 2015-06-23 18:18 - 00000000 ____D C:\ProgramData\MFAData 2015-06-22 21:08 - 2015-06-22 21:20 - 00000000 ____D C:\Users\Korek\AppData\Local\Avg2015 2015-06-22 21:08 - 2015-06-22 21:08 - 00000000 ____D C:\Users\Korek\AppData\Local\MFAData 2015-06-22 21:00 - 2015-06-22 21:35 - 00000000 ____D C:\Program Files\gmsd_pl_005010010 2015-06-22 20:57 - 2015-06-22 20:56 - 00067896 _____ (电脑管家) C:\Windows\system32\TSSK.sys 2015-06-22 20:56 - 2015-06-23 08:09 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Tencent 2015-06-22 20:56 - 2015-06-22 21:57 - 00000000 ____D C:\Program Files\Common Files\Tencent 2015-06-22 20:56 - 2015-06-22 21:12 - 00000000 ____D C:\ProgramData\Tencent 2015-06-22 20:56 - 2015-06-22 20:56 - 00000000 ____D C:\Program Files\Tencent 2015-06-22 20:48 - 2015-06-22 20:48 - 00000000 ____D C:\Users\Korek\AppData\Roaming\ProductData 2015-06-22 20:47 - 2015-06-22 20:47 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Apple Computer 2015-06-22 20:46 - 2015-06-23 07:59 - 00000000 ____D C:\Program Files\IObit 2015-06-22 20:46 - 2015-06-22 20:48 - 00000000 ____D C:\ProgramData\IObit 2015-06-22 20:46 - 2015-06-22 20:47 - 00000000 ____D C:\Users\Korek\AppData\Roaming\IObit 2015-06-22 20:46 - 2015-06-22 20:47 - 00000000 ____D C:\ProgramData\ProductData 2015-06-22 20:46 - 2015-06-22 20:46 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled 2015-06-22 20:46 - 2015-06-22 20:46 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2015-06-22 20:46 - 2015-06-22 20:46 - 00000000 ____D C:\Program Files\Common Files\IObit 2015-06-22 20:46 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-06-22 20:45 - 2015-06-22 20:45 - 00001883 ___RS C:\Users\Public\Desktop\Lеaguе оf Lеgends.lnk 2015-06-22 20:45 - 2015-06-22 20:45 - 00001840 ___RS C:\Users\Korek\Desktop\Wоrld of Tаnks.lnk 2015-06-22 20:45 - 2015-06-22 20:45 - 00001513 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intеrnet Eхplоrer.lnk 2015-06-22 20:45 - 2015-06-22 20:45 - 00001451 ___RS C:\Users\Korek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Eхрlоrer.lnk 2015-06-22 20:45 - 2015-06-22 20:45 - 00001253 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzilla Firеfоx.lnk 2015-06-22 20:44 - 2015-06-22 20:45 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Browsers 2015-06-22 20:44 - 2015-06-22 20:44 - 00000000 ____D C:\Users\Korek\AppData\Roaming\SPI 2015-06-18 22:14 - 2015-06-18 22:58 - 00000000 ____D C:\Users\Korek\Desktop\asd 2015-06-18 22:11 - 2015-06-18 22:11 - 00000000 ____D C:\Program Files\SkanerOnline 2015-06-07 20:25 - 2015-06-07 20:25 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-06-03 09:59 - 2015-06-08 08:06 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-05-26 14:17 - 2015-06-09 21:26 - 00000000 ____D C:\Users\Korek\Desktop\la ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-23 18:23 - 2013-12-14 23:56 - 00000000 ____D C:\Users\Korek\Desktop\PROGRAMY 2015-06-23 18:22 - 2011-04-12 07:08 - 00739694 _____ C:\Windows\system32\perfh015.dat 2015-06-23 18:22 - 2011-04-12 07:08 - 00155268 _____ C:\Windows\system32\perfc015.dat 2015-06-23 18:22 - 2010-11-20 23:01 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-23 18:21 - 2010-01-12 07:18 - 01528384 _____ C:\Windows\WindowsUpdate.log 2015-06-23 18:19 - 2013-12-29 23:10 - 00000000 ____D C:\Users\Korek\AppData\Roaming\uTorrent 2015-06-23 18:18 - 2014-01-03 19:48 - 00000000 ____D C:\Users\Korek\AppData\Roaming\ipla 2015-06-23 18:18 - 2013-12-23 15:34 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-06-23 18:18 - 2010-11-20 23:48 - 00048036 _____ C:\Windows\PFRO.log 2015-06-23 18:18 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-23 18:18 - 2009-07-14 06:39 - 01022545 _____ C:\Windows\setupact.log 2015-06-23 18:03 - 2013-12-14 19:32 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-23 16:25 - 2009-07-14 06:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-23 16:25 - 2009-07-14 06:34 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-23 16:21 - 2014-08-20 20:37 - 00000000 ____D C:\Program Files\Java 2015-06-23 16:04 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default 2015-06-23 16:04 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public 2015-06-23 16:02 - 2009-07-14 04:04 - 00001081 _____ C:\Windows\system.ini 2015-06-23 16:01 - 2009-07-14 06:33 - 00416200 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-23 16:00 - 2009-07-14 04:03 - 43515904 _____ C:\Windows\system32\config\software.bak 2015-06-23 16:00 - 2009-07-14 04:03 - 18612224 _____ C:\Windows\system32\config\system.bak 2015-06-23 16:00 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\security.bak 2015-06-23 16:00 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\sam.bak 2015-06-23 16:00 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\default.bak 2015-06-23 08:00 - 2010-01-12 19:17 - 00109672 _____ C:\Users\Korek\AppData\Local\GDIPFONTCACHEV1.DAT 2015-06-22 21:34 - 2014-08-11 20:34 - 00000000 ____D C:\Program Files\CinemaP-1.4 2015-06-22 20:57 - 2010-01-12 19:13 - 00000000 ____D C:\Users\Korek\AppData\Local\VirtualStore 2015-06-22 20:45 - 2015-05-13 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-06-22 20:45 - 2015-05-01 12:03 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-06-22 20:45 - 2015-03-05 16:46 - 00000000 ____D C:\Users\Korek\Desktop\ELOPHANT 2015-06-22 20:45 - 2015-01-10 01:43 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Original War 2015-06-22 19:25 - 2014-10-02 23:38 - 00000000 ____D C:\Users\Korek\AppData\Local\SmartView2 2015-06-22 04:11 - 2015-01-19 19:46 - 00000085 _____ C:\Users\Korek\AppData\Roaming\WB.CFG 2015-06-16 19:50 - 2014-07-12 20:00 - 00000000 ____D C:\Users\Korek\AppData\Roaming\Skype 2015-06-13 23:28 - 2014-11-24 22:40 - 00000000 ____D C:\Program Files\Tibia 2015-06-11 17:05 - 2013-12-14 19:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-11 17:05 - 2013-12-14 19:32 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-08 08:06 - 2014-08-15 18:03 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-06-07 12:36 - 2015-01-05 16:51 - 00110080 ___SH C:\Users\Korek\Downloads\Thumbs.db 2015-06-04 17:00 - 2015-05-01 12:03 - 00000769 ____H C:\Users\Korek\Desktop\World of Tanks.lnk ==================== Files in the root of some directories ======= 2015-01-19 19:46 - 2015-06-22 04:11 - 0000085 _____ () C:\Users\Korek\AppData\Roaming\WB.CFG 2014-01-03 23:01 - 2014-01-03 23:01 - 0034018 _____ () C:\Users\Korek\AppData\Local\recently-used.xbel 2013-12-15 00:55 - 2014-04-26 21:07 - 0007607 _____ () C:\Users\Korek\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-23 17:06 ==================== End of log ============================