Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 Ran by jino (administrator) on DESKTOP-0UDS89G (11-09-2017 16:29:56) Running from C:\Users\etien\Desktop Loaded Profiles: jino & Spinarcade (Available Profiles: defaultuser0 & jino & Spinarcade & spinarcarde 2) Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Mad Catz Inc) C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mad Catz Inc) C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Flux Software LLC) C:\Users\etien\AppData\Local\FluxSoftware\Flux\flux.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.) HKLM\...\Run: [RAT6] => C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe [602112 2016-12-16] (Mad Catz Inc) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation) HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [f.lux] => C:\Users\etien\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC) HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [Discord] => C:\Users\etien\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.) HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd) HKU\S-1-5-21-3245822033-826601420-1181538639-1001\...\Run: [GoogleChromeAutoLaunch_4EAD62F6C3B1F672AAD4D3D76A11ED8C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1301848 2017-08-23] (Google Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2017-02-14] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-02-14] ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-02-14] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) Startup: C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Enregistrement du produit.lnk [2017-03-22] ShortcutTarget: Logitech . Enregistrement du produit.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech) Startup: C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-01] ShortcutTarget: Twitch.lnk -> C:\Users\etien\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.) GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0365d22f-f26d-4c3e-b785-2dc3c10275ac}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{1627b5cf-0e8d-4caf-94b2-88804fd1b678}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{91434800-1e43-4fe9-8614-e29d78a510fb}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b722ced3-3f94-4cf8-bcec-de7b452c852f}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-20] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-20] (Oracle Corporation) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab) FireFox: ======== FF DefaultProfile: ac5jf35o.default FF ProfilePath: C:\Users\etien\AppData\Roaming\Mozilla\Firefox\Profiles\ac5jf35o.default [2017-09-11] FF Extension: (uBlock Origin) - C:\Users\etien\AppData\Roaming\Mozilla\Firefox\Profiles\ac5jf35o.default\Extensions\uBlock0@raymondhill.net.xpi [2017-09-03] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-24] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-20] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> E:\vlc\npvlc.dll [2017-05-24] (VideoLAN) Chrome: ======= CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default [2017-09-11] CHR Extension: (Google Docs) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-14] CHR Extension: (Google Drive) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-14] CHR Extension: (YouTube) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-14] CHR Extension: (uBlock Origin) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-09-06] CHR Extension: (Tampermonkey) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-16] CHR Extension: (Kaspersky Protection) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-05-19] CHR Extension: (EditThisCookie) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-02-14] CHR Extension: (Bureau à distance Google Chrome) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-23] CHR Extension: (Google Docs hors connexion) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-14] CHR Extension: (Testapic - Test Utilisateur à distance) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcpehlhkigdkffkkbimmaocmbpgfbbp [2017-06-29] CHR Extension: (Google Hangouts) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-05-04] CHR Extension: (Google Play Books) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-02-14] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-14] CHR Extension: (Chrome Media Router) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08] CHR Extension: (Always Weather) - C:\Users\etien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcboldhlmhecoigccicmippjglnhhic [2017-09-11] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation) S4 AppVClient; C:\WINDOWS\system32\AppVClient.exe [846752 2017-07-07] (Microsoft Corporation) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-02-15] () R2 CDPUserSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 CDPUserSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 CDPUserSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 CDPUserSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe [71512 2017-07-31] (Google Inc.) S3 DevicesFlowUserSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 DevicesFlowUserSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 DevicesFlowUserSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 DevicesFlowUserSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-24] (Logitech Inc.) S3 MBAMService; E:\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 MessagingService_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 MessagingService_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 MessagingService_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 MessagingService_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation) S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation) S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation) R2 OneSyncSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 OneSyncSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 OneSyncSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 OneSyncSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts) S3 PimIndexMaintenanceSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 PimIndexMaintenanceSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) R3 PimIndexMaintenanceSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation) R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-07-07] (Microsoft Corporation) R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-07-07] (Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation) S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation) S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-05-20] (Microsoft Corporation) S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation) R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation) S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation) S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation) S4 UevAgentService; C:\WINDOWS\system32\AgentService.exe [1200640 2017-03-19] (Microsoft Corporation) S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation) S3 UnistoreSvc_5685f; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 UnistoreSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) R3 UnistoreSvc_f74cf; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R3 UnistoreSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) S3 UserDataSvc_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 UserDataSvc_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) R3 UserDataSvc_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R3 UserDataSvc_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation) S3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) R2 WpnUserService_5685f; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 WpnUserService_5685f; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 WpnUserService_f74cf; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) R2 WpnUserService_f74cf; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-06-03] (Microsoft Corporation) R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-06-03] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) S3 cpuz140; C:\Users\etien\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2017-09-06] (CPUID) <==== ATTENTION R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197312 2017-07-24] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520152 2017-07-24] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186696 2017-09-11] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021624 2017-07-24] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-03-29] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-18] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-05-18] (AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-05-18] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-05-18] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-05-18] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-29] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-24] (AO Kaspersky Lab) R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-01-23] (Logitech Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-14] (Malwarebytes) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation) S3 Said506F; C:\WINDOWS\System32\drivers\Said506F.sys [25920 2017-07-06] (Saitek) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-11 16:29 - 2017-09-11 16:30 - 000029366 _____ C:\Users\etien\Desktop\FRST.txt 2017-09-11 16:29 - 2017-09-11 16:29 - 002396672 _____ (Farbar) C:\Users\etien\Desktop\FRST64.exe 2017-09-11 16:29 - 2017-09-11 16:29 - 000000000 ____D C:\FRST 2017-09-11 16:07 - 2017-09-11 16:07 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3245822033-826601420-1181538639-1002 2017-09-11 16:03 - 2017-09-11 16:03 - 000000560 __RSH C:\ProgramData\ntuser.pol 2017-09-11 12:00 - 2017-09-11 12:00 - 000000577 _____ C:\Users\etien\Desktop\blender.lnk 2017-09-11 12:00 - 2017-09-11 12:00 - 000000000 ____D C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender 2017-09-11 12:00 - 2017-09-11 12:00 - 000000000 ____D C:\Users\etien\.thumbnails 2017-09-11 11:57 - 2017-09-11 11:59 - 090013988 _____ C:\Users\etien\Desktop\blender-2.78c-windows64.msi 2017-09-06 23:22 - 2017-09-06 23:22 - 000503454 _____ C:\Users\etien\Downloads\Squirtle_Keychain.zip 2017-09-06 23:21 - 2017-09-06 23:21 - 000513494 _____ C:\Users\etien\Downloads\Bulbasaur_Keychain.zip 2017-09-06 23:21 - 2017-09-06 23:21 - 000508537 _____ C:\Users\etien\Downloads\Charmander_Keychain.zip 2017-09-06 23:16 - 2017-09-06 23:16 - 004827575 _____ C:\Users\etien\Downloads\Untitled.zip 2017-09-06 16:31 - 2017-09-06 16:31 - 000395170 _____ C:\Users\etien\Desktop\Universal_Mobile_Phone_Stand_cum_Visiting_Card_Holder.zip 2017-09-05 08:57 - 2017-09-05 08:57 - 000061586 _____ C:\Users\etien\Downloads\JDR.zip 2017-09-02 21:31 - 2012-09-20 05:00 - 000390656 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBL.DLL 2017-08-28 22:54 - 2017-07-31 13:29 - 1574909877 _____ C:\Users\etien\Desktop\Your.Name.2016.FANSUB.VOSTFR.1080p.BluRay.x264.ACOOL.Zone-Telechargement.Ws.mkv 2017-08-28 22:42 - 2017-08-28 22:42 - 030950664 _____ C:\Users\etien\Downloads\vlc-2.2.6-win32.exe 2017-08-26 01:45 - 2017-08-26 01:45 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-08-26 01:45 - 2017-08-26 01:45 - 000001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-08-17 23:09 - 2017-08-17 23:09 - 000070831 _____ C:\Users\etien\Downloads\ETIENNE_Pierre-Gabriel.cv.docx.pdf 2017-08-17 23:07 - 2017-08-17 23:07 - 000084005 _____ C:\Users\etien\Downloads\ETIENNE_Pierre-Gabriel.cv2017.docx.pdf 2017-08-16 22:51 - 2017-08-16 22:51 - 000000000 ____D C:\Users\etien\AppData\LocalLow\WeirdBeard 2017-08-14 22:06 - 2017-08-14 22:06 - 000001237 _____ C:\Users\Public\Desktop\3D Objects.lnk 2017-08-14 22:06 - 2017-08-14 22:06 - 000001097 _____ C:\Users\Public\Desktop\MultiMaterial PostProcessor.lnk 2017-08-14 22:06 - 2017-08-14 22:06 - 000000933 _____ C:\Users\Public\Desktop\Prusa3D Slic3r MK2 Multi Material.lnk 2017-08-14 22:06 - 2017-08-14 22:06 - 000000929 _____ C:\Users\Public\Desktop\Prusa3D Slic3r MK2.lnk 2017-08-14 22:06 - 2017-08-14 22:06 - 000000905 _____ C:\Users\Public\Desktop\FirmwareUpdater.lnk 2017-08-14 22:06 - 2017-08-14 22:06 - 000000868 _____ C:\Users\Public\Desktop\ColorPrint.lnk 2017-08-14 22:06 - 2017-08-14 22:06 - 000000823 _____ C:\Users\Public\Desktop\Pronterface.lnk 2017-08-14 22:06 - 2017-08-14 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D 2017-08-14 22:06 - 2015-09-23 14:12 - 000000625 _____ C:\Users\etien\printrunconf.ini 2017-08-14 21:55 - 2017-08-14 22:01 - 246472224 _____ (Prusa Research s.r.o. ) C:\Users\etien\Downloads\prusa3d_win_1_8_0.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-11 16:23 - 2017-07-06 16:33 - 000003392 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} 2017-09-11 16:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-11 16:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-11 16:18 - 2017-03-01 20:32 - 000000000 ____D C:\Users\Spinarcade\AppData\Local\Packages 2017-09-11 16:13 - 2017-04-16 16:48 - 002253102 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-11 16:10 - 2017-05-18 23:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-09-11 16:10 - 2017-04-16 16:41 - 000000000 ____D C:\ProgramData\NVIDIA 2017-09-11 16:09 - 2017-04-16 16:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-11 16:07 - 2017-04-16 16:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-11 16:07 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-09-11 16:07 - 2017-03-01 20:33 - 000002378 _____ C:\Users\Spinarcade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-11 16:07 - 2017-03-01 20:33 - 000000000 ___RD C:\Users\Spinarcade\OneDrive 2017-09-11 16:06 - 2017-02-14 12:44 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-11 16:05 - 2017-04-16 16:41 - 000000000 ____D C:\Users\etien 2017-09-11 16:05 - 2017-02-14 12:45 - 000000000 ___RD C:\Users\etien\OneDrive 2017-09-11 16:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-09-11 16:03 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-09-09 10:05 - 2017-07-27 08:42 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3245822033-826601420-1181538639-1001 2017-09-09 10:05 - 2017-02-14 12:45 - 000002363 _____ C:\Users\etien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-07 12:22 - 2017-02-20 15:44 - 000000000 ____D C:\Users\etien\AppData\Roaming\.minecraft 2017-09-06 15:49 - 2017-02-14 14:58 - 000000000 ____D C:\Users\etien\AppData\Roaming\discord 2017-09-03 10:27 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-09-02 21:35 - 2017-02-14 12:44 - 000000000 ____D C:\Users\etien\AppData\Local\Packages 2017-08-29 23:15 - 2017-03-19 10:27 - 000000000 ____D C:\Program Files (x86)\Origin 2017-08-29 20:32 - 2017-02-17 01:21 - 000000000 ____D C:\Users\etien\AppData\Roaming\vlc 2017-08-29 16:08 - 2017-02-14 12:55 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-28 09:07 - 2017-07-01 02:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-08-28 09:07 - 2017-03-19 15:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-08-26 01:59 - 2017-03-19 15:54 - 000000000 ____D C:\Users\etien\AppData\LocalLow\Mozilla 2017-08-23 18:20 - 2017-02-14 12:51 - 000000000 ____D C:\Program Files (x86)\Google 2017-08-14 22:08 - 2017-04-13 10:04 - 000000000 ____D C:\Users\etien\AppData\Roaming\NVIDIA 2017-08-14 22:07 - 2017-07-06 16:32 - 000000000 ____D C:\Program Files\DIFX 2017-08-12 02:59 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache Some files in TEMP: ==================== 2017-07-20 22:36 - 2017-07-20 22:36 - 000739904 _____ (Oracle Corporation) C:\Users\etien\AppData\Local\Temp\jre-8u141-windows-au.exe 2017-06-01 19:46 - 2017-05-01 22:14 - 000869200 _____ (NVIDIA Corporation) C:\Users\etien\AppData\Local\Temp\nvSCPAPI64.dll 2017-08-07 00:34 - 2017-05-01 22:14 - 000367552 _____ (NVIDIA Corporation) C:\Users\etien\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-09-09 21:52 ==================== End of FRST.txt ============================