Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by moje (administrator) on MOJE-PC (16-03-2019 10:33:45)
Running from E:\aaaa
Loaded Profiles: moje (Available Profiles: moje)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1937610722-1383638132-2784289529-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd -> DT Soft Ltd)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [182272 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [92160 2012-02-15] () [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{478B868A-6B5C-4FBA-8353-921666486E3F}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\moje\AppData\Roaming\Mozilla\Firefox\Profiles\cd6w2xle.default [2019-03-15]
FF Homepage: Mozilla\Firefox\Profiles\cd6w2xle.default -> seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-14] (Adobe Systems Incorporated -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-01-23] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-01-23] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-04] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-04] (Google Inc -> Google Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2011-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S2 FLEXnet Licensing Manager; C:\Windows\SysWOW64\regw2.exe [833273 2019-01-03] ( ) [File not signed]
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6862848 2011-03-16] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [264192 2011-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-15] (AVAST Software s.r.o. -> AVAST Software)
R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie64.sys [16440 2010-03-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [3063360 2019-01-04] (Broadcom Corporation -> Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2019-01-03] (DT Soft Ltd -> DT Soft Ltd)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2010-06-02] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2011-05-09] (SONIX TECHNOLOGY CO. , LTD -> )
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505856 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-16 10:33 - 2019-03-16 10:33 - 000000000 ____D C:\FRST
2019-03-16 10:31 - 2019-03-16 10:31 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-03-16 10:17 - 2019-03-16 10:31 - 000000000 ____D C:\rsit
2019-03-16 09:47 - 2019-03-16 09:47 - 000000000 _____ C:\Users\moje\AppData\Local\{60D58F51-B1E9-48E6-9FD2-6DF5998DAC00}
2019-03-15 12:12 - 2019-03-15 12:12 - 000002079 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-03-15 12:12 - 2019-03-15 12:12 - 000000000 ____D C:\Users\moje\AppData\Roaming\AVAST Software
2019-03-15 12:12 - 2019-03-15 12:12 - 000000000 ____D C:\Users\moje\AppData\Local\AVAST Software
2019-03-15 12:12 - 2019-03-15 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-03-15 12:11 - 2019-03-15 12:10 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-15 12:11 - 2019-03-15 12:10 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-15 12:11 - 2019-03-15 12:10 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-03-15 12:09 - 2019-03-15 12:09 - 000000000 ____D C:\Program Files\AVAST Software
2019-03-15 11:32 - 2019-03-15 13:29 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2019-03-15 11:32 - 2019-03-15 12:25 - 000001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2019-03-15 11:32 - 2019-03-15 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2019-03-15 11:32 - 2019-03-15 12:25 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2019-03-15 11:32 - 2019-03-15 11:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-15 11:32 - 2015-10-05 09:50 - 000109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2019-03-15 11:32 - 2015-10-05 09:50 - 000063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2019-03-15 11:32 - 2015-10-05 09:50 - 000025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-03-15 11:27 - 2019-03-15 11:28 - 000000000 ____D C:\AdwCleaner
2019-03-15 08:55 - 2019-03-16 10:33 - 000661548 _____ C:\Windows\ntbtlog.txt
2019-03-14 19:10 - 2019-03-14 19:10 - 000000006 _____ C:\Users\moje\Desktop\Výlety.txt
2019-03-14 16:29 - 2019-03-14 16:29 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2019-03-10 20:15 - 2019-03-10 20:15 - 000000933 _____ C:\Users\moje\Desktop\skála.htm
2019-03-10 18:24 - 2019-03-10 18:33 - 1077390428 _____ C:\Users\moje\Desktop\Venom (2018) CZ dabing.avi
2019-03-10 18:14 - 2019-03-10 18:29 - 1374782174 _____ C:\Users\moje\Desktop\Mission Impossible Fallout (2018) BRRip CZ dabing NOVINKA.mkv
2019-03-10 17:58 - 2019-03-10 18:10 - 731965440 _____ C:\Users\moje\Desktop\Novinka-Super-8-cz-dabing-dobry-vob.avi
2019-03-10 17:56 - 2019-03-10 18:13 - 1474134594 _____ C:\Users\moje\Desktop\Accident Man (2018) DVDRip .XviD CZ tit.v obraze-Super-Akční-,novinka,novinky.mkv
2019-03-04 19:12 - 2019-03-04 19:31 - 1343462490 _____ C:\Users\moje\Desktop\Bláznivá zatracená láska 2011 cz.avi

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-16 10:32 - 2011-04-12 09:34 - 000622422 _____ C:\Windows\system32\perfh005.dat
2019-03-16 10:32 - 2011-04-12 09:34 - 000118604 _____ C:\Windows\system32\perfc005.dat
2019-03-16 10:32 - 2009-07-14 06:13 - 001445734 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-16 10:32 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-03-16 10:17 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-15 13:23 - 2009-07-14 06:08 - 000025936 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-15 13:21 - 2019-01-03 14:08 - 000000000 ____D C:\Users\moje
2019-03-15 12:11 - 2019-01-04 13:07 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-15 12:08 - 2019-01-18 19:33 - 000000000 ____D C:\Users\moje\AppData\LocalLow\Mozilla
2019-03-15 12:08 - 2019-01-04 13:03 - 000000000 ____D C:\ProgramData\AVAST Software
2019-03-15 12:02 - 2009-07-14 05:45 - 000000000 ____D C:\Windows\Setup
2019-03-14 07:09 - 2019-01-27 18:31 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-14 07:09 - 2019-01-27 18:31 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-14 07:09 - 2019-01-27 18:31 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-14 07:09 - 2019-01-27 18:31 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-14 07:09 - 2019-01-27 18:31 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-14 07:09 - 2019-01-27 18:31 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-10 20:18 - 2019-01-03 14:53 - 000000244 _____ C:\Users\moje\Desktop\Dovolená 2019.txt
2019-03-07 23:09 - 2019-01-03 14:21 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-07 23:09 - 2019-01-03 14:21 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-07 20:58 - 2019-01-04 13:07 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-03-02 09:49 - 2019-01-04 12:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-01 15:01 - 2019-01-16 19:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-16 11:06 - 2019-01-03 14:54 - 000013793 _____ C:\Users\moje\Desktop\Peněžní deník 2017 vzor.xlsx

==================== Files in the root of some directories =======

2019-03-16 09:47 - 2019-03-16 09:47 - 000000000 _____ () C:\Users\moje\AppData\Local\{60D58F51-B1E9-48E6-9FD2-6DF5998DAC00}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2019-01-03 14:11] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 04:24] - [2019-01-03 14:11] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-04 20:03

==================== End of FRST.txt ============================