Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Batur (administrator) on UWOOTM8 (19-01-2016 17:54:03)
Running from D:\downloads
Loaded Profiles: Batur (Available Profiles: Batur)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) D:\Virtual router\VirtualRouterService.exe
() D:\altera\15.0\quartus\bin64\jtagserver.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Users\Public\Documents\Microsoft\Assistance\Tools\TPAutoConnect32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\G-Ignition\Gignition.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) D:\Virtual router\VirtualRouterClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Corsair Components, Inc.) D:\Program Files (x86)\corsair\Corsair Utility Engine\CorsairHID.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600320 2015-02-03] (Razer Inc)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1592104 2015-08-15] (Sophos Limited)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [13532992 2015-11-25] (Corsair Components, Inc.)
HKLM\...\Policies\Explorer\Run: [906283487] => C:\ProgramData\msmrj.exe [131584 2015-10-30] ()
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3771904 2014-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Run: [EADM] => D:\Origin\Origin.exe [3639280 2015-12-18] (Electronic Arts)
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Run: [Uwwxmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Batur\AppData\Local\Ummvmedia\Kinnect.dll
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-4102090558-3015027187-1112045808-1001\...\Policies\Explorer: [HideSCAHealth] 1
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [275352 2015-07-15] (Sophos Limited)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\G-Ignition Ver1.0.2.lnk [2015-02-21]
ShortcutTarget: G-Ignition Ver1.0.2.lnk -> C:\Program Files (x86)\EIZO\G-Ignition\Gignition.exe (EIZO Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2015-05-26]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Virtual Router Manager.lnk [2015-09-13]
ShortcutTarget: Virtual Router Manager.lnk -> C:\Windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_118D1A4EFFA6998C3492EB.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{0c04d217-cccb-4c06-b225-c48e4daf859f}: [DhcpNameServer] 141.35.1.16 141.35.1.80
Tcpip\..\Interfaces\{822a1f9b-c058-4f42-b730-26cc6a2cbb8a}: [NameServer] 192.168.42.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-12-19] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-12-19] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-19] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-19] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Batur\AppData\Roaming\Mozilla\Firefox\Profiles\nhozdmj0.default-1431731637729
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-02] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-12-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-12-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-02] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-27] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4102090558-3015027187-1112045808-1001: ubisoft.com/uplaypc -> D:\Games\Ubisoft Game Launcher\npuplaypc.dll [2015-12-20] ()
FF Extension: Flash and Video Download - C:\Users\Batur\AppData\Roaming\Mozilla\Firefox\Profiles\nhozdmj0.default-1431731637729\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-01-03]
FF Extension: BetterPrivacy - C:\Users\Batur\AppData\Roaming\Mozilla\Firefox\Profiles\nhozdmj0.default-1431731637729\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-01-13]
FF Extension: NASA Night Launch - C:\Users\Batur\AppData\Roaming\Mozilla\Firefox\Profiles\nhozdmj0.default-1431731637729\Extensions\
[email protected] [2016-01-13]
FF Extension: Steam Inventory Helper - C:\Users\Batur\AppData\Roaming\Mozilla\Firefox\Profiles\nhozdmj0.default-1431731637729\Extensions\
[email protected] [2015-05-28] [not signed]
FF Extension: Adblock Plus - C:\Users\Batur\AppData\Roaming\Mozilla\Firefox\Profiles\nhozdmj0.default-1431731637729\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-30] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-30] (BitRaider, LLC)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-01-25] (EasyAntiCheat Ltd)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
S3 GalaxyClientService; D:\Games\GalaxyClient\GalaxyClientService.exe [1751096 2015-06-09] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-19] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 JTAGServer; D:\altera\15.0\quartus\bin64\jtagserver.exe [310784 2015-04-23] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2015-12-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-13] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-25] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2015-07-15] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-07-15] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [340264 2015-08-15] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2015-07-15] (Sophos Limited)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300840 2015-07-15] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3278632 2015-07-15] (Sophos Limited)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R2 Virtual Router; D:\Virtual router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-30] (BitRaider)
S3 busenum; C:\Windows\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [File not signed]
S3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-05-18] (Corsair)
S3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-05-18] (Corsair)
R1 ESEADriver2; C:\Users\Batur\AppData\Local\Temp\ESEADriver2.sys [317064 2016-01-06] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation )
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2015-07-15] (Sophos Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2015-07-15] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2015-07-15] (Sophos Limited)
S3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [25088 2015-01-27] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\drivers\sshid.sys [51392 2015-10-27] (SteelSeries ApS)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-07-15] (Sophos Limited)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2016-01-14] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-19 17:53 - 2016-01-19 17:54 - 00000000 ____D C:\FRST
2016-01-19 17:34 - 2016-01-19 17:34 - 00000000 ___HD C:\OneDriveTemp
2016-01-16 17:12 - 2016-01-16 17:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-16 17:12 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-16 17:12 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-16 17:11 - 2016-01-16 17:11 - 00000000 ____D C:\ProgramData\WarThunder
2016-01-14 15:22 - 2015-07-15 00:35 - 00032512 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys
2016-01-14 10:06 - 2016-01-14 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-14 10:06 - 2016-01-14 15:30 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 10:06 - 2016-01-14 15:29 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-14 10:06 - 2016-01-14 10:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-14 10:04 - 2016-01-14 15:49 - 00000000 ____D C:\Users\Batur\Desktop\mbar
2016-01-14 09:32 - 2016-01-14 10:06 - 00000000 ____D C:\ProgramData\RogueKiller
2016-01-14 09:32 - 2016-01-14 09:32 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-01-14 08:36 - 2016-01-14 08:36 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2016-01-14 08:16 - 2016-01-14 10:34 - 00000000 ____D C:\Users\Batur\AppData\Local\Ummvmedia
2016-01-13 16:46 - 2016-01-14 10:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-13 14:36 - 2016-01-13 14:36 - 00002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-13 14:36 - 2016-01-13 14:36 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-13 14:36 - 2016-01-13 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-13 14:36 - 2016-01-13 14:36 - 00000000 ____D C:\Program Files\CCleaner
2016-01-12 19:53 - 2016-01-12 19:55 - 00000000 ____D C:\Users\Batur\AppData\Roaming\.technic
2016-01-12 03:44 - 2016-01-12 03:44 - 00003438 _____ C:\WINDOWS\System32\Tasks\ThinPrint AutoConnect component for 32 bit applications
2016-01-12 03:43 - 2016-01-12 03:43 - 00000000 ____D C:\Users\Batur\AppData\LocalLow\uTorrent
2016-01-10 17:38 - 2016-01-10 17:38 - 00000000 ____D C:\Users\Batur\Desktop\New folder (9)
2016-01-08 06:07 - 2016-01-08 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2016-01-08 06:04 - 2016-01-08 06:04 - 00008703 _____ C:\WINDOWS\unins000.dat
2016-01-08 06:04 - 2016-01-08 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2016-01-08 06:04 - 2016-01-08 06:02 - 01192831 _____ C:\WINDOWS\unins000.exe
2016-01-05 16:04 - 2016-01-05 16:04 - 00868705 _____ C:\Users\Batur\Desktop\Bericht_fertig.pdf
2016-01-03 15:55 - 2016-01-13 05:28 - 00000000 ____D C:\Users\Batur\Desktop\Ausenhandel
2016-01-02 14:01 - 2016-01-02 14:01 - 00000000 ____D C:\Users\Batur\AppData\Local\UnrealEngine
2016-01-02 14:01 - 2016-01-02 14:01 - 00000000 ____D C:\Users\Batur\AppData\Local\Squad
2015-12-24 02:19 - 2015-12-24 02:19 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-12-24 02:18 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-24 02:18 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-24 02:18 - 2015-12-16 15:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-24 02:15 - 2015-12-16 17:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00416560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00370992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00339760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-24 02:15 - 2015-12-16 17:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-20 02:12 - 2016-01-12 17:02 - 00000000 ____D C:\Users\Batur\Desktop\New folder (8)
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-19 17:53 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-19 17:41 - 2015-01-25 20:25 - 00000000 ____D C:\Users\Batur\AppData\Roaming\Skype
2016-01-19 17:40 - 2015-04-17 21:07 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-19 17:39 - 2015-11-29 16:47 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-19 17:39 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-19 17:37 - 2015-12-19 03:44 - 00000000 ____D C:\Users\Batur\AppData\Local\LogMeIn Hamachi
2016-01-19 17:37 - 2015-01-25 18:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-19 17:34 - 2015-05-13 23:23 - 00000000 ___RD C:\Users\Batur\OneDrive
2016-01-19 17:34 - 2015-01-25 18:14 - 00000000 ____D C:\Users\Batur\AppData\Roaming\TS3Client
2016-01-19 17:33 - 2015-11-29 16:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-19 17:33 - 2015-11-29 16:37 - 00000000 ____D C:\Users\Batur
2016-01-19 17:33 - 2015-11-29 16:36 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-19 17:33 - 2015-09-13 13:59 - 00000649 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-01-19 17:33 - 2015-04-17 21:07 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-19 17:32 - 2015-01-31 03:19 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-19 15:20 - 2015-12-19 19:06 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8D62F70C-6346-415B-8AD3-FD7BB97EBB89}
2016-01-19 00:55 - 2015-03-21 17:38 - 00000000 ____D C:\Users\Batur\AppData\Local\Battle.net
2016-01-18 16:09 - 2015-05-24 22:59 - 00000000 ____D C:\Users\Batur\AppData\Local\CrashDumps
2016-01-18 14:14 - 2015-02-19 09:49 - 00000000 ____D C:\Users\Batur\AppData\Local\Steam
2016-01-18 10:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-17 14:42 - 2015-01-25 20:24 - 00000000 ____D C:\ProgramData\Skype
2016-01-17 03:59 - 2015-03-15 02:41 - 00000000 ____D C:\ProgramData\Origin
2016-01-16 17:12 - 2015-01-25 18:06 - 00000000 ____D C:\Users\Batur\AppData\Local\NVIDIA
2016-01-14 16:33 - 2015-01-25 19:00 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 16:32 - 2015-11-29 19:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 13:11 - 2015-12-11 00:33 - 00000000 ____D C:\Users\Batur\AppData\Local\MicrosoftEdge
2016-01-14 10:35 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-14 10:35 - 2015-01-26 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-14 09:41 - 2015-04-08 20:24 - 00000000 ____D C:\Users\Batur\AppData\Roaming\vlc
2016-01-14 08:37 - 2015-01-25 17:56 - 00000000 ____D C:\ProgramData\Sophos
2016-01-14 08:36 - 2015-07-15 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-01-14 08:36 - 2015-01-25 17:56 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-01-14 08:34 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-13 14:38 - 2015-04-08 18:56 - 00000000 ____D C:\Users\Batur\AppData\Roaming\uTorrent
2016-01-13 14:37 - 2015-11-30 01:34 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-12 19:54 - 2015-12-19 19:06 - 00000000 ____D C:\Users\Batur\.oracle_jre_usage
2016-01-12 05:41 - 2015-01-25 18:08 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-12 05:41 - 2015-01-25 18:08 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-12 05:40 - 2015-11-22 12:17 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-12 05:40 - 2015-01-25 18:08 - 01860120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-12 05:40 - 2015-01-25 18:08 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-12 04:25 - 2015-01-25 16:08 - 00001740 _____ C:\Users\Batur\Desktop\random data.txt
2016-01-12 03:47 - 2015-12-18 18:33 - 00000000 ____D C:\torent
2016-01-11 02:58 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-09 18:50 - 2015-07-16 15:03 - 00000545 _____ C:\Users\Batur\Desktop\ESEA Client.lnk
2016-01-09 16:21 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-06 19:36 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 18:50 - 2015-01-29 01:13 - 00000000 ____D C:\Users\Batur\Documents\My Games
2016-01-02 14:00 - 2015-01-26 21:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-24 02:19 - 2015-11-29 16:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-24 02:19 - 2015-01-25 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-20 05:52 - 2015-04-08 18:57 - 00002660 _____ C:\Users\Batur\Desktop\µTorrent.lnk
==================== Files in the root of some directories =======
2015-08-24 15:16 - 2015-09-02 15:14 - 0000000 _____ () C:\Users\Batur\AppData\Roaming\A3Client.log
2015-08-22 15:05 - 2015-08-22 15:05 - 0000185 _____ () C:\Users\Batur\AppData\Roaming\Configuration_Arma3.cfg
2015-06-29 21:43 - 2015-11-29 17:48 - 0007606 _____ () C:\Users\Batur\AppData\Local\Resmon.ResmonCfg
2015-05-12 09:02 - 2015-05-12 09:02 - 0012758 _____ () C:\ProgramData\mptmqteo.hmi
2015-10-30 08:18 - 2015-10-30 08:18 - 0131584 ___SH () C:\ProgramData\msmrj.exe
2015-03-08 22:13 - 2015-03-08 22:13 - 0000040 _____ () C:\ProgramData\ra3.ini
Files to move or delete:
====================
C:\ProgramData\msmrj.exe
C:\Users\Batur\bcdedit.exe
Some files in TEMP:
====================
C:\Users\Batur\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Batur\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Batur\AppData\Local\Temp\KB210886796.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-11 05:22
==================== End of FRST.txt ============================