-
Help!!! I am still getting pop ups pages after running SpyBot
Hi,
I hope that I am posting this in the right place. I believe that I may have a virus in my computer because I am getting pop ups pages every few minutes. I am using Chrome and have updated my operating system to Windows 10. I am getting pop ups pages from the following sites so far: diep.io, fanficiton.net, gsn.com,kizi.com,silvergames.com, etc. I hope someone can help me resolve this. Please help. The FRST files and Addition files are too large to upload. Therefore, I am going to copy and paste the codes here.
FRST codes:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Admin (administrator) on UNIVERSE (08-09-2016 18:53:14)
Running from C:\Users\Admin\Downloads
Loaded Profiles: Admin (Available Profiles: Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Two Pilots) C:\WINDOWS\VPDAgent_x64.exe
(Lenovo.) C:\WINDOWS\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Conexant Systems Inc.) C:\WINDOWS\System32\CxAudMsg64.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(LULU SOFTWARE LIMITED) C:\Program Files\Soda PDF 8\creator-ws.exe
(LULU Software Limited) C:\ProgramData\LULU Software\Soda PDF 8 Manager\Soda PDF 8\Soda Manager.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
() C:\ProgramData\e5c4ef79-068a-447e-b589-daa814c96056\maintainer.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
() C:\WINDOWS\SysWOW64\spdsvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\PWMUIAux.EXE
(Lenovo.) C:\WINDOWS\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
() C:\Program Files (x86)\PrintMyCouponAnywhere\PrintMyCouponAnywhere.exe
(Inmar, Inc.) C:\Program Files (x86)\Digital Coupon Printer\DigitalCouponPrinter.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(WRCS) C:\Program Files (x86)\WRCS\vCarsNet\Main\vCars.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PortableApps.com) C:\Users\Admin\Downloads\SpybotPortable\SpybotPortable.exe
(PortableApps.com) C:\Users\Admin\Downloads\SpybotPortable\SpybotPortable.exe
(Safer-Networking Ltd.) C:\Users\Admin\Downloads\SpybotPortable\App\Spybot\SDWelcome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-16] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1629544 2011-08-31] (Lenovo Group Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [136512 2008-03-14] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [124240 2008-09-29] (McAfee, Inc.)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12120616 2016-07-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [522704 2012-04-23] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-13] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104528 2013-02-26] (VMware, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Http Listener] => C:\Program Files (x86)\PrintMyCouponAnywhere\PrintMyCouponAnywhere.exe [90760 2015-04-30] ()
HKLM-x32\...\Run: [Digital Coupon Print Driver] => C:\Program Files (x86)\Digital Coupon Printer\DigitalCouponPrinter.exe [90048 2015-09-22] (Inmar, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2313408 2016-04-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-11] (Google Inc.)
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\...\Run: [Ad-Aware Search Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\BrowserDock.exe
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\...\Run: [Akamai NetSession Interface] => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\...\RunOnce: [Uninstall C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_5\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_5\amd64"
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-06-10]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2011-11-11]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-18]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{33049c0e-d7c7-47c3-a0aa-7ae8ddcbec90}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b8f29825-ff1d-45f4-ad37-3e74059fec3b}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.cnn.com/
HKU\S-1-5-21-758200000-2134975689-3807630707-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} URL =
SearchScopes: HKU\S-1-5-21-758200000-2134975689-3807630707-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D081616-A0A14E5293D1943C986F&form=CONBDF&conlogo=CT3330954&q={searchTerms}
SearchScopes: HKU\S-1-5-21-758200000-2134975689-3807630707-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D081616-A0A14E5293D1943C986F&form=CONBDF&conlogo=CT3330954&q={searchTerms}
SearchScopes: HKU\S-1-5-21-758200000-2134975689-3807630707-1003 -> {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=M6FD35AB2-EC60-4C0E-B7B8-26E0A74D56D3&SearchSource=58&CUI=&UM=6&UP=SPDE4422C2-9288-4216-A28C-B450C1FE1C92&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-758200000-2134975689-3807630707-1003 -> {5709AA32-C414-4E22-B24E-4B9E96692EF3} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-758200000-2134975689-3807630707-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_enUS479
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scriptsn.dll [2008-09-29] (McAfee, Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2011-12-05] (Symantec Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-10-22] (Microsoft Corporation)
BHO-x32: Soda PDF 8 Helper -> {33779F20-17D7-4CC6-8248-78A4A78CEBFC} -> C:\Program Files (x86)\Soda PDF 8\creator-ie-helper.dll [2016-08-12] (LULU SOFTWARE LIMITED)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-26] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll [2008-09-29] (McAfee, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2011-12-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-26] (Oracle Corporation)
BHO-x32: TBSB07898 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll [2013-07-15] ()
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll [2013-07-15] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Soda PDF 8 Toolbar - {A2689669-AD38-4AFD-B370-23E97E2B9D18} - C:\Program Files (x86)\Soda PDF 8\creator-ie-plugin.dll [2016-08-12] (LULU SOFTWARE LIMITED)
Toolbar: HKU\S-1-5-21-758200000-2134975689-3807630707-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: HKLM-x32 {CC679CB8-DC4B-458B-B817-D447B3B6AC31} vpnweb.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP13EP100-10026/webex/ieatgpc1.cab
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-04-07] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-02] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-04-07] (Adobe Systems)
FF Plugin-x32: Soda PDF 8 -> C:\Program Files (x86)\Soda PDF 8\np-previewer.dll [2016-08-12] (LULU SOFTWARE LIMITED)
FF Plugin HKU\S-1-5-21-758200000-2134975689-3807630707-1003: @citrixonline.com/appdetectorplugin -> C:\Users\Admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-22] (Citrix Online)
FF Plugin HKU\S-1-5-21-758200000-2134975689-3807630707-1003: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Admin\AppData\Roaming\CATALI~1\NPBCSK~1.DLL [2013-06-07] (Catalina Marketing Corporation)
FF Plugin HKU\S-1-5-21-758200000-2134975689-3807630707-1003: hopster.com/CouponPrinterPlugin -> C:\Users\Admin\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll [2013-02-21] (Hopster)
FF Plugin HKU\S-1-5-21-758200000-2134975689-3807630707-1003: revtrax.com/RevTraxPrintMyCoupon -> C:\Users\Admin\AppData\Roaming\RevTrax\RevTraxPrintMyCoupon\1.0.0.0\npRevTraxPrintMyCoupon.dll [2014-10-15] (RevTrax)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-11] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Admin\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-04-25] (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [soda_pdf_8_conv@sodapdf.com] - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension
FF Extension: (Soda PDF 8 Creator) - C:\Program Files\Soda PDF 8\resources\sodapdf8firefoxextension [2016-08-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2014-01-14] [not signed]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bing) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2016-09-05]
CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Video Downloader professional) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-08-15]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-07]
CHR Extension: (Yahoo Partner) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol [2016-08-21]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2016-04-25]
CHR Extension: (Grammarly for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2016-09-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Yahoo Partner) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogdfjjfhknacchjpiccacoimeelkajb [2016-08-21]
CHR Extension: (Game Tube Now Advertising) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\odgnpeandakimjdonmjgepbapjbhadgb [2016-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-05]
CHR HKU\S-1-5-21-758200000-2134975689-3807630707-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [694464 2016-04-07] (Adobe Systems Incorporated)
R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2014-05-20] (Two Pilots) [File not signed]
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413736 2015-09-18] (Coupons.com Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-22] (Dropbox, Inc.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MaintainerSvc3.32.7672459; C:\ProgramData\e5c4ef79-068a-447e-b589-daa814c96056\maintainer.exe [128240 2015-10-22] ()
R2 McAfeeEngineService; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [17920 2008-09-29] (McAfee, Inc.)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [103744 2008-03-14] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 McShield; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe [175072 2008-09-29] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [62800 2008-09-29] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [75656 2008-09-29] (McAfee, Inc.)
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation)
S2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [26624 2015-07-14] (The Neat Company) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-09-18] ()
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [499000 2016-06-18] ()
S3 Soda PDF 8; C:\Program Files\Soda PDF 8\ws.exe [2263504 2016-08-12] (LULU SOFTWARE LIMITED)
S3 Soda PDF 8 CrashHandler; C:\Program Files\Soda PDF 8\crash-handler-ws.exe [920016 2016-08-12] (LULU SOFTWARE LIMITED)
R2 Soda PDF 8 Creator; C:\Program Files\Soda PDF 8\creator-ws.exe [733136 2016-08-12] (LULU SOFTWARE LIMITED)
R2 Soda PDF 8 Manager; C:\ProgramData\LULU Software\Soda PDF 8 Manager\Soda PDF 8\Soda Manager.exe [900120 2016-08-11] (LULU Software Limited)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-26] (Lenovo Group Limited) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-04-21] (Synaptics Incorporated)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2011-12-05] (Symantec Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13242960 2013-02-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468752 2014-06-27] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [96016 2008-09-29] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [118688 2008-09-29] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [465792 2008-09-29] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [75800 2008-09-29] (McAfee, Inc.)
R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [82504 2008-09-29] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R3 Tvti2c; C:\Windows\system32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33360 2013-02-26] (VMware, Inc.)
R1 vrvd5; C:\Windows\system32\DRIVERS\vrvd5.sys [13344 2016-08-21] (Rsupport Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 rssasnt; \??\C:\Users\Public\Documents\RSupport\rcc50\rssas64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-08 18:53 - 2016-09-08 18:53 - 00040303 _____ C:\Users\Admin\Downloads\FRST.txt
2016-09-08 18:52 - 2016-09-08 18:52 - 02397696 _____ (Farbar) C:\Users\Admin\Downloads\FRST64 (1).exe
2016-09-08 18:50 - 2016-09-08 18:53 - 00000000 ____D C:\FRST
2016-09-08 18:50 - 2016-09-08 18:50 - 02397696 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-09-08 07:01 - 2016-09-08 07:01 - 00151040 _____ C:\Users\Admin\Downloads\project-plan1-1.ppt
2016-09-08 01:14 - 2016-09-08 18:46 - 00000000 ____D C:\Users\Admin\Desktop\Popup virus
2016-09-08 00:26 - 2016-09-08 00:26 - 00001007 _____ C:\Users\Admin\Desktop\SpybotPortable - Shortcut.lnk
2016-09-07 23:42 - 2016-09-08 00:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-07 23:42 - 2016-09-07 23:42 - 00000000 ____D C:\Users\Admin\Documents\ProcAlyzer Dumps
2016-09-07 23:28 - 2016-09-07 23:28 - 00000000 ____D C:\ProgramData\Symantec Shared
2016-09-07 23:28 - 2012-05-18 19:56 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capicom.dll
2016-09-07 23:28 - 2007-03-21 20:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.DLL
2016-09-07 23:28 - 2007-03-21 20:33 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP71.DLL
2016-09-07 23:28 - 2007-03-21 20:33 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCR71.DLL
2016-09-07 23:26 - 2016-09-07 23:36 - 00000000 ____D C:\ProgramData\Symantec
2016-09-07 23:25 - 2016-09-07 23:26 - 00000000 ____D C:\Users\Admin\Desktop\Symantec_Endpoint_Protection_12.1.6_MP5_Part1_Trialware_EN
2016-09-07 23:23 - 2016-09-07 23:23 - 10467568 _____ (Akamai Technologies, Inc.) C:\Users\Admin\Downloads\installer.exe
2016-09-07 23:12 - 2016-09-07 23:13 - 119710544 _____ (PortableApps.com) C:\Users\Admin\Downloads\SpybotPortable_2.5.paf (2).exe
2016-09-07 23:08 - 2016-09-07 23:08 - 119710544 _____ (PortableApps.com) C:\Users\Admin\Downloads\SpybotPortable_2.5.paf (1).exe
2016-09-07 22:57 - 2016-09-07 22:57 - 00020375 _____ C:\Users\Admin\Downloads\Calendar-triumph09.ics
2016-09-07 10:06 - 2016-09-07 10:06 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-07 10:03 - 2016-09-07 23:42 - 00000000 ____D C:\Users\Admin\Downloads\SpybotPortable
2016-09-07 10:02 - 2016-09-07 10:03 - 119710544 _____ (PortableApps.com) C:\Users\Admin\Downloads\SpybotPortable_2.5.paf.exe
2016-09-07 09:11 - 2016-09-07 09:10 - 00349270 _____ C:\Users\Admin\Downloads\adblock.zip
2016-09-07 09:10 - 2016-09-07 09:10 - 00951808 _____ (SecuredDownload) C:\Users\Admin\Downloads\adblock.exe
2016-09-07 08:44 - 2016-09-07 08:44 - 00087105 _____ C:\Users\Admin\Desktop\ID.pdf
2016-09-07 08:40 - 2016-09-07 08:40 - 00797077 _____ C:\Users\Admin\Desktop\Marriage LICENSE.pdf
2016-09-06 21:33 - 2016-09-06 21:33 - 06832128 _____ C:\Users\Admin\Downloads\protists-and-fungi.ppt
2016-09-02 19:38 - 2016-09-02 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-31 21:46 - 2016-08-31 21:46 - 00336272 _____ C:\Users\Admin\Downloads\Radians and Reference Angles.pdf
2016-08-29 13:52 - 2016-09-05 17:06 - 00000000 ____D C:\Users\Admin\Desktop\Auto Karma Buyers
2016-08-22 21:16 - 2016-08-22 21:16 - 00003328 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-22 21:15 - 2016-08-22 21:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-08-21 21:10 - 2016-08-21 21:27 - 00000000 ____D C:\Program Files (x86)\Rsupport
2016-08-21 21:10 - 2016-08-21 21:10 - 00070688 _____ (Rsupport Corporation) C:\WINDOWS\system32\vrvd5.dll
2016-08-21 21:10 - 2016-08-21 21:10 - 00013344 _____ (Rsupport Corporation) C:\WINDOWS\system32\Drivers\vrvd5.sys
2016-08-19 22:38 - 2016-08-19 22:38 - 00000000 ____D C:\Users\Admin\AppData\Local\DeadByDaylight
2016-08-19 22:37 - 2016-08-19 22:37 - 00332024 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-08-19 22:37 - 2016-08-19 22:37 - 00000000 ____D C:\Users\Admin\AppData\Local\UnrealEngine
2016-08-19 16:24 - 2016-08-19 16:24 - 00629892 _____ C:\Users\Admin\Downloads\BIOL1111 syllabus - Fall 2016PACEJuly272016.pdf
2016-08-19 16:17 - 2016-08-19 16:17 - 00194545 _____ C:\Users\Admin\Downloads\Bio1111labonlinesyllabusFa2016.pdf
2016-08-18 20:46 - 2016-08-18 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-18 19:28 - 2016-08-18 19:28 - 03536384 _____ C:\Users\Admin\Downloads\scientificmethodpowerpointreviewlesson.ppt
2016-08-18 06:55 - 2016-08-18 06:55 - 00363145 _____ C:\Users\Admin\Desktop\Employee Withholding.pdf
2016-08-17 18:20 - 2016-08-17 18:20 - 00069169 _____ C:\Users\Admin\Downloads\104082 Cover Sheet .pdf
2016-08-17 18:12 - 2016-08-17 18:12 - 00101124 _____ C:\Users\Admin\Downloads\104082 POA 2 pages .pdf
2016-08-16 13:00 - 2016-08-16 13:00 - 01391610 _____ C:\Users\Admin\Downloads\152955.pdf
2016-08-16 13:00 - 2016-08-16 13:00 - 01391610 _____ C:\Users\Admin\Desktop\3183 Nectarine.pdf
2016-08-16 12:47 - 2016-08-16 12:47 - 01335136 _____ C:\Users\Admin\Downloads\SharpBuckhead@meetatroam.com_20160812_152955 (1).pdf
2016-08-16 12:24 - 2016-08-16 12:24 - 01335136 _____ C:\Users\Admin\Downloads\SharpBuckhead@meetatroam.com_20160812_152955.pdf
2016-08-16 11:58 - 2016-08-16 11:58 - 01982056 _____ C:\Users\Admin\Desktop\LLC Operating Agreement.pdf
2016-08-16 11:12 - 2016-08-16 11:12 - 00259738 _____ C:\Users\Admin\Downloads\operating-agreement1.pdf
2016-08-16 10:27 - 2016-08-16 10:27 - 01253927 _____ C:\Users\Admin\Desktop\ATC business license.pdf
2016-08-16 10:17 - 2016-08-16 10:17 - 01031841 _____ C:\Users\Admin\Desktop\Business License.pdf
2016-08-16 09:40 - 2016-08-16 09:40 - 00424156 _____ C:\Users\Admin\Desktop\Aj business license.pdf
2016-08-16 09:23 - 2016-08-21 20:44 - 00002960 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2016-08-16 09:23 - 2016-08-21 20:44 - 00002960 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2016-08-16 09:23 - 2016-08-16 09:23 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2016-08-16 09:23 - 2016-08-16 09:23 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2016-08-16 09:23 - 2016-08-16 09:23 - 00000000 ____D C:\ProgramData\LULU Software
2016-08-16 09:22 - 2016-08-16 10:26 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Soda PDF 8
2016-08-16 09:22 - 2016-08-16 09:55 - 00000000 ____D C:\Users\Admin\Documents\Soda PDF Files
2016-08-16 09:22 - 2016-08-16 09:45 - 00000000 ____D C:\ProgramData\Soda PDF 8
2016-08-16 09:22 - 2016-08-16 09:23 - 00000000 ____D C:\Program Files\Soda PDF 8
2016-08-16 09:22 - 2016-08-16 09:22 - 09576200 _____ (LULU Software Limited) C:\Users\Admin\Downloads\Soda_PDF_8_wc_Installer.exe
2016-08-16 09:22 - 2016-08-16 09:22 - 00000798 _____ C:\Users\Public\Desktop\Soda PDF 8.lnk
2016-08-16 09:22 - 2016-08-16 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF 8
2016-08-16 09:22 - 2016-08-16 09:22 - 00000000 ____D C:\Program Files (x86)\Soda PDF 8
2016-08-16 07:59 - 2016-08-16 09:47 - 00002553 _____ C:\Users\Admin\Desktop\AJ.pdf
2016-08-15 17:10 - 2016-08-15 17:10 - 03853176 _____ C:\Users\Admin\Downloads\Instagram (2).mp4
2016-08-15 17:10 - 2016-08-15 17:10 - 03853176 _____ C:\Users\Admin\Downloads\Instagram (1).mp4
2016-08-15 17:08 - 2016-08-15 17:08 - 03853176 _____ C:\Users\Admin\Downloads\Instagram.mp4
2016-08-12 21:15 - 2016-08-12 21:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-12 13:45 - 2016-08-03 05:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-12 13:44 - 2016-08-03 06:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-12 13:44 - 2016-08-03 05:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-12 13:44 - 2016-08-03 05:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-12 13:44 - 2016-08-03 05:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-12 13:44 - 2016-08-03 05:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-12 13:44 - 2016-08-03 05:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-12 13:44 - 2016-08-03 00:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-12 13:44 - 2016-08-03 00:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-12 13:44 - 2016-08-03 00:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-12 13:43 - 2016-08-03 06:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-12 13:43 - 2016-08-03 00:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-12 13:42 - 2016-08-03 05:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-12 13:42 - 2016-08-03 05:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-12 13:41 - 2016-08-03 05:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-12 13:41 - 2016-08-03 01:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-12 13:41 - 2016-08-03 01:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-12 13:41 - 2016-08-03 01:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-12 13:41 - 2016-08-03 00:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-12 13:40 - 2016-08-03 06:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-12 13:40 - 2016-08-03 06:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-12 13:40 - 2016-08-03 06:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-12 13:40 - 2016-08-03 06:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-12 13:40 - 2016-08-03 05:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-12 13:40 - 2016-08-03 05:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-12 13:40 - 2016-08-03 05:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-12 13:40 - 2016-08-03 05:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-12 13:40 - 2016-08-03 05:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-12 13:40 - 2016-08-03 05:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-12 13:40 - 2016-08-03 01:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-12 13:39 - 2016-08-03 06:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-12 13:39 - 2016-08-03 06:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-12 13:39 - 2016-08-03 06:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-12 13:39 - 2016-08-03 05:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-12 13:39 - 2016-08-03 05:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-12 13:39 - 2016-08-03 05:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-12 13:39 - 2016-08-03 05:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-12 13:39 - 2016-08-03 05:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-12 13:39 - 2016-08-03 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-12 13:39 - 2016-08-03 05:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-12 13:39 - 2016-08-03 05:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-12 13:39 - 2016-08-03 05:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-12 13:39 - 2016-08-03 05:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-12 13:39 - 2016-08-03 01:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-12 13:39 - 2016-08-03 01:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-12 13:39 - 2016-08-03 00:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-12 13:38 - 2016-08-03 06:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-12 13:38 - 2016-08-03 05:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-12 13:38 - 2016-08-03 05:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-12 13:38 - 2016-08-03 05:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-12 13:38 - 2016-08-03 05:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-12 13:38 - 2016-08-03 05:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 13:38 - 2016-08-03 01:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-12 13:38 - 2016-08-03 00:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-12 13:38 - 2016-08-03 00:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-12 13:38 - 2016-08-03 00:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-12 13:38 - 2016-08-03 00:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-12 13:38 - 2016-08-03 00:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-12 13:38 - 2016-08-03 00:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-12 13:38 - 2016-08-03 00:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-12 13:37 - 2016-08-03 06:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-12 13:37 - 2016-08-03 06:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-12 13:37 - 2016-08-03 06:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-12 13:37 - 2016-08-03 06:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-12 13:37 - 2016-08-03 06:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-12 13:37 - 2016-08-03 05:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-12 13:37 - 2016-08-03 05:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-12 13:37 - 2016-08-03 05:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-12 13:37 - 2016-08-03 00:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-12 13:36 - 2016-08-03 07:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-12 13:36 - 2016-08-03 07:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-12 13:36 - 2016-08-03 07:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-12 13:36 - 2016-08-03 06:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-12 13:36 - 2016-08-03 06:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-12 13:36 - 2016-08-03 06:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-12 13:36 - 2016-08-03 06:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-12 13:36 - 2016-08-03 05:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-12 13:36 - 2016-08-03 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-12 13:36 - 2016-08-03 05:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-12 13:36 - 2016-08-03 05:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-12 13:36 - 2016-08-03 05:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-12 13:36 - 2016-08-03 05:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-12 13:36 - 2016-08-03 05:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-12 13:36 - 2016-08-03 05:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-12 13:36 - 2016-08-03 05:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-12 13:36 - 2016-08-03 05:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-12 13:36 - 2016-08-03 05:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-12 13:36 - 2016-08-03 05:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-12 13:36 - 2016-08-03 05:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-12 13:36 - 2016-08-03 05:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-12 13:36 - 2016-08-03 01:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-12 13:36 - 2016-08-03 01:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-12 13:36 - 2016-08-03 01:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-12 13:36 - 2016-08-03 00:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-12 13:36 - 2016-08-03 00:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-12 13:36 - 2016-08-03 00:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-12 13:36 - 2016-08-03 00:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-12 13:36 - 2016-08-03 00:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-12 13:36 - 2016-08-03 00:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-12 13:36 - 2016-08-03 00:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-12 13:36 - 2016-08-03 00:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-12 13:36 - 2016-08-03 00:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-12 13:36 - 2016-08-03 00:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-12 13:36 - 2016-08-03 00:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-12 13:36 - 2016-08-03 00:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-12 13:35 - 2016-08-03 06:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-12 13:35 - 2016-08-03 06:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-12 13:35 - 2016-08-03 06:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-12 13:35 - 2016-08-03 06:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-12 13:35 - 2016-08-03 05:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-12 13:35 - 2016-08-03 05:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-12 13:35 - 2016-08-03 05:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-12 13:35 - 2016-08-03 05:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-12 13:35 - 2016-08-03 05:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-12 13:35 - 2016-08-03 05:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-12 13:35 - 2016-08-03 05:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-12 13:35 - 2016-08-03 05:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-12 13:35 - 2016-08-03 05:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-12 13:35 - 2016-08-03 05:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-12 13:35 - 2016-08-03 05:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-12 13:35 - 2016-08-03 05:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-12 13:35 - 2016-08-03 05:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-12 13:35 - 2016-08-03 05:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-12 13:35 - 2016-08-03 05:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-12 13:35 - 2016-08-03 05:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-12 13:35 - 2016-08-03 05:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-12 13:35 - 2016-08-03 05:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-12 13:35 - 2016-08-03 00:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-12 13:35 - 2016-08-03 00:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-12 13:35 - 2016-08-03 00:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-12 13:35 - 2016-08-03 00:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-12 13:35 - 2016-08-03 00:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-12 13:35 - 2016-08-03 00:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-12 13:35 - 2016-08-03 00:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-12 13:13 - 2016-08-12 13:14 - 03145071 _____ C:\Users\Admin\Desktop\NextGear.pdf
2016-08-12 12:20 - 2016-08-12 12:20 - 01013839 _____ C:\Users\Admin\Downloads\NG_CreditApp_HR1 (1).pdf
2016-08-12 11:27 - 2016-08-12 11:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-08 18:53 - 2012-04-10 10:03 - 00000528 _____ C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2016-09-08 18:49 - 2012-04-10 10:03 - 00000466 _____ C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2016-09-08 18:35 - 2011-11-11 11:10 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-08 18:33 - 2013-08-16 12:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-08 18:20 - 2015-04-22 12:01 - 00000556 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-758200000-2134975689-3807630707-1003.job
2016-09-08 18:14 - 2016-04-22 13:09 - 00000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-08 17:22 - 2016-07-28 18:15 - 01019136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-08 17:22 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-08 17:22 - 2015-06-29 22:10 - 00000652 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-758200000-2134975689-3807630707-1003.job
2016-09-08 06:57 - 2016-04-22 13:12 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-09-08 06:56 - 2016-04-22 13:09 - 00000902 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-08 06:56 - 2011-11-11 11:10 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-08 01:23 - 2013-02-13 16:05 - 00000000 ____D C:\ProgramData\VMware
2016-09-08 01:22 - 2016-04-27 02:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-08 01:22 - 2016-04-27 02:29 - 00366136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-08 01:22 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-08 00:30 - 2015-04-14 12:30 - 00000000 ____D C:\Users\Public\Documents\Neat ADF Scanner
2016-09-07 23:58 - 2015-04-14 19:22 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-09-07 23:38 - 2011-11-11 11:17 - 00000000 ____D C:\Program Files (x86)\Symantec
2016-09-07 10:09 - 2016-07-28 18:18 - 00000000 ____D C:\Users\Admin
2016-09-07 09:32 - 2014-10-11 19:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-09-05 21:15 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-03 21:25 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-03 11:28 - 2015-04-22 17:07 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Heroes and Generals
2016-09-03 11:07 - 2016-07-28 18:42 - 00003810 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-758200000-2134975689-3807630707-1003
2016-09-03 11:07 - 2016-07-28 18:42 - 00003714 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-758200000-2134975689-3807630707-1003
2016-09-02 20:06 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-09-02 20:06 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-02 19:38 - 2016-04-22 13:09 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-31 21:47 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-29 14:03 - 2016-04-25 09:04 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Temp
2016-08-28 08:29 - 2016-06-20 18:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2016-08-28 08:29 - 2016-06-19 14:32 - 00000000 ____D C:\ProgramData\Samsung
2016-08-22 21:16 - 2016-08-02 19:50 - 00002413 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-22 21:16 - 2016-08-02 19:50 - 00000000 ___RD C:\Users\Admin\OneDrive
2016-08-21 21:27 - 2016-06-20 18:00 - 00000000 ____D C:\Users\Public\Documents\RSupport
2016-08-18 20:46 - 2015-11-17 20:04 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-18 20:46 - 2014-09-29 12:01 - 00002020 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-13 11:33 - 2016-04-27 02:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-13 03:57 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 03:37 - 2016-04-27 02:21 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-13 03:37 - 2015-10-30 03:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 22:13 - 2013-08-21 20:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 21:37 - 2013-01-30 16:35 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-12 21:15 - 2013-02-14 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Lync
2016-08-12 21:15 - 2013-02-14 12:00 - 00000000 ____D C:\Program Files\Microsoft Lync
2016-08-12 21:15 - 2013-02-14 12:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Lync
==================== Files in the root of some directories =======
2015-09-04 17:02 - 2015-09-04 17:02 - 0000098 _____ () C:\Users\Admin\AppData\Roaming\LauncherSettings_live.cfg
2015-09-04 17:03 - 2015-09-04 17:03 - 0000039 _____ () C:\Users\Admin\AppData\Roaming\TheHunterSettings_steam_live.cfg
2014-09-02 08:19 - 2014-09-02 08:19 - 0893239 _____ () C:\Users\Admin\AppData\Local\a.zip
2014-09-02 08:19 - 2014-09-02 08:19 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Admin\AppData\Local\BcsKtYcHW.dll
2015-02-10 20:37 - 2015-02-10 20:44 - 0000356 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\rscagent.exe
C:\Users\Admin\AppData\Local\Temp\WebCompanionInstaller.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-01 21:24
==================== End of FRST.txt ============================
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
