Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-10-2015
- Ran by Conner (administrator) on CONNER-PC (09-10-2015 14:25:30)
- Running from C:\Users\Conner\Desktop
- Loaded Profiles: Conner (Available Profiles: Conner)
- Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
- Internet Explorer Version 9 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (AMD) C:\Windows\System32\atiesrxx.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (Microsoft Corporation) C:\Windows\System32\wlanext.exe
- (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
- (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
- (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
- (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
- (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
- (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2014-04-11] (Realtek Semiconductor)
- HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
- HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-09] (MSI)
- HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: E - E:\VZW_Software_upgrade_assistant.exe
- HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: {21a21992-c165-11e3-99db-806e6f6e6963} - D:\DVDSetup.exe
- HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: {67eaf584-c176-11e3-8324-448a5b6115ed} - E:\VZW_Software_upgrade_assistant.exe
- HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\MountPoints2: {8006f6be-c14f-11e3-9a42-806e6f6e6963} - D:\setup.exe
- HKU\S-1-5-18\...\Run: [GoogleChromeAutoLaunch_4158A702DE94E8F002D78386467F1B31] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
- HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-01-14] (Microsoft Corporation)
- AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => No File
- ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
- ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
- GroupPolicy: Restriction - Chrome <======= ATTENTION
- CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- ProxyServer: [S-1-5-21-3144416939-2421594402-137492813-1000] => http=127.0.0.1:13001
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{01418C48-C22D-4291-9861-1AF42E4D9A57}: [DhcpNameServer] 192.168.1.1
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.1.0.9
- HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
- HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
- HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
- HKU\S-1-5-21-3144416939-2421594402-137492813-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4XA,,&q={searchTerms}
- HKU\S-1-5-21-3144416939-2421594402-137492813-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NS&pvid=22.5.4.24
- HKU\S-1-5-21-3144416939-2421594402-137492813-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.conduit.com/?gd=&ctid=ct3325286&octid=eb_original_ctid&isid=m60087815-f195-473b-a527-aa1b6dbe5c9c&searchsource=55&cui=&um=5&up=sp32f94329-5101-47ed-9722-9918b8e6314c&sspv=
- SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=15005&tm=315&src=ds&p={searchTerms}
- SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4Ww,,&q={searchTerms}
- SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4Ww,,&q={searchTerms}
- SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=15005&tm=315&src=ds&p={searchTerms}
- SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4XA,,&q={searchTerms}
- SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X1RI0uLGuNl10eybAY8lI3ovdCrXU4hCuCvAdktNCK4mjcvDpGxupo6jXe0AZ8pjfTxMiBTRENnR-doO3X4i7fJ1T01FGmgHtVpHFSpdEUqKqC384l8zxf0QGMpK-I4XA,,&q={searchTerms}
- SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=100&itype=a&ver=15005&tm=315&src=ds&p={searchTerms}
- SearchScopes: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NS&chn=retail&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869
- BHO: MediaPlayerplus -> {11111111-1111-1111-1111-110511421146} -> C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll [2014-04-12] (Freeven)
- BHO: Quiknowledge -> {323C6E6D-1621-470F-8A52-4FDEC4E75E40} -> C:\Program Files\Quiknowledge\IE\QuiknowledgeClientIE.dll No File
- BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
- BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll No File
- BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
- BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
- BHO-x32: PriceGong - Price Comparison -> {1631550F-191D-4826-B069-D9439253D926} -> C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll No File
- BHO-x32: No Name -> {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} -> No File
- BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
- BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
- BHO-x32: Re-Markable -> {A62BF774-18B1-2C80-0363-9AD7072BB9A8} -> C:\Program Files (x86)\Re-Markable-soft\171.dll No File
- BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
- BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
- BHO-x32: IEExtension.Extension -> {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
- Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
- Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
- Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
- Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
- Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
- Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
- Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
- Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
- Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} - No File
- Toolbar: HKU\S-1-5-21-3144416939-2421594402-137492813-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
- Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
- Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
- Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
- Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
- FireFox:
- ========
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
- FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
- FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2014-05-17] (Nexon)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
- FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
- FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-10-09]
- FF HKU\S-1-5-21-3144416939-2421594402-137492813-1000\...\Firefox\Extensions: [{C8A7850F-CCA1-ACD7-8CAF-562C883D9F80}] - C:\Program Files (x86)\Re-Markable-soft\171.xpi => not found
- Chrome:
- =======
- CHR Profile: C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Slides) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-14]
- CHR Extension: (Google Docs) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-14]
- CHR Extension: (Google Drive) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]
- CHR Extension: (YouTube) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]
- CHR Extension: (Adblock Plus) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-09]
- CHR Extension: (Norton Security Toolbar) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-11]
- CHR Extension: (Google Search) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]
- CHR Extension: (Google Sheets) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]
- CHR Extension: (Google Docs Offline) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
- CHR Extension: (Norton Identity Safe) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-14]
- CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
- CHR Extension: (Skype Click to Call) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-14]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]
- CHR Extension: (Gmail) - C:\Users\Conner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]
- CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-06]
- CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [acfoobbgoakpihljnfedbcfaipcdlfhk] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-06]
- CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
- S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [782208 2015-01-19] ()
- R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
- R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
- R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
- R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe [282016 2015-09-24] (Symantec Corporation)
- S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
- S2 3010859aeca4507.exe; C:\Users\Conner\AppData\Local\62b7abbdd1dd891801818168dbf983f4\3010859aeca4507.exe [X]
- S2 77854be4be65e07afcf61541e60bdd79.exe; C:\Users\Conner\AppData\Local\77854be4be65e07afcf61541e60bdd79\77854be4be65e07afcf61541e60bdd79.exe [X]
- S2 935163118729163.exe; C:\Users\Conner\AppData\Local\f16100ccb3472d157d90c1d3816fad92\935163118729163.exe [X]
- S2 a37af3405cfe910.exe; C:\Users\Conner\AppData\Local\db7b2d584efdc2710cd94ae4f27c8abb\a37af3405cfe910.exe [X]
- S2 ASUSWireless; "C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\ASUSService.exe" [X]
- S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] <==== ATTENTION
- S4 ControlProgramSchema.exe; C:\Users\Conner\AppData\Local\ArchiveCursorSDK\ArchiveCursorSDK.exe [X]
- S2 ee3327228c51020.exe; C:\Users\Conner\AppData\Local\48274b3ff1ca2ff16f2077c894bea374\ee3327228c51020.exe [X]
- S2 EncondingRepositoryThumbnail.exe; C:\Users\Conner\AppData\Local\e2fad099f894dd30b50f090b0ab6e51b\EncondingRepositoryThumbnail.exe [X]
- S2 FirmwareMBRRegister.exe; C:\Users\Conner\AppData\Local\FirmwareMBRRegister\FirmwareMBRRegister.exe [X]
- S2 InteractivePrivacyWizard.exe; C:\Users\Conner\AppData\Local\InteractivePrivacyWizard\InteractivePrivacyWizard.exe [X]
- S2 PirritDesktop; C:\Users\Conner\AppData\Local\PirritSuggestor\PirritService.exe [X]
- S2 RalinkRegistryWriter; "C:\Program Files (x86)\ASUS\PCE-N53 WLAN Card Utilities\Common\RaRegistry.exe" [X]
- S2 Re-Markable; C:\Program Files (x86)\Re-Markable Corp\Re-Markable158.exe [X]
- S2 schemathumbnailapi.exe; C:\Users\Conner\AppData\Local\schemathumbnailapi\schemathumbnailapi.exe [X]
- S2 sharewareracengnGUI.exe; C:\Users\Conner\AppData\Local\sharewareracengnGUI\sharewareracengnGUI.exe [X]
- S2 SystemkService; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [X]
- S2 wbsvc; "C:\Program Files\WebBar\wbsvc.exe" --service [X]
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20151005.001_7da\BHDrvx64.sys [1650936 2015-10-05] (Symantec Corporation)
- R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
- S3 cocippsz; C:\Windows\System32\Drivers\cocippsz.sys [423240 2014-04-13] (AVAST Software)
- S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
- R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
- R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-08] (Symantec Corporation)
- R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20151008.001\IDSvia64.sys [767216 2015-10-05] (Symantec Corporation)
- R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151008.002\ENG64.SYS [138488 2015-10-08] (Symantec Corporation)
- R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151008.002\EX64.SYS [2146040 2015-10-08] (Symantec Corporation)
- R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-28] (Riverbed Technology, Inc.)
- R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
- S3 qjsliszn; C:\Windows\System32\Drivers\qjsliszn.sys [421704 2014-04-13] (AVAST Software)
- R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
- R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
- R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
- R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
- R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
- R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
- R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-05-28] (Corsica)
- S3 xnribqit; C:\Windows\System32\Drivers\xnribqit.sys [423240 2014-05-01] (AVAST Software)
- S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
- S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [X]
- S1 F06DEFF2-5B9C-490D-910F-35D3A91196223; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc3.cfg [X]
- S3 MSICDSetup; \??\D:\CDriver64.sys [X]
- S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
- S1 qknfd; system32\drivers\qknfd.sys [X]
- S3 RgFltX64; \??\C:\Users\Conner\AppData\Local\ArchiveCursorSDK\RgFltX64.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-10-09 14:25 - 2015-10-09 14:26 - 00024716 _____ C:\Users\Conner\Desktop\FRST.txt
- 2015-10-09 14:20 - 2015-10-09 14:25 - 00000000 ____D C:\FRST
- 2015-10-09 14:20 - 2015-10-09 14:20 - 02194944 _____ (Farbar) C:\Users\Conner\Desktop\FRST64.exe
- 2015-10-09 02:24 - 2015-10-09 02:24 - 00745721 _____ ( ) C:\Program Files (x86)\popappsetup.exe
- 2015-10-09 01:27 - 2015-10-09 01:27 - 00008909 _____ C:\Windows\system32\Drivers\etc\hosts.bak
- 2015-10-09 01:15 - 2015-10-09 01:16 - 00000000 ____D C:\NPE
- 2015-10-09 00:30 - 2015-10-09 00:30 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Conner\Downloads\mbam-setup-2.1.8.1057.exe
- 2015-10-09 00:30 - 2015-10-09 00:30 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Conner\Downloads\mbam-setup-2.1.8.1057 (1).exe
- 2015-10-09 00:27 - 2015-10-09 01:15 - 00000000 ____D C:\ProgramData\ASUS Driver
- 2015-10-09 00:27 - 2015-10-09 00:27 - 00003992 _____ C:\Windows\system32\RaCoInst.log
- 2015-10-09 00:27 - 2015-10-09 00:27 - 00000000 ____D C:\ProgramData\Ralink
- 2015-10-09 00:27 - 2015-10-09 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
- 2015-10-09 00:27 - 2015-10-09 00:27 - 00000000 ____D C:\Program Files (x86)\Cisco
- 2015-10-09 00:27 - 2012-09-13 11:22 - 01808448 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
- 2015-10-09 00:27 - 2012-07-05 21:10 - 00327008 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
- 2015-10-09 00:27 - 2012-07-05 21:10 - 00014119 ____N C:\Windows\SysWOW64\RaCoInst.dat
- 2015-10-09 00:27 - 2012-07-05 21:10 - 00014119 _____ C:\Windows\system32\RaCoInst.dat
- 2015-10-09 00:26 - 2015-10-09 00:26 - 00000000 ____D C:\Windows\system32\RaLanguages
- 2015-10-09 00:26 - 2015-10-09 00:26 - 00000000 ____D C:\Users\Conner\AppData\Roaming\InstallShield
- 2015-10-09 00:26 - 2015-10-09 00:26 - 00000000 ____D C:\Program Files (x86)\ASUS
- 2015-10-09 00:26 - 2012-03-21 06:48 - 02399584 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 01607008 ____N (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 01112928 ____N (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 01112928 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 00792416 ____N C:\Windows\SysWOW64\DiagFunc.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 00792416 _____ C:\Windows\system32\DiagFunc.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 00128864 ____N (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 00128864 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
- 2015-10-09 00:26 - 2012-03-21 06:48 - 00000451 ____N C:\Windows\SysWOW64\DiagFunc.ini
- 2015-10-09 00:26 - 2012-03-21 06:48 - 00000451 _____ C:\Windows\system32\DiagFunc.ini
- 2015-10-09 00:15 - 2015-10-09 00:15 - 00000739 _____ C:\Users\Conner\Desktop\ReleaseNote_PCE-N53_V1012 - Shortcut.lnk
- 2015-10-09 00:15 - 2015-10-09 00:15 - 00000363 _____ C:\Users\Conner\Desktop\ASUS_PCE-N53_V1.0.1.2_09192015 - Shortcut.lnk
- 2015-10-08 23:07 - 2015-10-09 00:18 - 00007600 _____ C:\Users\Conner\AppData\Local\Resmon.ResmonCfg
- 2015-10-08 23:00 - 2015-10-08 23:00 - 00000000 ____D C:\Windows\{1607E3B3-7E5C-42AD-86D7-83DF0ABF116E}
- 2015-10-07 21:52 - 2015-10-07 21:52 - 00000000 _____ C:\Users\Conner\AppData\Local\{27916B05-7DEB-416D-A6FB-15A028FF5413}
- 2015-10-06 00:19 - 2015-10-06 00:19 - 00000000 ____D C:\ProgramData\Celavimus
- 2015-10-06 00:16 - 2015-10-08 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
- 2015-10-06 00:16 - 2015-10-06 00:16 - 00001197 _____ C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
- 2015-10-06 00:16 - 2015-10-06 00:16 - 00000000 ____D C:\Program Files (x86)\CEVO
- 2015-10-06 00:15 - 2015-10-06 00:16 - 24003197 _____ C:\Users\Conner\Downloads\CEVO CSGO Client.zip
- 2015-10-06 00:06 - 2015-10-06 00:06 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
- 2015-10-05 23:52 - 2015-10-05 23:52 - 00000000 __SHD C:\found.000
- 2015-09-21 16:22 - 2015-10-05 23:51 - 00000000 ____D C:\Users\Conner\AppData\Local\scriptsoftwareBckp
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-10-09 14:19 - 2009-07-14 00:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2015-10-09 14:19 - 2009-07-14 00:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2015-10-09 14:15 - 2014-04-11 03:43 - 01626775 _____ C:\Windows\WindowsUpdate.log
- 2015-10-09 14:12 - 2014-04-12 15:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2015-10-09 14:11 - 2014-04-11 04:01 - 00566440 _____ C:\Windows\PFRO.log
- 2015-10-09 14:11 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
- 2015-10-09 14:11 - 2009-07-14 00:51 - 00068882 _____ C:\Windows\setupact.log
- 2015-10-09 02:40 - 2014-04-11 11:08 - 00000000 ____D C:\Program Files (x86)\Steam
- 2015-10-09 02:30 - 2014-04-11 13:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
- 2015-10-09 01:53 - 2014-04-12 15:14 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2015-10-09 01:38 - 2014-04-11 03:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
- 2015-10-09 01:33 - 2015-01-14 18:25 - 00000000 ____D C:\Users\Conner\AppData\Local\NPE
- 2015-10-09 01:12 - 2014-04-11 03:48 - 00000000 ____D C:\ProgramData\Norton
- 2015-10-09 01:00 - 2014-07-21 02:08 - 00000000 ____D C:\ProgramData\CLickFaorSaaLe
- 2015-10-09 00:27 - 2014-04-12 02:54 - 00000000 ____D C:\Users\Conner\AppData\Local\CrashDumps
- 2015-10-09 00:26 - 2009-07-13 22:34 - 00000588 _____ C:\Windows\win.ini
- 2015-10-09 00:15 - 2009-07-14 01:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
- 2015-10-09 00:00 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
- 2015-10-08 22:08 - 2014-04-11 03:47 - 00000000 ____D C:\Program Files (x86)\Google
- 2015-10-08 22:03 - 2014-04-11 03:41 - 00000000 ____D C:\Users\Conner
- 2015-10-08 22:02 - 2014-05-26 00:48 - 00000000 ____D C:\Windows\Minidump
- 2015-10-08 22:02 - 2014-04-11 03:55 - 00000000 ____D C:\ProgramData\Package Cache
- 2015-10-08 22:02 - 2014-04-11 03:48 - 00000000 ___HD C:\SuperChargerProfile
- 2015-10-08 22:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
- 2015-10-08 22:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
- 2015-10-07 21:38 - 2015-02-21 13:33 - 00000000 ____D C:\Users\Conner\AppData\Local\Steam
- 2015-10-06 00:06 - 2015-01-14 17:16 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
- 2015-10-06 00:06 - 2015-01-14 17:10 - 00002292 _____ C:\Users\Public\Desktop\Norton Security.LNK
- 2015-10-06 00:06 - 2015-01-14 17:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
- 2015-10-06 00:06 - 2015-01-14 17:09 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
- 2015-10-04 11:00 - 2014-04-12 15:35 - 00000302 _____ C:\Windows\Tasks\PCHelpers_period.job
- 2015-09-26 01:01 - 2015-01-14 19:06 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2015-09-23 15:41 - 2009-07-14 01:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
- 2015-09-21 19:30 - 2014-04-11 13:26 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
- 2015-09-21 19:30 - 2014-04-11 13:26 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
- 2015-09-21 19:30 - 2014-04-11 13:26 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
- 2015-09-14 22:55 - 2014-04-11 03:47 - 00000000 ____D C:\Users\Conner\AppData\Local\Google
- 2015-09-14 22:48 - 2014-04-12 15:14 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
- 2015-09-14 22:48 - 2014-04-12 15:14 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
- ==================== Files in the root of some directories =======
- 2015-10-09 02:24 - 2015-10-09 02:24 - 0745721 _____ ( ) C:\Program Files (x86)\popappsetup.exe
- 2014-04-12 15:36 - 2014-04-12 15:36 - 0000314 _____ () C:\Users\Conner\AppData\Roaming\aps.uninstall.scan.results
- 2014-04-12 15:40 - 2014-04-12 15:40 - 0005265 _____ () C:\Users\Conner\AppData\Roaming\callbanner.png
- 2014-04-12 15:20 - 2015-01-14 16:45 - 6086656 _____ () C:\Users\Conner\AppData\Local\ChromeHitoryDB
- 2015-10-08 23:07 - 2015-10-09 00:18 - 0007600 _____ () C:\Users\Conner\AppData\Local\Resmon.ResmonCfg
- 2015-10-07 21:52 - 2015-10-07 21:52 - 0000000 _____ () C:\Users\Conner\AppData\Local\{27916B05-7DEB-416D-A6FB-15A028FF5413}
- 2014-04-11 06:25 - 2014-04-11 06:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
- Some files in TEMP:
- ====================
- C:\Users\Conner\AppData\Local\Temp\devcon64.exe
- C:\Users\Conner\AppData\Local\Temp\NGM.exe
- C:\Users\Conner\AppData\Local\Temp\NGMDll.dll
- C:\Users\Conner\AppData\Local\Temp\NGMResource.dll
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\system32\winlogon.exe => File is digitally signed
- C:\Windows\system32\wininit.exe => File is digitally signed
- C:\Windows\SysWOW64\wininit.exe => File is digitally signed
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\SysWOW64\explorer.exe => File is digitally signed
- C:\Windows\system32\svchost.exe => File is digitally signed
- C:\Windows\SysWOW64\svchost.exe => File is digitally signed
- C:\Windows\system32\services.exe => File is digitally signed
- C:\Windows\system32\User32.dll => File is digitally signed
- C:\Windows\SysWOW64\User32.dll => File is digitally signed
- C:\Windows\system32\userinit.exe => File is digitally signed
- C:\Windows\SysWOW64\userinit.exe => File is digitally signed
- C:\Windows\system32\rpcss.dll => File is digitally signed
- C:\Windows\system32\dnsapi.dll => File is digitally signed
- C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
- C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2015-10-01 15:37
- ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement