Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01 Ran by admin (administrator) on STARNET on 20-02-2015 16:23:17 Running from C:\ Loaded Profiles: admin (Available profiles: admin) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\psksvc.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\TPSrv.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\WebProxy.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\ApVxdWin.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (Speedbit Ltd.) C:\Program Files\DAP\DAP.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Google Inc) C:\Program Files\Google\Google Input Tools\GoogleInputService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Google Inc.) C:\Program Files\Google\Google Input Tools\GoogleInputHandler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\PsCtrlS.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\PavFnSvr.exe (Panda Security, S.L.) C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\pavsrvx86.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\AVENGINE.EXE (Panda Security International) C:\Program Files\Panda Security\Panda Global Protection 2012\FIREWALL\PSHost.exe (Panda Security S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\PsImSvc.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\SrvLoad.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\PavBckPT.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Panda Security S.L.) C:\Program Files\Panda Security\Panda Global Protection 2012\avciman.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6336216 2013-10-22] (Realtek Semiconductor) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] () HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Aimersoft\Video Converter Ultimate\DelayPluginI.exe HKLM\...\Run: [APVXDWIN] => C:\Program Files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE [1000768 2011-04-13] (Panda Security, S.L.) HKLM\...\Run: [SCANINICIO] => C:\Program Files\Panda Security\Panda Global Protection 2012\Inicio.exe [70464 2011-02-02] (Panda Security, S.L.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation) Winlogon\Notify\avldr: C:\Windows\SYSTEM32\avldr.dll (On-Access Anti-Malware Scanner Sync) HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\...\Run: [GUSDelayStartup] => C:\Program Files\Glarysoft\Quick Startup\StartupManager.exe [37152 2014-10-28] (Glarysoft Ltd) HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\...\Run: [DownloadAccelerator] => C:\Program Files\DAP\DAP.EXE [4242064 2014-11-01] (Speedbit Ltd.) HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\...\Policies\Explorer: [] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:56269;https=127.0.0.1:56269 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.in/ HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-in/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2014716590-1605404776-2240317387-1000 -> {022DAB70-8BF0-4260-A0F6-497C9ACD2727} URL = https://in.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=523482&p={searchTerms} SearchScopes: HKU\S-1-5-21-2014716590-1605404776-2240317387-1000 -> {9FAA0885-368E-496D-ADE2-A031DFC6A572} URL = https://in.search.yahoo.com/search?fr=mcafee&type=B010IN0D20141112&p={SearchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKU\S-1-5-21-2014716590-1605404776-2240317387-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler: WSAMVCUchrome - {086BD280-4613-43B5 - No File Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0D10250A-45A1-4EE4-B82C-6208494131BE}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3iouwe66.default FF DefaultSearchEngine: Ad-Aware SecureSearch FF SearchEngineOrder.1: Secure Search FF SelectedSearchEngine: Ad-Aware SecureSearch FF Homepage: https://www.google.co.in/ FF Keyword.URL: https://in.search.yahoo.com/search?fr=mcafee&type=B110IN0D20141112&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: copylinkurlbluelightdevcom - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3iouwe66.default\Extensions\copylinkurl@bluelightdev.com [2015-02-03] FF Extension: 1-Click YouTube Video Downloader - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3iouwe66.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-11-04] FF Extension: Easy Youtube Video Downloader Express - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3iouwe66.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-11-17] FF Extension: Download YouTube Videos as MP4 - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\3iouwe66.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-11-04] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-28] FF HKLM\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files\DAP\daplinkchecker FF Extension: DAP Link Checker - C:\Program Files\DAP\daplinkchecker [2014-11-01] FF HKLM\...\Firefox\Extensions: [AMVCU@Aimersoft.com] - C:\ProgramData\Aimersoft\Video Converter Ultimate\AMVCU@Aimersoft.com FF HKU\S-1-5-21-2014716590-1605404776-2240317387-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files\DAP\DAPFireFox [2014-11-01] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-31] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11] CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11] CHR Extension: (fdpohaocaechififmbbbbbknoalclacl) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2015-02-03] CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2015-02-17] CHR Extension: (New Tab Aid) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jncebfkpboiagfoihpgjknfkkkpaphjk [2014-12-14] CHR Extension: (Skype Click to Call) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-11-07] CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-29] CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11] CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx [2014-11-01] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2014-01-29] (Intel Corporation) S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-12-22] (Flexera Software LLC) R2 GoogleInputService; C:\Program Files\Google\Google Input Tools\GoogleInputService.exe [164888 2014-11-13] (Google Inc) R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation) R2 Panda Software Controller; C:\Program Files\Panda Security\Panda Global Protection 2012\PsCtrls.exe [173312 2009-08-10] (Panda Security, S.L.) R2 PAVFNSVR; C:\Program Files\Panda Security\Panda Global Protection 2012\PavFnSvr.exe [202016 2012-10-17] (Panda Security, S.L.) R2 PavPrSrv; C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe [62768 2008-02-04] (Panda Security, S.L.) R2 PAVSRV; C:\Program Files\Panda Security\Panda Global Protection 2012\pavsrvx86.exe [314176 2010-06-04] (Panda Security, S.L.) R2 PSHost; c:\program files\panda security\panda global protection 2012\firewall\PSHOST.EXE [226560 2009-11-26] (Panda Security International) R2 PSIMSVC; C:\Program Files\Panda Security\Panda Global Protection 2012\PsImSvc.exe [108288 2008-06-19] (Panda Security S.L.) R2 PskSvcRetail; C:\Program Files\Panda Security\Panda Global Protection 2012\PskSvc.exe [28992 2010-08-16] (Panda Security, S.L.) R2 TPSrv; C:\Program Files\Panda Security\Panda Global Protection 2012\TPSrv.exe [156960 2012-11-16] (Panda Security, S.L.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AmFSM; C:\Windows\System32\DRIVERS\amm8660.sys [54344 2010-05-21] (Panda Security, S.L.) R2 APPFLT; C:\Windows\system32\Drivers\APPFLT.SYS [83528 2011-01-31] (Panda Security, S.L.) R2 ComFiltr; C:\Windows\system32\DRIVERS\COMFiltr.sys [13880 2015-02-08] () S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-10-12] (Samsung Electronics Co., Ltd.) [File not signed] R2 DSAFLT; C:\Windows\system32\Drivers\DSAFLT.SYS [53256 2009-09-25] (Panda Security, S.L.) R2 FNETMON; C:\Windows\system32\Drivers\fnetmon.SYS [22024 2009-09-25] (Panda Security, S.L.) R1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [17472 2014-12-21] (Glarysoft Ltd) R2 IDSFLT; C:\Windows\system32\Drivers\IDSFLT.SYS [193864 2010-09-09] (Panda Security, S.L.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-20] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation) R2 NETFLTDI; C:\Windows\system32\Drivers\NETFLTDI.SYS [159112 2009-09-25] (Panda Security, S.L.) R3 NETIMFLT01060044; C:\Windows\System32\DRIVERS\neti1644.sys [201032 2010-09-01] (Panda Security, S.L.) R0 pavboot; C:\Windows\System32\Drivers\pavboot.sys [26696 2010-06-22] (Panda Security, S.L.) R2 PavProc; C:\Windows\system32\DRIVERS\PavProc.sys [163848 2010-05-06] (Panda Security, S.L.) R1 ShldDrv; C:\Windows\System32\DRIVERS\ShlDrv51.sys [37448 2011-02-21] (Panda Security, S.L.) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-10] (Samsung Electronics) [File not signed] R2 WNMFLT; C:\Windows\system32\Drivers\WNMFLT.SYS [46856 2009-09-25] (Panda Security, S.L.) R3 AvFlt; \SystemRoot\system32\drivers\av5flt.sys [X] S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X] R3 PavSRK.sys; \??\C:\Windows\system32\PavSRK.sys [X] R3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-20 16:23 - 2015-02-20 16:23 - 00019251 _____ () C:\FRST.txt 2015-02-20 16:22 - 2015-02-20 16:22 - 00000000 ____D () C:\FRST-OlderVersion 2015-02-18 16:21 - 2015-02-18 16:21 - 00448512 _____ (OldTimer Tools) C:\TFC.exe 2015-02-18 14:03 - 2015-02-18 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracking Cookies Removal Tool 2015-02-18 14:03 - 2015-02-18 14:03 - 00000000 ____D () C:\Program Files\Security Stronghold 2015-02-18 14:01 - 2015-02-18 14:02 - 01586248 _____ (Security Stronghold ) C:\Users\admin\Downloads\TrackingCookiesRemovalTool.exe 2015-02-17 16:44 - 2015-02-18 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-02-17 16:44 - 2015-02-17 16:44 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-02-17 16:44 - 2015-02-17 16:43 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-02-17 16:43 - 2015-02-17 16:43 - 00000000 ____D () C:\Program Files\Java 2015-02-17 16:40 - 2015-02-17 16:40 - 00000000 ____D () C:\Windows\Sun 2015-02-17 16:38 - 2015-02-17 16:38 - 00000000 ____D () C:\ProgramData\Sun 2015-02-17 16:37 - 2015-02-17 16:44 - 00000000 ____D () C:\ProgramData\Oracle 2015-02-17 14:49 - 2015-02-17 14:50 - 00024779 _____ () C:\Addition.txt 2015-02-17 12:18 - 2015-02-17 12:19 - 00036182 _____ () C:\assambirthcert.php.dap 2015-02-17 12:08 - 2015-02-20 16:23 - 00000000 ____D () C:\FRST 2015-02-17 11:55 - 2015-02-20 16:22 - 01126400 _____ (Farbar) C:\FRST.exe 2015-02-17 11:53 - 2015-02-17 11:54 - 02112512 _____ () C:\AdwCleaner.exe 2015-02-16 20:08 - 2015-02-16 20:08 - 01153474 _____ () C:\OTL.Txt 2015-02-16 19:17 - 2015-02-16 19:17 - 00602112 _____ (OldTimer Tools) C:\OTL.exe 2015-02-12 18:13 - 2015-02-12 18:13 - 00000049 _____ () C:\Windows\NeroDigital.ini 2015-02-12 17:57 - 2015-02-12 18:00 - 24102168 _____ (DVDVideoSoft Ltd. ) C:\Users\admin\Downloads\FreeAVIVideoConverter.exe 2015-02-12 16:41 - 2015-02-12 16:41 - 00000000 ____D () C:\Users\admin\AppData\Local\Aiseesoft Studio 2015-02-12 16:11 - 2015-02-12 16:40 - 29844904 _____ (Aiseesoft Studio ) C:\Users\admin\Downloads\total-video-converter.exe 2015-02-12 15:50 - 2015-02-12 15:50 - 00000000 ____D () C:\Program Files\Apowersoft 2015-02-12 13:15 - 2015-02-12 13:19 - 18876168 _____ (APOWERSOFT LIMITED ) C:\Users\admin\Downloads\video-converter-studio.exe 2015-02-12 09:17 - 2015-02-18 17:02 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA% 2015-02-11 17:35 - 2015-02-19 20:46 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashDumps 2015-02-11 11:30 - 2015-02-18 17:05 - 00000000 ____D () C:\ProgramData\RogueKiller 2015-02-11 11:30 - 2015-02-15 16:13 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2015-02-11 10:51 - 2015-02-11 10:48 - 01990720 _____ () C:\MGtools.exe 2015-02-11 10:51 - 2015-02-11 10:47 - 10288040 _____ (SurfRight B.V.) C:\HitmanPro.exe 2015-02-11 10:50 - 2015-02-11 10:44 - 04197016 _____ (Kaspersky Lab ZAO) C:\tdsskiller.exe 2015-02-11 10:50 - 2015-02-11 10:41 - 15431256 _____ () C:\RogueKiller.exe 2015-02-10 14:08 - 2015-02-19 20:18 - 00000375 _____ () C:\Users\admin\Desktop\New Text Document.txt 2015-02-09 19:45 - 2015-02-17 12:01 - 00000000 ____D () C:\AdwCleaner 2015-02-09 19:39 - 2015-02-09 19:39 - 00005056 _____ () C:\Windows\system32\LavasoftTcpService.ini 2015-02-09 19:39 - 2015-02-09 19:39 - 00002752 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini 2015-02-09 19:39 - 2015-02-09 19:39 - 00000000 ____D () C:\Users\admin\AppData\Roaming\LavasoftStatistics 2015-02-09 19:39 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll 2015-02-08 13:43 - 2015-02-20 10:35 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg.bck 2015-02-08 13:43 - 2015-02-20 10:35 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg 2015-02-08 13:43 - 2015-02-20 10:35 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg.bck 2015-02-08 13:43 - 2015-02-20 10:35 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg 2015-02-08 13:43 - 2015-02-19 21:22 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt.bck 2015-02-08 13:43 - 2015-02-19 21:22 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt 2015-02-08 13:42 - 2015-02-20 10:35 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg.bck 2015-02-08 13:42 - 2015-02-20 10:35 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg 2015-02-08 13:41 - 2015-02-20 15:40 - 00000120 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg.bck 2015-02-08 13:41 - 2015-02-20 15:40 - 00000120 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg 2015-02-08 13:41 - 2015-02-20 10:35 - 00000072 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt.bck 2015-02-08 13:41 - 2015-02-20 10:35 - 00000072 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt 2015-02-08 13:41 - 2015-02-20 10:35 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg.bck 2015-02-08 13:41 - 2015-02-20 10:35 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg 2015-02-08 13:32 - 2015-02-18 17:02 - 00000000 ____D () C:\Users\admin\AppData\Roaming\wnjvvsvc 2015-02-08 13:23 - 2015-02-08 13:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Panda Security 2015-02-08 13:21 - 2015-02-20 16:23 - 00251496 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT.bck 2015-02-08 13:21 - 2015-02-20 16:23 - 00251496 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT 2015-02-08 13:21 - 2015-02-20 10:35 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls.bck 2015-02-08 13:21 - 2015-02-20 10:35 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls 2015-02-08 13:21 - 2015-02-20 10:35 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG.bck 2015-02-08 13:21 - 2015-02-20 10:35 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG 2015-02-08 13:21 - 2015-02-08 13:21 - 00013880 _____ () C:\Windows\system32\Drivers\COMFiltr.sys 2015-02-08 13:21 - 2015-02-08 13:21 - 00000262 _____ () C:\Windows\system32\PavCPL.dat 2015-02-08 13:21 - 2011-01-31 16:41 - 00083528 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\APPFLT.SYS 2015-02-08 13:21 - 2010-09-09 16:23 - 00193864 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\idsflt.sys 2015-02-08 13:21 - 2009-09-25 14:54 - 00159112 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NETFLTDI.SYS 2015-02-08 13:21 - 2009-09-25 14:54 - 00053256 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\dsaflt.sys 2015-02-08 13:21 - 2009-09-25 14:54 - 00046856 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\wnmflt.sys 2015-02-08 13:21 - 2009-09-25 14:54 - 00022024 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\fnetmon.sys 2015-02-08 13:20 - 2015-02-18 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Global Protection 2012 2015-02-08 13:20 - 2015-02-08 13:20 - 00000000 ____D () C:\Windows\system32\PAV 2015-02-08 13:20 - 2015-02-08 13:20 - 00000000 ____D () C:\Program Files\Common Files\Panda Security 2015-02-08 13:20 - 2012-11-16 15:38 - 00518432 _____ (Panda Security, S.L.) C:\Windows\system32\PavSHook.dll 2015-02-08 13:20 - 2012-05-17 19:12 - 00087328 _____ (Panda Security, S.L.) C:\Windows\system32\PavLspHook.dll 2015-02-08 13:20 - 2011-02-21 14:38 - 00037448 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\ShlDrv51.sys 2015-02-08 13:20 - 2010-09-01 11:09 - 00201032 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\neti1644.sys 2015-02-08 13:20 - 2010-06-22 18:13 - 00026696 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\pavboot.sys 2015-02-08 13:20 - 2010-06-21 17:02 - 00193344 _____ (Panda Security, S.L.) C:\Windows\system32\TpUtil.dll 2015-02-08 13:20 - 2010-06-21 17:01 - 00055616 _____ (Panda Security, S.L.) C:\Windows\system32\pavipc.dll 2015-02-08 13:20 - 2010-05-21 13:50 - 00054344 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\amm8660.sys 2015-02-08 13:20 - 2010-05-06 17:11 - 00163848 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PavProc.sys 2015-02-08 13:20 - 2010-03-24 12:55 - 00055552 _____ (On-Access Anti-Malware Scanner Sync) C:\Windows\system32\avldr.dll 2015-02-08 13:20 - 2007-03-15 19:38 - 00054832 _____ (Panda Software) C:\Windows\system32\pavcpl.cpl 2015-02-08 13:20 - 2007-02-08 10:53 - 00107568 _____ (Panda Software) C:\Windows\system32\SYSTOOLS.DLL 2015-02-08 13:20 - 2003-10-22 18:23 - 00446464 _____ (eHelp Corporation.) C:\Windows\system32\HHActiveX.dll 2015-02-05 12:17 - 2015-02-18 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supersoft PROPHET7 2015-02-05 12:17 - 2015-02-05 12:17 - 00000959 _____ () C:\Users\Public\Desktop\PROPHET 7.lnk 2015-02-05 12:17 - 2000-05-22 00:00 - 01066176 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX 2015-02-05 12:17 - 2000-05-22 00:00 - 00203976 _____ (Microsoft Corporation) C:\Windows\system32\RICHTX32.OCX 2015-02-05 12:17 - 2000-02-17 22:26 - 00073184 _____ () C:\Windows\system32\DAO2535.TLB 2015-02-05 12:17 - 1999-01-22 06:04 - 00305424 _____ (Microsoft Corporation) C:\Windows\system32\MSADCE.DLL 2015-02-05 12:17 - 1999-01-22 06:04 - 00122640 _____ (Microsoft Corporation) C:\Windows\system32\MSDAPS.DLL 2015-02-05 12:17 - 1999-01-22 06:04 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\MSADCER.DLL 2015-02-05 12:17 - 1999-01-18 00:00 - 00048528 _____ () C:\Windows\system32\MSADO20.TLB 2015-02-05 12:17 - 1998-06-18 00:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Vb6stkit.dll 2015-02-05 12:17 - 1998-04-27 00:00 - 00570128 _____ (Microsoft Corporation) C:\Windows\system32\DAO350.DLL 2015-02-05 12:17 - 1997-01-16 00:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Vb5stkit.dll 2015-01-31 17:47 - 2015-02-20 15:40 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-31 17:47 - 2015-01-31 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-01-31 17:47 - 2015-01-31 17:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-01-31 17:47 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-31 17:47 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-31 17:47 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-31 17:14 - 2015-02-18 17:05 - 00000000 ____D () C:\Program Files\Panda Security 2015-01-31 17:14 - 2015-02-08 13:20 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Panda Security 2015-01-31 14:36 - 2015-01-31 14:36 - 00613057 _____ (CMI Limited) C:\Users\admin\AppData\Local\nse6969.tmp 2015-01-31 14:21 - 2015-01-31 14:21 - 00000000 ____D () C:\ProgramData\AMMYY 2015-01-31 14:11 - 2015-01-31 14:12 - 00000000 ____D () C:\6dc309ea-9ada-4bcc-9274-12998b3c9a8f 2015-01-28 11:50 - 2015-01-28 11:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-25 21:42 - 2015-01-25 21:42 - 00002086 _____ () C:\Users\admin\AppData\Roaming\OJL 2015-01-25 21:42 - 2015-01-25 21:42 - 00001248 _____ () C:\Users\admin\AppData\Roaming\IBYEADEV 2015-01-24 15:41 - 2015-02-20 10:33 - 00012374 _____ () C:\Windows\setupact.log 2015-01-24 15:41 - 2015-02-15 17:08 - 00138934 _____ () C:\Windows\PFRO.log 2015-01-24 15:41 - 2015-01-24 15:41 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-23 12:12 - 2015-01-23 12:12 - 00000000 ____D () C:\Users\admin\AppData\Roaming\addpcs ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-20 16:10 - 2014-10-11 13:03 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-20 15:57 - 2014-11-01 12:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-20 15:42 - 2014-10-11 13:06 - 00852270 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-20 15:40 - 2014-12-30 20:26 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype 2015-02-20 12:33 - 2009-07-14 10:04 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-20 12:33 - 2009-07-14 10:04 - 00020672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-20 11:33 - 2014-10-11 13:03 - 01104333 _____ () C:\Windows\WindowsUpdate.log 2015-02-20 10:33 - 2014-11-01 20:53 - 00000000 ____D () C:\ProgramData\TEMP 2015-02-20 10:33 - 2014-10-11 13:03 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-20 10:33 - 2009-07-14 10:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-19 15:44 - 2014-10-11 12:10 - 00008627 _____ () C:\Windows\system32\PAV_FOG.OPC 2015-02-19 14:07 - 2009-07-14 08:07 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-02-19 13:49 - 2014-11-05 11:13 - 00000000 ____D () C:\Users\admin\Documents\Scan 2015-02-18 17:05 - 2014-11-06 12:55 - 00000000 ___RD () C:\Program Files\Skype 2015-02-18 17:05 - 2014-11-04 12:37 - 00000000 ____D () C:\ProgramData\Samsung 2015-02-18 17:02 - 2014-10-28 16:44 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc 2015-02-18 17:02 - 2014-10-09 23:11 - 00000000 ____D () C:\Users\admin 2015-02-18 17:02 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\registration 2015-02-18 17:02 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\AppCompat 2015-02-18 11:03 - 2014-11-21 19:56 - 00086016 ___SH () C:\Users\Public\Thumbs.db 2015-02-17 19:41 - 2014-12-04 14:55 - 00000000 ____D () C:\Program Files\PROPHET7 2015-02-17 19:39 - 2014-12-04 15:04 - 00000546 _____ () C:\Windows\PROPHET6.INI 2015-02-12 15:50 - 2014-12-07 19:26 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Apowersoft 2015-02-11 09:43 - 2014-11-05 10:43 - 00000000 ____D () C:\Panda Software 2015-02-08 13:40 - 2015-01-13 18:17 - 00000000 ____D () C:\Users\admin\AppData\Roaming\lpgggfis 2015-02-08 13:20 - 2014-10-11 11:41 - 00000000 ____D () C:\ProgramData\Panda Security 2015-02-07 20:24 - 2014-12-28 17:15 - 00000000 ____D () C:\Users\Public\Games 2015-02-07 10:05 - 2009-07-14 10:22 - 00000000 ____D () C:\Windows\Performance 2015-02-06 12:13 - 2014-10-11 12:11 - 00128992 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-05 20:54 - 2009-07-14 10:03 - 00409312 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-05 18:57 - 2014-11-01 12:16 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-02-05 18:57 - 2014-11-01 12:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-02-05 18:22 - 2009-07-14 08:07 - 00000000 ___RD () C:\Users\Public 2015-02-05 12:17 - 2014-12-04 14:55 - 00000225 _____ () C:\Windows\ODBCINST.INI 2015-02-03 20:41 - 2014-11-07 19:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\uTorrent 2015-01-31 17:13 - 2014-11-03 13:40 - 00000000 ____D () C:\ProgramData\McAfee 2015-01-31 16:34 - 2014-12-22 18:14 - 00000000 ____D () C:\Users\admin\Documents\Chenga Reddy 2015-01-31 14:19 - 2014-12-22 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-01-31 14:19 - 2014-12-22 16:07 - 00000000 ____D () C:\ProgramData\Autodesk 2015-01-31 14:16 - 2014-11-08 12:07 - 00000000 ____D () C:\wamp 2015-01-29 10:25 - 2014-11-01 20:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-01-24 15:41 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\Branding 2015-01-23 12:12 - 2014-11-04 17:05 - 00000000 ____D () C:\Temp 2015-01-23 11:43 - 2014-11-24 20:07 - 00000000 ____D () C:\Users\admin\Desktop\Delete ==================== Files in the root of some directories ======= 2015-01-25 21:42 - 2015-01-25 21:42 - 0001248 _____ () C:\Users\admin\AppData\Roaming\IBYEADEV 2015-01-25 21:42 - 2015-01-25 21:42 - 0002086 _____ () C:\Users\admin\AppData\Roaming\OJL 2015-01-06 12:58 - 2015-01-06 13:00 - 0000138 _____ () C:\Users\admin\AppData\Roaming\settings.xml 2014-12-27 11:08 - 2014-12-27 11:08 - 0000000 ____H () C:\Users\admin\AppData\Local\BITB200.tmp 2015-01-31 14:36 - 2015-01-31 14:36 - 0613057 _____ (CMI Limited) C:\Users\admin\AppData\Local\nse6969.tmp 2014-12-27 11:03 - 2014-12-27 11:03 - 0000000 _____ () C:\Users\admin\AppData\Local\{85D4A540-4878-4488-8839-B1205E6C8E12} 2014-10-11 13:06 - 2014-10-11 13:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-12-22 16:25 - 2014-12-22 16:25 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Files to move or delete: ==================== C:\Users\Public\AdbeRdr708_en_US.exe C:\Users\Public\avg_free_stb_all_2015_5557_cnet.exe C:\Users\Public\IE11-Windows6.1-x86-en-us.exe C:\Users\Public\mbam-setup-2.0.3.1025.exe C:\Users\Public\mycafecup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-16 15:18 ==================== End Of Log ============================