Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-01-2015 Ran by Lori (administrator) on LORI-PC (06-01-2016 20:33:56) Running from C:\Users\Lori\Desktop Loaded Profiles: Lori (Available Profiles: Lori & Kevin) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Heimdal Security) C:\Program Files (x86)\Heimdal\Heimdal.ClientHost.exe (ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\SBPIMSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\SBAMTray.exe (Heimdal Security) C:\Program Files (x86)\Heimdal\Heimdal.AgentLoader.exe (Heimdal Security) C:\Program Files (x86)\Heimdal\Heimdal.Agent.exe (ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\SBAMSvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\WebProxy.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [SBAMTray] => C:\Program Files (x86)\VIPRE\SBAMTray.exe [3001312 2015-09-29] (ThreatTrack Security Inc.) HKLM-x32\...\Run: [HeimdalAgentLoader] => C:\Program Files (x86)\Heimdal\Heimdal.AgentLoader.exe [62136 2015-12-14] (Heimdal Security) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3227488530-1666802016-3989171195-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-3227488530-1666802016-3989171195-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [603392 2015-08-26] (NETGEAR Inc.) HKU\S-1-5-21-3227488530-1666802016-3989171195-1001\...\MountPoints2: {b4f47fa1-c0b7-11e1-9f47-806e6f6e6963} - E:\autorun.exe ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\x86\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\x86\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\x86\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\x86\GSTimelineIconOverlay.gtl [2013-08-29] () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\x86\GSTimelineIconOverlay.gtl [2013-08-29] () CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{EE7F0A02-F0BD-448F-825C-F9055569A966}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll [2015-09-29] () BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-08] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\VSGN.dll [2015-09-29] () BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-08] (Oracle Corporation) Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll [2015-09-29] () Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll [2015-09-29] () Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll [2015-09-29] () Handler-x32: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll [2015-09-29] () FireFox: ======== FF ProfilePath: C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\xp2ny4m1.default-1436195675262 FF DefaultSearchEngine.US: Google FF Homepage: hxxp://www.swagbucks.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-14] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-14] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-09-07] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-08] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3227488530-1666802016-3989171195-1001: @nds.com/PlayerPlugin -> C:\Users\Lori\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2012-10-15] (NDS) FF Plugin HKU\S-1-5-21-3227488530-1666802016-3989171195-1001: NDS.com/PlayerPlugin -> C:\Users\Lori\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2012-10-15] (NDS) FF user.js: detected! => C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\xp2ny4m1.default-1436195675262\user.js [2015-07-10] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2012-08-29] (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-24] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-24] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-24] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-24] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-24] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-09-18] (Coupons, Inc.) FF Extension: Adblock Plus Pop-up Addon - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\xp2ny4m1.default-1436195675262\extensions\adblockpopups@jessehakanen.net.xpi [2015-08-16] FF Extension: RivalGaming - C:\Users\Lori\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@rivalgaming.com [2012-08-11] [not signed] FF Extension: Adblock Plus - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\xp2ny4m1.default-1436195675262\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: No Name - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-11-26] [not signed] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) S4 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS) R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413736 2015-09-18] (Coupons.com Inc.) S4 ENAgent; C:\windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION) S4 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed] R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) S4 GenieTimelineService; C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [673856 2014-06-18] (Genie9) R2 Heimdal Client Host; C:\Program Files (x86)\Heimdal\Heimdal.ClientHost.exe [80568 2015-12-14] (Heimdal Security) S2 Heimdal SecureDNS; C:\Program Files (x86)\Heimdal\Heimdal.SecureDNS.exe [64184 2015-12-14] (Heimdal Security) S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-08-26] (NETGEAR) R2 SBAMSvc; C:\Program Files (x86)\VIPRE\SBAMSvc.exe [4337696 2015-09-29] (ThreatTrack Security Inc.) R2 SBPIMSvc; C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [212448 2015-09-29] (ThreatTrack Security Inc.) R3 WebProxy; C:\Program Files (x86)\VIPRE\WebProxy.exe [6339552 2015-09-29] (ThreatTrack Security Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 Adobe Licensing Console; %SystemRoot%\SysWOW64\lnsecsl.exe [X] <==== ATTENTION ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch) R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [40584 2015-08-27] (ThreatTrack Security) S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security) S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [32512 2014-07-23] () R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-12-10] (CACE Technologies, Inc.) R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [90464 2015-09-29] (ThreatTrack Security Inc.) S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [63696 2015-09-29] (ThreatTrack Security) R1 sbwfw; C:\Windows\System32\DRIVERS\sbwfw.sys [345392 2015-09-29] (ThreatTrack Security) R3 sbwtis; C:\Windows\System32\DRIVERS\sbwtis.sys [95608 2015-09-29] (ThreatTrack Security) R2 WebExaminer; C:\windows\system32\Drivers\WebExaminer64.sys [34392 2015-09-29] (ThreatTrack Security Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-06 20:33 - 2016-01-06 20:34 - 00015557 _____ C:\Users\Lori\Desktop\FRST.txt 2016-01-06 20:33 - 2016-01-06 20:33 - 00000000 ___DC C:\FRST 2016-01-06 20:32 - 2016-01-06 20:30 - 02370560 _____ (Farbar) C:\Users\Lori\Desktop\FRST64.exe 2016-01-06 20:32 - 2016-01-06 20:26 - 01721856 _____ (Farbar) C:\Users\Lori\Desktop\FRST.exe 2015-12-30 23:12 - 2015-12-30 23:12 - 00001738 _____ C:\windows\SysWOW64\EmailAVConfig.xml 2015-12-30 13:26 - 2015-12-30 13:27 - 112568608 _____ C:\Users\Lori\Downloads\epson14494.exe 2015-12-30 08:32 - 2015-12-30 08:32 - 06150072 _____ C:\Users\Lori\Downloads\epson16912.exe 2015-12-30 08:31 - 2015-12-30 08:32 - 10483640 _____ C:\Users\Lori\Downloads\epson16765.exe 2015-12-29 21:06 - 2015-12-29 21:06 - 00000000 ___DC C:\Program Files\Mozilla Firefox 2015-12-29 21:05 - 2015-12-29 21:05 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-29 21:05 - 2015-12-29 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-29 21:04 - 2016-01-06 20:15 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-29 21:04 - 2016-01-06 20:11 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-29 21:04 - 2015-12-29 21:09 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-29 21:04 - 2015-12-29 21:09 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-29 21:01 - 2016-01-06 20:10 - 00000000 ____D C:\Users\Public\Documents\Heimdal Security 2015-12-29 20:58 - 2015-12-29 20:58 - 16422912 _____ C:\Users\Lori\Downloads\Heimdal(1).msi 2015-12-29 17:55 - 2015-12-29 17:55 - 00000000 ___DC C:\FixMeStick 2015-12-29 15:53 - 2015-12-29 15:53 - 00000000 ___DC C:\FixMeStick Quarantine 2015-12-29 15:24 - 2015-12-29 21:01 - 00000000 ____D C:\Program Files (x86)\Heimdal 2015-12-29 15:23 - 2015-12-29 21:01 - 00000000 ____D C:\ProgramData\Heimdal Security 2015-12-29 15:22 - 2015-12-29 15:23 - 16422912 _____ C:\Users\Lori\Downloads\Heimdal.msi 2015-12-26 15:47 - 2015-12-26 15:47 - 00003120 _____ C:\windows\System32\Tasks\{4283809D-B8EA-446C-A2B1-D0363064B4EC} 2015-12-13 08:49 - 2015-12-13 09:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-12-13 08:49 - 2015-12-13 08:49 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-13 08:48 - 2015-12-13 08:48 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys 2015-12-09 08:17 - 2015-11-20 13:54 - 03170304 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 02609152 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 00709632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-12-09 08:17 - 2015-11-20 13:54 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-12-09 08:17 - 2015-11-20 13:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-12-09 08:17 - 2015-11-20 13:54 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-12-09 08:17 - 2015-11-20 13:34 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2015-12-09 08:17 - 2015-11-20 13:34 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2015-12-09 08:17 - 2015-11-20 13:34 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2015-12-09 08:17 - 2015-11-20 13:34 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2015-12-09 08:17 - 2015-11-20 13:33 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2015-12-09 08:17 - 2015-11-05 14:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2015-12-09 08:17 - 2015-11-05 14:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll 2015-12-09 08:17 - 2015-11-03 14:04 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll 2015-12-09 08:17 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll 2015-12-09 08:16 - 2015-11-11 16:12 - 00387792 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-12-09 08:16 - 2015-11-11 15:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-12-09 08:16 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll 2015-12-09 08:16 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll 2015-12-09 08:16 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll 2015-12-09 08:16 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll 2015-12-09 08:16 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-12-09 08:16 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-12-09 08:16 - 2015-11-11 10:44 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-12-09 08:16 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-12-09 08:16 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-12-09 08:16 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-12-09 08:16 - 2015-11-11 09:57 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-12-09 08:16 - 2015-11-10 13:55 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll 2015-12-09 08:16 - 2015-11-10 13:55 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll 2015-12-09 08:16 - 2015-11-10 13:55 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\user32.dll 2015-12-09 08:16 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll 2015-12-09 08:16 - 2015-11-10 13:37 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll 2015-12-09 08:16 - 2015-11-10 12:47 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-12-09 08:16 - 2015-11-09 19:24 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-12-09 08:16 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-12-09 08:16 - 2015-11-09 19:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-12-09 08:16 - 2015-11-09 19:12 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-12-09 08:16 - 2015-11-09 19:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-12-09 08:16 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-12-09 08:16 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-12-09 08:16 - 2015-11-09 19:06 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-12-09 08:16 - 2015-11-09 19:06 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-12-09 08:16 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-12-09 08:16 - 2015-11-09 19:03 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-12-09 08:16 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-12-09 08:16 - 2015-11-09 19:02 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-12-09 08:16 - 2015-11-09 18:50 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-09 08:16 - 2015-11-09 18:47 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-12-09 08:16 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-12-09 08:16 - 2015-11-09 18:44 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2015-12-09 08:16 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2015-12-09 08:16 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-12-09 08:16 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-12-09 08:16 - 2015-11-09 18:35 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2015-12-09 08:16 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-12-09 08:16 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-12-09 08:16 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-12-09 08:16 - 2015-11-08 17:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-12-09 08:16 - 2015-11-08 17:32 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-12-09 08:16 - 2015-11-08 17:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-12-09 08:16 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-12-09 08:16 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-12-09 08:16 - 2015-11-08 17:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-12-09 08:16 - 2015-11-08 17:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-12-09 08:16 - 2015-11-08 17:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-12-09 08:16 - 2015-11-08 17:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-12-09 08:16 - 2015-11-08 17:06 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-12-09 08:16 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-12-09 08:16 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-12-09 08:16 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-12-09 08:16 - 2015-11-08 17:01 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-12-09 08:16 - 2015-11-08 17:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-12-09 08:16 - 2015-11-08 17:01 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-12-09 08:16 - 2015-11-08 16:52 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-12-09 08:16 - 2015-11-08 16:48 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-12-09 08:16 - 2015-11-08 16:40 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-12-09 08:16 - 2015-11-08 16:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-12-09 08:16 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-12-09 08:16 - 2015-11-08 16:29 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2015-12-09 08:16 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2015-12-09 08:16 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-12-09 08:16 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-12-09 08:16 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-12-09 08:16 - 2015-11-08 16:14 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-12-09 08:16 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-12-09 08:16 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-12-09 08:16 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-12-09 08:16 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-12-09 08:16 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll 2015-12-09 08:16 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll 2015-12-09 08:16 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys 2015-12-09 08:15 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll 2015-12-09 08:15 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll 2015-12-08 09:43 - 2015-12-08 09:42 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2015-12-08 09:42 - 2015-12-08 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-06 20:33 - 2009-07-13 22:20 - 00000000 ____D C:\Windows 2016-01-06 20:24 - 2009-07-13 23:45 - 00018736 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-06 20:24 - 2009-07-13 23:45 - 00018736 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-06 20:19 - 2009-07-13 22:20 - 00000000 ___HD C:\windows\inf 2016-01-06 20:11 - 2015-12-03 19:06 - 00003336 _____ C:\windows\SysWOW64\WebProxyOff.ini 2016-01-06 20:11 - 2015-12-03 19:06 - 00003336 _____ C:\windows\system32\WebProxyOff.ini 2016-01-06 20:09 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-01-01 09:05 - 2015-10-20 05:47 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2016-01-01 08:50 - 2009-07-14 00:13 - 00782470 _____ C:\windows\system32\PerfStringBackup.INI 2015-12-30 13:56 - 2012-08-04 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software 2015-12-30 13:56 - 2012-08-04 08:11 - 00000000 ____D C:\Program Files (x86)\Epson Software 2015-12-30 13:29 - 2012-08-04 07:36 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk 2015-12-30 09:04 - 2013-08-31 10:19 - 00000000 ____D C:\Users\Lori\AppData\Local\ElevatedDiagnostics 2015-12-30 07:19 - 2013-08-29 13:46 - 00328192 ___SH C:\Users\Lori\Downloads\Thumbs.db 2015-12-29 21:46 - 2012-08-11 09:05 - 00000000 ____D C:\Users\Lori\AppData\Local\Google 2015-12-29 21:45 - 2012-08-03 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-29 21:08 - 2012-09-25 07:24 - 00000000 ____D C:\windows\Minidump 2015-12-29 21:06 - 2012-08-03 17:40 - 00000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-12-29 21:06 - 2012-08-03 17:40 - 00000926 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-12-29 21:05 - 2012-02-18 02:37 - 00000000 ____D C:\Program Files (x86)\Google 2015-12-29 10:31 - 2014-10-15 17:15 - 00000000 ____D C:\Users\Lori\AppData\Local\NETGEARGenie 2015-12-29 08:11 - 2015-08-27 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-28 06:58 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\NDF 2015-12-26 15:43 - 2015-06-23 20:46 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-17 22:10 - 2015-04-04 21:49 - 00000000 ____D C:\windows\SysWOW64\GWX 2015-12-17 22:10 - 2015-04-04 21:49 - 00000000 ____D C:\windows\system32\GWX 2015-12-14 07:01 - 2015-10-20 05:47 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-12-14 07:01 - 2012-08-03 20:28 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-12-14 07:01 - 2012-08-03 20:28 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-10 14:39 - 2015-07-05 15:11 - 00281104 _____ (CACE Technologies, Inc.) C:\windows\SysWOW64\wpcap.dll 2015-12-10 14:39 - 2015-07-05 15:11 - 00096784 _____ (CACE Technologies, Inc.) C:\windows\SysWOW64\packet.dll 2015-12-10 14:39 - 2015-07-05 15:11 - 00035344 _____ (CACE Technologies, Inc.) C:\windows\system32\Drivers\npf.sys 2015-12-10 14:39 - 2014-10-15 17:14 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk 2015-12-10 14:39 - 2014-10-15 17:14 - 00002056 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk 2015-12-10 14:39 - 2014-10-15 17:14 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie 2015-12-10 14:39 - 2011-02-11 16:23 - 00369168 _____ (CACE Technologies, Inc.) C:\windows\system32\wpcap.dll 2015-12-10 14:39 - 2011-02-11 16:23 - 00106000 _____ (CACE Technologies, Inc.) C:\windows\system32\packet.dll 2015-12-10 14:19 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache 2015-12-10 06:43 - 2009-07-13 23:45 - 00305104 _____ C:\windows\system32\FNTCACHE.DAT 2015-12-09 22:09 - 2013-03-13 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-09 22:09 - 2013-03-13 21:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-09 22:09 - 2013-03-13 21:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-09 22:06 - 2013-08-14 21:11 - 00000000 ____D C:\windows\system32\MRT 2015-12-09 22:01 - 2012-08-04 05:53 - 140158008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-12-08 09:39 - 2013-10-18 12:18 - 00000000 ____D C:\ProgramData\Oracle 2015-12-08 09:38 - 2012-09-01 06:50 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-08 09:36 - 2015-08-28 05:43 - 00000000 ____D C:\Users\Lori\.oracle_jre_usage 2015-12-08 09:35 - 2015-10-15 10:16 - 00278624 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe ==================== Files in the root of some directories ======= 2013-01-15 13:23 - 2013-03-25 08:52 - 144744570 _____ () C:\Users\Lori\AppData\Roaming\RegBackupiYogi.reg 2013-07-18 06:59 - 2013-12-17 08:29 - 150799244 _____ () C:\Users\Lori\AppData\Roaming\RegBackupPCO.reg 2015-12-13 08:09 - 2015-12-13 08:19 - 0000322 _____ () C:\Users\Lori\AppData\Roaming\SBAMWsc.log 2012-08-03 17:14 - 2013-01-17 07:21 - 0000380 _____ () C:\Users\Lori\AppData\Roaming\sp_data.sys 2014-07-23 09:39 - 2014-07-23 09:39 - 0000046 _____ () C:\Users\Lori\AppData\Roaming\WB.CFG 2013-04-14 11:43 - 2013-08-21 15:46 - 0893239 _____ () C:\Users\Lori\AppData\Local\a.zip 2013-04-14 11:43 - 2013-08-21 15:46 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Lori\AppData\Local\BcsKtYcHW.dll 2014-05-26 05:33 - 2014-05-26 05:33 - 0000017 _____ () C:\Users\Lori\AppData\Local\resmon.resmoncfg 2013-02-13 08:19 - 2013-02-13 08:19 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2012-06-27 19:32 - 2012-06-27 19:33 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2012-06-27 19:31 - 2012-06-27 19:32 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2012-06-27 19:31 - 2012-06-27 19:31 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\SysWOW64\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-12-31 11:08 ==================== End of FRST.txt ============================