Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-05-2016 Ran by Vijay (administrator) on GANESHA (04-05-2016 16:44:59) Running from C:\Users\Vijay\Desktop Loaded Profiles: Vijay (Available Profiles: Vijay) Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Spotify Ltd) C:\Users\Vijay\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (WinZip Computing, Inc.) C:\Program Files (x86)\WinZip\WZQKPICK.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.656.0\McCSPServiceHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2900992 2009-08-26] (Realtek Semiconductor Corp.) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [206336 2010-05-20] (Microsoft) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.) HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] () HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1003576 2016-03-31] (McAfee, Inc.) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.) HKU\S-1-5-21-2876064135-1678895350-663458285-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-2876064135-1678895350-663458285-1001\...\Run: [Google Update] => C:\Users\Vijay\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-2876064135-1678895350-663458285-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-2876064135-1678895350-663458285-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2876064135-1678895350-663458285-1001\...\Run: [Spotify Web Helper] => C:\Users\Vijay\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd) HKU\S-1-5-21-2876064135-1678895350-663458285-1001\...\Run: [Spotify] => C:\Users\Vijay\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-28] (Spotify Ltd) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2010-10-16] (Wave Systems Corp.) ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2010-10-16] (Wave Systems Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk [2011-12-01] ShortcutTarget: PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk [2011-03-22] ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{9facc0e0-6d97-4186-aac4-06faa7c4df3a}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2876064135-1678895350-663458285-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2876064135-1678895350-663458285-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2876064135-1678895350-663458285-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=fmtoby&chnl=fmtoby&cd=2XzutAtN2Y1L1Qzu0B0CtAtDyD0B0A0AtCtBtC0Dzy0CtDtCtN0D0TzutBtDtCtBtDyCtBzz&cr=2065889011 SearchScopes: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> DefaultScope {3BADA5DE-07BE-4051-B1A4-B3BE04899A93} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151106&p={searchTerms} SearchScopes: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> {3BADA5DE-07BE-4051-B1A4-B3BE04899A93} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151106&p={searchTerms} SearchScopes: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = SearchScopes: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> {E00A9185-5852-421D-A057-7BC849F0C7F1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AD5&o=APN10090&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^A5G&apn_dtid=^YYYYYY^YY^US&apn_uid=2d012238-25c9-46f0-866f-cffa8f31e690&apn_sauid=B3718281-8B5B-454F-A1D0-D6CD69A74A79 SearchScopes: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> {EF085BB1-6828-4169-8DE5-D1F671E7A1FF} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms} BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll => No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll => No File BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-2876064135-1678895350-663458285-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-20] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-20] (McAfee, Inc.) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-20] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-20] (McAfee, Inc.) Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-03-31] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-31] (McAfee, Inc.) FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-31] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-31] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2876064135-1678895350-663458285-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Vijay\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2876064135-1678895350-663458285-1001: @talk.google.com/O1DPlugin -> C:\Users\Vijay\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2876064135-1678895350-663458285-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Vijay\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.) FF Plugin HKU\S-1-5-21-2876064135-1678895350-663458285-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Vijay\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Vijay\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Vijay\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-04-25] FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension => not found FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi Chrome: ======= CHR StartupUrls: Profile 1 -> "hxxp://www.yahoo.com/" CHR DefaultSearchURL: Profile 1 -> hxxp://search.medianewtabsearch.com/?src=MediaNewTab_ds&q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> keyword.MediaNewTab CHR Profile: C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04] CHR Extension: (Google Docs) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Funmoods) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2015-01-24] CHR Extension: (Google Search) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (MediaNewTab) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ddncgmfehaelaoifpbcjnfcnigflcplp [2016-03-24] CHR Extension: (Google Sheets) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04] CHR Extension: (SiteAdvisor) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-08-16] CHR Extension: (Google Docs Offline) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14] CHR Extension: (AdBlock) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Gmail) - C:\Users\Vijay\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27] CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Vijay\AppData\Local\funmoods-speeddial.crx [2012-06-28] CHR HKLM\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\Vijay\AppData\Local\funmoods.crx CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-21] CHR HKU\S-1-5-21-2876064135-1678895350-663458285-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Vijay\AppData\Local\funmoods-speeddial.crx [2012-06-28] CHR HKU\S-1-5-21-2876064135-1678895350-663458285-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\Vijay\AppData\Local\funmoods.crx CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Vijay\AppData\Local\funmoods-speeddial.crx [2012-06-28] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-21] CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed] S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-04-20] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [889704 2016-03-31] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.656.0\McCSPServiceHost.exe [1709096 2016-03-14] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [718248 2016-03-07] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1037048 2016-03-15] (McAfee, Inc.) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.) S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2117120 2010-11-03] (Wave Systems Corp.) [File not signed] S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1629696 2010-07-13] () [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [1979296 2009-11-16] (Realtek Semiconductor Corp.) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; no ImagePath S3 mfeaack01; \Device\mfeaack01.sys [X] U3 wpcsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-04 16:44 - 2016-05-04 16:45 - 00028951 _____ C:\Users\Vijay\Desktop\FRST.txt 2016-05-04 15:59 - 2016-05-04 15:59 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2016-05-04 11:20 - 2016-05-04 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2016-05-04 08:10 - 2016-05-04 08:10 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse 2016-05-04 07:25 - 2016-05-04 16:44 - 00000000 ____D C:\FRST 2016-05-04 07:25 - 2016-05-04 07:23 - 02377216 _____ (Farbar) C:\Users\Vijay\Desktop\FRST64.exe 2016-04-30 19:30 - 2016-05-04 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-04-30 19:30 - 2016-04-30 19:30 - 00001824 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-04-30 19:29 - 2016-05-04 09:41 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-04-30 19:29 - 2016-04-30 19:29 - 00000000 ____D C:\Program Files\iPod 2016-04-30 19:28 - 2016-05-04 09:41 - 00000000 ____D C:\Program Files\iTunes 2016-04-27 21:02 - 2016-04-27 21:02 - 00000000 ____D C:\ProgramData\Intel Security 2016-04-27 21:01 - 2016-04-27 21:01 - 00000000 ____D C:\Program Files\Common Files\Intel Security 2016-04-25 08:39 - 2016-04-25 08:40 - 00284556 _____ C:\WINDOWS\Minidump\042516-25406-01.dmp 2016-04-25 08:39 - 2016-04-25 08:39 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-22 21:53 - 2016-04-22 21:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple 2016-04-22 21:53 - 2016-04-22 21:53 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-04-22 21:50 - 2016-04-22 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2016-04-12 20:26 - 2016-04-01 22:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-04-12 20:26 - 2016-03-29 05:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-12 20:26 - 2016-03-29 05:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-12 20:26 - 2016-03-29 05:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-04-12 20:26 - 2016-03-29 04:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-12 20:26 - 2016-03-29 03:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-04-12 20:26 - 2016-03-29 03:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-04-12 20:26 - 2016-03-29 03:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-04-12 20:26 - 2016-03-29 03:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-12 20:26 - 2016-03-29 02:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-04-12 20:26 - 2016-03-29 02:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-04-12 20:26 - 2016-03-29 02:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-04-12 20:26 - 2016-03-29 02:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-04-12 20:26 - 2016-03-29 02:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-12 20:26 - 2016-03-29 02:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-04-12 20:26 - 2016-03-29 02:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-04-12 20:26 - 2016-03-29 02:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-04-12 20:26 - 2016-03-29 02:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-12 20:26 - 2016-03-29 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-12 20:26 - 2016-03-29 02:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-04-12 20:26 - 2016-03-29 02:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-04-12 20:26 - 2016-03-29 02:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-12 20:26 - 2016-03-29 02:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-04-12 20:26 - 2016-03-29 01:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-04-12 20:26 - 2016-03-29 01:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-12 20:26 - 2016-03-29 01:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-04-12 20:26 - 2016-03-29 01:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-12 20:26 - 2016-03-29 01:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-12 20:26 - 2016-03-29 01:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-04-12 20:26 - 2016-03-29 01:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-04-12 20:26 - 2016-03-29 01:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-04-12 20:26 - 2016-03-29 01:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-12 20:26 - 2016-03-29 01:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-12 20:26 - 2016-03-29 01:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-12 20:26 - 2016-03-29 01:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-12 20:26 - 2016-03-29 01:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-04-12 20:26 - 2016-03-29 00:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-04-12 20:26 - 2016-03-29 00:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-12 20:26 - 2016-03-29 00:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-04-12 20:26 - 2016-03-29 00:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-12 20:26 - 2016-03-29 00:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-04-12 20:26 - 2016-03-29 00:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-12 20:26 - 2016-03-29 00:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-12 20:26 - 2016-03-29 00:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-12 20:26 - 2016-03-29 00:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-12 20:26 - 2016-03-29 00:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-12 20:26 - 2016-03-29 00:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-04-12 20:26 - 2016-03-29 00:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-12 20:25 - 2016-04-01 23:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-04-12 20:25 - 2016-04-01 23:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2016-04-12 20:25 - 2016-04-01 23:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-04-12 20:25 - 2016-04-01 23:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-12 20:25 - 2016-04-01 22:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-04-12 20:25 - 2016-04-01 22:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-04-12 20:25 - 2016-04-01 22:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-04-12 20:25 - 2016-04-01 22:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2016-04-12 20:25 - 2016-04-01 22:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2016-04-12 20:25 - 2016-04-01 22:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-12 20:25 - 2016-04-01 22:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-04-12 20:25 - 2016-04-01 22:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-04-12 20:25 - 2016-04-01 22:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-04-12 20:25 - 2016-04-01 22:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-04-12 20:25 - 2016-04-01 22:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-04-12 20:25 - 2016-04-01 22:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-04-12 20:25 - 2016-04-01 22:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-12 20:25 - 2016-04-01 22:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-04-12 20:25 - 2016-04-01 22:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-12 20:25 - 2016-04-01 22:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-04-12 20:25 - 2016-04-01 22:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-04-12 20:25 - 2016-03-29 05:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-04-12 20:25 - 2016-03-29 05:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-12 20:25 - 2016-03-29 05:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-12 20:25 - 2016-03-29 05:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-12 20:25 - 2016-03-29 05:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-12 20:25 - 2016-03-29 05:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2016-04-12 20:25 - 2016-03-29 05:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2016-04-12 20:25 - 2016-03-29 05:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-04-12 20:25 - 2016-03-29 05:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-04-12 20:25 - 2016-03-29 05:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-04-12 20:25 - 2016-03-29 04:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-04-12 20:25 - 2016-03-29 04:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-04-12 20:25 - 2016-03-29 04:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-12 20:25 - 2016-03-29 04:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-04-12 20:25 - 2016-03-29 04:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-04-12 20:25 - 2016-03-29 04:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-04-12 20:25 - 2016-03-29 04:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-12 20:25 - 2016-03-29 04:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-04-12 20:25 - 2016-03-29 04:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-04-12 20:25 - 2016-03-29 04:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-12 20:25 - 2016-03-29 04:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-12 20:25 - 2016-03-29 04:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2016-04-12 20:25 - 2016-03-29 04:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll 2016-04-12 20:25 - 2016-03-29 04:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll 2016-04-12 20:25 - 2016-03-29 04:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-04-12 20:25 - 2016-03-29 04:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2016-04-12 20:25 - 2016-03-29 04:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll 2016-04-12 20:25 - 2016-03-29 03:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-12 20:25 - 2016-03-29 03:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-04-12 20:25 - 2016-03-29 03:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-12 20:25 - 2016-03-29 03:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-04-12 20:25 - 2016-03-29 03:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-04-12 20:25 - 2016-03-29 03:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-04-12 20:25 - 2016-03-29 03:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-12 20:25 - 2016-03-29 03:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-12 20:25 - 2016-03-29 03:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-12 20:25 - 2016-03-29 03:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-12 20:25 - 2016-03-29 03:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2016-04-12 20:25 - 2016-03-29 03:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-04-12 20:25 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2016-04-12 20:25 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2016-04-12 20:25 - 2016-03-29 03:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-04-12 20:25 - 2016-03-29 03:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll 2016-04-12 20:25 - 2016-03-29 03:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2016-04-12 20:25 - 2016-03-29 03:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-04-12 20:25 - 2016-03-29 02:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2016-04-12 20:25 - 2016-03-29 02:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-12 20:25 - 2016-03-29 02:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-04-12 20:25 - 2016-03-29 02:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll 2016-04-12 20:25 - 2016-03-29 02:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys 2016-04-12 20:25 - 2016-03-29 02:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2016-04-12 20:25 - 2016-03-29 02:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2016-04-12 20:25 - 2016-03-29 02:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2016-04-12 20:25 - 2016-03-29 02:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-04-12 20:25 - 2016-03-29 02:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2016-04-12 20:25 - 2016-03-29 02:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-04-12 20:25 - 2016-03-29 02:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-04-12 20:25 - 2016-03-29 02:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2016-04-12 20:25 - 2016-03-29 02:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2016-04-12 20:25 - 2016-03-29 02:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-04-12 20:25 - 2016-03-29 02:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2016-04-12 20:25 - 2016-03-29 02:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2016-04-12 20:25 - 2016-03-29 02:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2016-04-12 20:25 - 2016-03-29 02:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-04-12 20:25 - 2016-03-29 02:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-04-12 20:25 - 2016-03-29 02:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-04-12 20:25 - 2016-03-29 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-04-12 20:25 - 2016-03-29 02:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2016-04-12 20:25 - 2016-03-29 02:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2016-04-12 20:25 - 2016-03-29 02:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2016-04-12 20:25 - 2016-03-29 02:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-04-12 20:25 - 2016-03-29 02:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-04-12 20:25 - 2016-03-29 02:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2016-04-12 20:25 - 2016-03-29 02:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2016-04-12 20:25 - 2016-03-29 02:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2016-04-12 20:25 - 2016-03-29 02:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2016-04-12 20:25 - 2016-03-29 02:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-12 20:25 - 2016-03-29 02:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-04-12 20:25 - 2016-03-29 02:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-04-12 20:25 - 2016-03-29 02:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-04-12 20:25 - 2016-03-29 02:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2016-04-12 20:25 - 2016-03-29 02:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-04-12 20:25 - 2016-03-29 02:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-04-12 20:25 - 2016-03-29 02:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2016-04-12 20:25 - 2016-03-29 02:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-12 20:25 - 2016-03-29 02:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-04-12 20:25 - 2016-03-29 02:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2016-04-12 20:25 - 2016-03-29 02:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-12 20:25 - 2016-03-29 02:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-04-12 20:25 - 2016-03-29 02:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2016-04-12 20:25 - 2016-03-29 02:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-04-12 20:25 - 2016-03-29 02:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2016-04-12 20:25 - 2016-03-29 02:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-04-12 20:25 - 2016-03-29 02:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-04-12 20:25 - 2016-03-29 02:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-12 20:25 - 2016-03-29 02:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-04-12 20:25 - 2016-03-29 02:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-04-12 20:25 - 2016-03-29 02:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-04-12 20:25 - 2016-03-29 02:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-04-12 20:25 - 2016-03-29 02:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2016-04-12 20:25 - 2016-03-29 02:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-04-12 20:25 - 2016-03-29 02:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll 2016-04-12 20:25 - 2016-03-29 02:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-04-12 20:25 - 2016-03-29 02:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-04-12 20:25 - 2016-03-29 02:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2016-04-12 20:25 - 2016-03-29 02:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-12 20:25 - 2016-03-29 02:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-04-12 20:25 - 2016-03-29 02:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-04-12 20:25 - 2016-03-29 02:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-12 20:25 - 2016-03-29 02:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-04-12 20:25 - 2016-03-29 02:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-04-12 20:25 - 2016-03-29 02:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-12 20:25 - 2016-03-29 02:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-04-12 20:25 - 2016-03-29 02:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-12 20:25 - 2016-03-29 02:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-04-12 20:25 - 2016-03-29 02:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2016-04-12 20:25 - 2016-03-29 02:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-12 20:25 - 2016-03-29 02:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-04-12 20:25 - 2016-03-29 01:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2016-04-12 20:25 - 2016-03-29 01:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-04-12 20:25 - 2016-03-29 01:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2016-04-12 20:25 - 2016-03-29 01:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-12 20:25 - 2016-03-29 01:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2016-04-12 20:25 - 2016-03-29 01:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-12 20:25 - 2016-03-29 01:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-12 20:25 - 2016-03-29 01:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-12 20:25 - 2016-03-29 01:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-12 20:25 - 2016-03-29 01:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2016-04-12 20:25 - 2016-03-29 01:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-04-12 20:25 - 2016-03-29 01:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-12 20:25 - 2016-03-29 01:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-12 20:25 - 2016-03-29 01:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-04-12 20:25 - 2016-03-29 01:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-12 20:25 - 2016-03-29 01:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-12 20:25 - 2016-03-29 01:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-04-12 20:25 - 2016-03-29 01:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-12 20:25 - 2016-03-29 01:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-04-12 20:25 - 2016-03-29 01:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-04-12 20:25 - 2016-03-29 01:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-04-12 20:25 - 2016-03-29 01:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-04-12 20:25 - 2016-03-29 01:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-12 20:25 - 2016-03-29 01:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-12 20:25 - 2016-03-29 01:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-04-12 20:25 - 2016-03-29 01:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-12 20:25 - 2016-03-29 01:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-04-12 20:25 - 2016-03-29 01:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-12 20:25 - 2016-03-29 01:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-04-12 20:25 - 2016-03-29 01:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-12 20:25 - 2016-03-29 01:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-12 20:25 - 2016-03-29 01:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-04-12 20:25 - 2016-03-29 01:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-04-12 20:25 - 2016-03-29 01:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2016-04-12 20:25 - 2016-03-29 01:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-04-12 20:25 - 2016-03-29 01:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-12 20:25 - 2016-03-29 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-04-12 20:25 - 2016-03-29 01:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-12 20:25 - 2016-03-29 01:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-04-12 20:25 - 2016-03-29 01:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-04-12 20:25 - 2016-03-29 01:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-12 20:25 - 2016-03-29 01:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-12 20:25 - 2016-03-29 01:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-12 20:25 - 2016-03-29 01:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-12 20:25 - 2016-03-29 01:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-04-12 20:25 - 2016-03-29 01:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-04-12 20:25 - 2016-03-29 01:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-04-12 20:25 - 2016-03-29 01:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-12 20:25 - 2016-03-29 01:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-12 20:25 - 2016-03-29 01:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-04-12 20:25 - 2016-03-29 01:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-12 20:25 - 2016-03-29 01:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-04-12 20:25 - 2016-03-29 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-12 20:25 - 2016-03-29 01:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-12 20:25 - 2016-03-29 01:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2016-04-12 20:25 - 2016-03-29 01:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-12 20:25 - 2016-03-29 01:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-04-12 20:25 - 2016-03-29 01:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-12 20:25 - 2016-03-29 00:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-04-12 20:25 - 2016-03-29 00:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-04-12 20:25 - 2016-03-29 00:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2016-04-12 20:25 - 2016-03-29 00:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll 2016-04-12 20:25 - 2016-03-29 00:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-12 20:25 - 2016-03-29 00:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-12 20:25 - 2016-03-29 00:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2016-04-12 20:25 - 2016-03-29 00:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2016-04-12 20:25 - 2016-03-29 00:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2016-04-12 20:25 - 2016-03-29 00:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-12 20:25 - 2016-03-29 00:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2016-04-12 20:25 - 2016-03-29 00:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-12 20:25 - 2016-03-29 00:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-12 20:25 - 2016-03-29 00:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-12 20:25 - 2016-03-29 00:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-12 20:24 - 2016-04-01 22:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-04-12 20:24 - 2016-03-29 03:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-04-12 20:24 - 2016-03-29 03:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2016-04-12 20:24 - 2016-03-29 03:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll 2016-04-12 20:24 - 2016-03-29 03:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-04-12 20:24 - 2016-03-29 02:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-04-12 20:24 - 2016-03-29 02:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-04-12 20:24 - 2016-03-29 02:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-12 20:24 - 2016-03-29 02:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2016-04-12 20:24 - 2016-03-29 02:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-04-12 20:24 - 2016-03-29 02:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-04-12 20:24 - 2016-03-29 02:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-04-12 20:24 - 2016-03-29 02:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-12 20:24 - 2016-03-29 02:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-12 20:24 - 2016-03-29 02:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-12 20:24 - 2016-03-29 02:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-12 20:24 - 2016-03-29 02:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-04-12 20:24 - 2016-03-29 02:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-12 20:24 - 2016-03-29 02:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-12 20:24 - 2016-03-29 02:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-04-12 20:24 - 2016-03-29 01:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-04-12 20:24 - 2016-03-29 01:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-04-12 20:24 - 2016-03-29 01:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-04-12 20:24 - 2016-03-29 01:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-04-12 20:24 - 2016-03-29 01:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-04 16:31 - 2012-03-30 08:06 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-04 16:15 - 2011-08-29 19:10 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-04 16:07 - 2011-05-04 17:54 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2876064135-1678895350-663458285-1001UA.job 2016-05-04 10:09 - 2016-03-13 14:39 - 00000000 ____D C:\Users\Vijay\AppData\Local\Spotify 2016-05-04 10:01 - 2016-03-13 14:39 - 00000000 ____D C:\Users\Vijay\AppData\Roaming\Spotify 2016-05-04 10:00 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-04 09:47 - 2011-08-29 19:10 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-04 09:44 - 2015-12-17 20:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-04 09:43 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-05-04 09:41 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF 2016-05-04 09:41 - 2013-09-07 14:47 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-05-04 09:41 - 2011-11-24 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2016-05-04 09:33 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\registration 2016-05-04 07:04 - 2011-05-04 17:54 - 00000872 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2876064135-1678895350-663458285-1001Core.job 2016-05-04 05:48 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-03 22:47 - 2012-05-19 17:24 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6985788-8FF5-4131-A59E-1DB9D7A06C3B} 2016-05-03 13:31 - 2015-12-17 20:02 - 00007891 _____ C:\WINDOWS\BRRBCOM.INI 2016-05-03 13:27 - 2015-12-17 20:05 - 00006820 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-03 13:14 - 2015-12-17 20:06 - 00000000 ____D C:\Users\Vijay 2016-05-03 13:13 - 2012-04-04 21:12 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-05-03 01:39 - 2015-12-17 20:47 - 00000000 ____D C:\Users\Vijay\AppData\Local\Packages 2016-05-02 15:16 - 2013-09-08 08:49 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-02 04:54 - 2016-01-24 18:44 - 00000000 ____D C:\Users\Vijay\AppData\Local\MicrosoftEdge 2016-04-29 04:23 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-04-29 04:23 - 2011-08-18 21:01 - 00000000 ____D C:\Users\Vijay\AppData\Local\ElevatedDiagnostics 2016-04-27 21:04 - 2011-03-22 11:07 - 00000000 ____D C:\ProgramData\McAfee 2016-04-27 21:03 - 2015-10-30 02:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-04-27 21:03 - 2012-04-04 21:12 - 00000000 ____D C:\Program Files\Common Files\McAfee 2016-04-27 21:02 - 2016-01-07 01:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2016-04-27 21:02 - 2015-09-19 21:43 - 00003122 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2016-04-27 14:05 - 2015-10-30 01:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-04-26 16:59 - 2015-09-07 08:29 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-26 16:58 - 2011-11-24 19:32 - 00000000 ____D C:\Program Files (x86)\Garmin 2016-04-26 16:57 - 2016-02-02 03:35 - 00001965 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2016-04-26 16:57 - 2015-09-07 08:30 - 00003622 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask 2016-04-25 08:39 - 2011-11-25 04:12 - 455391929 _____ C:\WINDOWS\MEMORY.DMP 2016-04-22 22:01 - 2011-09-06 12:16 - 00000000 ____D C:\Users\Vijay\Desktop\Homes 2016-04-22 21:53 - 2013-09-03 20:40 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-04-22 20:59 - 2015-12-17 20:55 - 00002404 _____ C:\Users\Vijay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-22 20:59 - 2015-12-17 20:55 - 00000000 ___RD C:\Users\Vijay\OneDrive 2016-04-14 11:33 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache 2016-04-13 13:06 - 2015-12-17 19:57 - 00474936 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-13 13:01 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-04-13 13:01 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-04-13 13:01 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-04-13 13:01 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-04-13 06:56 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-04-13 06:53 - 2013-07-30 21:49 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-13 06:42 - 2011-03-22 11:56 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-06 13:32 - 2015-10-30 02:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-04-06 13:32 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2012-06-28 01:03 - 2012-06-28 01:03 - 0302425 _____ () C:\Users\Vijay\AppData\Local\funmoods-speeddial.crx 2011-05-12 13:52 - 2011-07-14 15:48 - 0001940 _____ () C:\Users\Vijay\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini 2011-08-30 05:47 - 2011-08-30 05:47 - 0000000 _____ () C:\Users\Vijay\AppData\Local\{D5DB17C1-D4CF-443D-925D-94AF4E345C92} 2016-01-30 11:04 - 2016-01-30 13:24 - 0000639 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Some files in TEMP: ==================== C:\Users\Vijay\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Vijay\AppData\Local\Temp\jre-8u77-windows-au.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-05-01 10:54 ==================== End of FRST.txt ============================