Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Chromium virus and win zip virus regenerating
Message
<blockquote data-quote="DomC" data-source="post: 501833" data-attributes="member: 51841"><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016</p><p>Ran by DOM (administrator) on DOM-PC (15-04-2016 11:19:32)</p><p>Running from C:\Users\DOM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0PQ2UNL</p><p>Loaded Profiles: DOM (Available Profiles: DOM)</p><p>Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)</p><p>Internet Explorer Version 8 (Default browser: IE)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials</a></p><p>==================== Processes (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe</p><p>(Microsoft Corporation) C:\Windows\System32\taskmgr.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe</p><p>(Farbar) C:\Users\DOM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0PQ2UNL\FRST64[1].exe</p><p></p><p>==================== Registry (Whitelisted) ===========================</p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p>HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)</p><p>==================== Internet (Whitelisted) ====================</p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.1</p><p>Tcpip\..\Interfaces\{006ED718-483E-48E4-B110-2E797EFC39E0}: [DhcpNameServer] 192.168.1.1</p><p>Internet Explorer:</p><p>==================</p><p>Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p>Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p>Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p>Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p>==================== Services (Whitelisted) ========================</p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p>R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)</p><p>R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)</p><p>S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)</p><p>===================== Drivers (Whitelisted) ==========================</p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p>S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)</p><p>R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)</p><p>R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)</p><p>R3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [411136 2009-06-10] (Conexant Systems, Inc.)</p><p>R3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.)</p><p>==================== NetSvcs (Whitelisted) ===================</p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>==================== One Month Created files and folders ========</p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p>2016-04-15 14:32 - 2016-04-15 10:39 - 00000000 ____D C:\Windows\Panther</p><p>2016-04-15 13:36 - 2016-04-15 13:36 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk</p><p>2016-04-15 13:36 - 2016-04-15 13:36 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk</p><p>2016-04-15 13:34 - 2016-04-15 13:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf</p><p>2016-04-15 11:19 - 2016-04-15 11:19 - 00000000 ____D C:\FRST</p><p>2016-04-15 11:02 - 2016-04-15 11:02 - 00000000 ____D C:\Users\DOM\AppData\Local\ElevatedDiagnostics</p><p>2016-04-15 10:50 - 2016-04-15 10:50 - 00057560 _____ C:\Users\DOM\AppData\Local\GDIPFONTCACHEV1.DAT</p><p>2016-04-15 10:50 - 2016-04-15 10:50 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk</p><p>2016-04-15 10:50 - 2016-04-15 10:50 - 00001945 _____ C:\Windows\epplauncher.mif</p><p>2016-04-15 10:50 - 2016-04-15 10:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client</p><p>2016-04-15 10:49 - 2016-04-15 10:50 - 00000000 ____D C:\Program Files\Microsoft Security Client</p><p>2016-04-15 10:40 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll</p><p>2016-04-15 10:40 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe</p><p>2016-04-15 10:40 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll</p><p>2016-04-15 10:40 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll</p><p>2016-04-15 10:40 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll</p><p>2016-04-15 10:40 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll</p><p>2016-04-15 10:40 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe</p><p>2016-04-15 10:40 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00001447 _____ C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00001413 _____ C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00000020 ___SH C:\Users\DOM\ntuser.ini</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\My Documents</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\Documents\My Videos</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\Documents\My Pictures</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\Documents\My Music</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 ____D C:\Users\DOM\AppData\Local\VirtualStore</p><p>2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 ____D C:\Users\DOM</p><p>2016-04-15 10:39 - 2011-04-12 04:28 - 00000000 ____D C:\Users\DOM\AppData\Roaming\Media Center Programs</p><p>==================== One Month Modified files and folders ========</p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p>2016-04-15 14:32 - 2009-07-14 01:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template</p><p>2016-04-15 13:38 - 2009-07-14 00:45 - 00019472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2016-04-15 13:38 - 2009-07-14 00:45 - 00019472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2016-04-15 13:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache</p><p>2016-04-15 13:37 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT</p><p>2016-04-15 13:37 - 2009-07-14 00:45 - 00274320 _____ C:\Windows\system32\FNTCACHE.DAT</p><p>2016-04-15 13:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sysprep</p><p>2016-04-15 13:33 - 2011-04-12 04:28 - 00000000 ____D C:\Windows\CSC</p><p>2016-04-15 10:42 - 2009-07-14 01:13 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI</p><p>2016-04-15 10:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf</p><p>2016-04-15 10:40 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries</p><p>==================== Bamital & volsnap =================</p><p>(There is no automatic fix for files that do not pass verification.)</p><p>C:\Windows\system32\winlogon.exe => File is digitally signed</p><p>C:\Windows\system32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\system32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\system32\services.exe => File is digitally signed</p><p>C:\Windows\system32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\system32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\system32\rpcss.dll => File is digitally signed</p><p>C:\Windows\system32\dnsapi.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed</p><p>C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p>LastRegBack: 2016-04-15 13:33</p><p>==================== End of FRST.txt ============================</p></blockquote><p></p>
[QUOTE="DomC, post: 501833, member: 51841"] Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016 Ran by DOM (administrator) on DOM-PC (15-04-2016 11:19:32) Running from C:\Users\DOM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0PQ2UNL Loaded Profiles: DOM (Available Profiles: DOM) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Farbar) C:\Users\DOM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T0PQ2UNL\FRST64[1].exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{006ED718-483E-48E4-B110-2E797EFC39E0}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation) R3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [411136 2009-06-10] (Conexant Systems, Inc.) R3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-15 14:32 - 2016-04-15 10:39 - 00000000 ____D C:\Windows\Panther 2016-04-15 13:36 - 2016-04-15 13:36 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-04-15 13:36 - 2016-04-15 13:36 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-04-15 13:34 - 2016-04-15 13:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2016-04-15 11:19 - 2016-04-15 11:19 - 00000000 ____D C:\FRST 2016-04-15 11:02 - 2016-04-15 11:02 - 00000000 ____D C:\Users\DOM\AppData\Local\ElevatedDiagnostics 2016-04-15 10:50 - 2016-04-15 10:50 - 00057560 _____ C:\Users\DOM\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-15 10:50 - 2016-04-15 10:50 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2016-04-15 10:50 - 2016-04-15 10:50 - 00001945 _____ C:\Windows\epplauncher.mif 2016-04-15 10:50 - 2016-04-15 10:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2016-04-15 10:49 - 2016-04-15 10:50 - 00000000 ____D C:\Program Files\Microsoft Security Client 2016-04-15 10:40 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-04-15 10:40 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-04-15 10:40 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-04-15 10:40 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-04-15 10:40 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-04-15 10:40 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-04-15 10:40 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-04-15 10:40 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-04-15 10:39 - 2016-04-15 10:39 - 00001447 _____ C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-15 10:39 - 2016-04-15 10:39 - 00001413 _____ C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2016-04-15 10:39 - 2016-04-15 10:39 - 00000020 ___SH C:\Users\DOM\ntuser.ini 2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\My Documents 2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\Documents\My Videos 2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\Documents\My Pictures 2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 _SHDL C:\Users\DOM\Documents\My Music 2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 ____D C:\Users\DOM\AppData\Local\VirtualStore 2016-04-15 10:39 - 2016-04-15 10:39 - 00000000 ____D C:\Users\DOM 2016-04-15 10:39 - 2011-04-12 04:28 - 00000000 ____D C:\Users\DOM\AppData\Roaming\Media Center Programs ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-04-15 14:32 - 2009-07-14 01:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template 2016-04-15 13:38 - 2009-07-14 00:45 - 00019472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-15 13:38 - 2009-07-14 00:45 - 00019472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-15 13:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2016-04-15 13:37 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-15 13:37 - 2009-07-14 00:45 - 00274320 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-15 13:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sysprep 2016-04-15 13:33 - 2011-04-12 04:28 - 00000000 ____D C:\Windows\CSC 2016-04-15 10:42 - 2009-07-14 01:13 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-15 10:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf 2016-04-15 10:40 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-15 13:33 ==================== End of FRST.txt ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top
