Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016
- Ran by Russell Ison (administrator) on LAPTOP-UCFFLMK3 (15-06-2016 18:48:05)
- Running from C:\Users\Russell Ison\Downloads
- Loaded Profiles: Russell Ison (Available Profiles: Russell Ison)
- Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
- Internet Explorer Version 11 (Default browser: "C:\Users\Russell Ison\AppData\Local\BrowserAir\Application\BrowserAir.exe" -- "%1")
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (AMD) C:\Windows\System32\atiesrxx.exe
- (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
- (Microsoft Corporation) C:\Windows\System32\wlanext.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
- (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
- (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- (Intel Corporation) C:\Windows\System32\ibtsiva.exe
- (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
- (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
- (Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
- (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
- (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
- (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
- () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
- () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
- (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
- (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
- (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
- (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
- (Draughts) C:\Users\Russell Ison\AppData\Roaming\Checkers\Draughts\Draughts.exe
- (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
- (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
- (HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
- (Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
- () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
- (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
- (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
- () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
- (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
- (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
- () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
- (Azureus Software, Inc) C:\Program Files (x86)\Vuze\Azureus.exe
- (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
- () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
- (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe\Music.UI.exe
- (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe\Video.UI.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
- (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
- (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
- (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_76587b40265ca57e\TiWorker.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-05-01] (Realtek Semiconductor)
- HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-11] (HP)
- HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-17] (Trend Micro Inc.)
- HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-17] (Trend Micro Inc.)
- HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
- HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [45672 2015-07-17] (Trend Micro Inc.)
- HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-18] (Hewlett-Packard Development Company, L.P.)
- HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-07] (Advanced Micro Devices, Inc.)
- HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-06-01] (Dropbox, Inc.)
- HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [258600 2016-01-05] (HP)
- HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2313408 2016-04-07] (Adobe Systems Incorporated)
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
- HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2917456 2016-06-10] (Valve Corporation)
- HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [953880 2016-04-07] (BlueStack Systems, Inc.)
- HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-06-13] (SUPERAntiSpyware)
- HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [Draughts] => C:\Users\Russell Ison\AppData\Roaming\Checkers\Draughts\Draughts.exe [1720528 2016-06-12] (Draughts)
- HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\RunOnce: [Uninstall C:\Users\Russell Ison\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Russell Ison\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
- ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
- ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
- ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
- ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
- Startup: C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-13]
- ShortcutTarget: Curse.lnk -> C:\Users\Russell Ison\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
- Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
- Tcpip\..\Interfaces\{be84f586-4053-4b63-8d22-13217b6f8972}: [DhcpNameServer] 10.0.0.138
- ManualProxies:
- Internet Explorer:
- ==================
- HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
- HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
- HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
- HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
- HKU\S-1-5-21-3777230128-999622161-3604897991-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
- HKU\S-1-5-21-3777230128-999622161-3604897991-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
- SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-3777230128-999622161-3604897991-1002 -> DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_c78f2f88_1201_1403_20160612_AU_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
- SearchScopes: HKU\S-1-5-21-3777230128-999622161-3604897991-1002 -> {0D15C510-D9E0-4DFE-7D97-CBF254E243D6} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_06c8c330_1201_1403_20160409_AU_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
- SearchScopes: HKU\S-1-5-21-3777230128-999622161-3604897991-1002 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_c78f2f88_1201_1403_20160612_AU_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
- BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-13] (Microsoft Corporation)
- BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
- BHO: Password Manager BHO -> {782829FB-43A5-4AE0-A14E-590A252E7946} -> C:\Program Files\Trend Micro\TMIDS\bhoDirectPass64.dll [2016-04-21] (Trend Micro Inc.)
- BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
- BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
- BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
- BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-13] (Microsoft Corporation)
- BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
- BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-12] (Oracle Corporation)
- BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
- BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
- BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
- BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
- BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-12] (Oracle Corporation)
- BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
- Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
- Toolbar: HKLM - Password Manager ToolBar - {97EE74D2-C351-4ECE-B75A-8CD36FAE3661} - C:\Program Files\Trend Micro\TMIDS\bhoDirectPass64.dll [2016-04-21] (Trend Micro Inc.)
- Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
- Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
- Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
- Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
- Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
- Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
- Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
- Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
- Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
- Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
- Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
- Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
- Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
- Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
- Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
- FireFox:
- ========
- FF ProfilePath: C:\Users\Russell Ison\AppData\Roaming\Mozilla\Firefox\Profiles\deed8w8o.default-1465884928209
- FF NetworkProxy: "no_proxies_on", "https://localhost, localhost, 127.0.0.1"
- FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-04-07] (Adobe Systems)
- FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
- FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-12] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-12] (Oracle Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-13] (Microsoft Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
- FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
- FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-13] ()
- FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-04-07] (Adobe Systems)
- FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
- FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2016-04-23]
- FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
- FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
- FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-04-23]
- FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
- FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-04-23]
- Chrome:
- =======
- CHR HomePage: Default -> amazon.com/websearch/?ie=UTF8__PARAM__
- CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=g4kzftpbl0cshmoak,f3eaf853-1803-4708-a5b3-ccd29377659e,&vp=ch&prd=set_ch"
- CHR Profile: C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Slides) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-09]
- CHR Extension: (Google Docs) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-09]
- CHR Extension: (Google Drive) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-09]
- CHR Extension: (YouTube) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-09]
- CHR Extension: (Adblock Plus) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-28]
- CHR Extension: (Google Sheets) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-09]
- CHR Extension: (Trend Micro Password Manager) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\fokifklggehlihkifghafpekelcicmgl [2016-04-28]
- CHR Extension: (Google Docs Offline) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-09]
- CHR Extension: (BBC Sherlock) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\kibgjoakhkalcoigpeiaahdkgmpckdbi [2016-04-28]
- CHR Extension: (Skype) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-22]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
- CHR Extension: (Trend Micro Toolbar) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-04-28]
- CHR Extension: (Amazon Smart Search) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebgdicanjhnamfmdlmlbcnkgehkkmf [2016-04-21]
- CHR Extension: (Gmail) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-09]
- CHR HKU\S-1-5-21-3777230128-999622161-3604897991-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
- CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
- S2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-08-07] () [File not signed]
- R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [694464 2016-04-07] (Adobe Systems Incorporated)
- R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
- R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
- R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-07] (Advanced Micro Devices, Inc.) [File not signed]
- S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-07] (BlueStack Systems, Inc.)
- R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-07] (BlueStack Systems, Inc.)
- S2 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-07] (BlueStack Systems, Inc.)
- S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-07] (BlueStack Systems, Inc.)
- R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
- R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
- R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2945792 2016-05-26] (Microsoft Corporation)
- S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
- S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
- R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-05-22] (SurfRight B.V.)
- R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
- R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-18] (Hewlett-Packard Development Company, L.P.)
- R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [165616 2015-11-12] (Intel Corporation)
- S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] ()
- S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-05-25] (Microsoft Corporation) [File not signed]
- R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-17] (Trend Micro Inc.)
- R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [1617920 2016-04-21] (Trend Micro Inc.)
- R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] ()
- R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-05-01] (Realtek Semiconductor)
- R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2015-12-09] (Synaptics Incorporated)
- R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-10-29] (Advanced Micro Devices, Inc.)
- S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
- S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
- R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel® Corporation)
- R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
- S2 Tiuauh; "C:\Users\Russell Ison\AppData\Roaming\VypiwGyp\Wivmor.exe" -cms [X]
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [18968 2015-10-29] (Advanced Micro Devices, INC.)
- S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-10-29] (Advanced Micro Devices, Inc. )
- R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [82704 2015-10-29] (Advanced Micro Devices, Inc.)
- R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-10-29] (Advanced Micro Devices, Inc. )
- R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-10-29] (Advanced Micro Devices)
- R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-07] (BlueStack Systems)
- R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
- S3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
- R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [300304 2015-11-13] (Intel Corporation)
- S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3509512 2015-11-06] (Intel Corporation)
- R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [6731520 2016-01-19] (Intel Corporation)
- R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
- S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
- S3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation )
- R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
- R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
- R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [67704 2015-12-09] (Synaptics Incorporated)
- S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
- R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [133424 2015-11-23] (Trend Micro Inc.)
- R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [324912 2015-11-23] (Trend Micro Inc.)
- R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [59712 2015-06-12] (Trend Micro Inc.)
- R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
- S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.)
- R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [99632 2015-11-23] (Trend Micro Inc.)
- R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [416608 2015-05-29] (Trend Micro Inc.)
- S3 tmumh; C:\Windows\system32\DRIVERS\TMUMH.sys [91536 2015-06-29] (Trend Micro Inc.)
- R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [116528 2015-06-27] (Trend Micro Inc.)
- S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
- S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
- S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
- R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)
- U2 TMAgent; no ImagePath
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-06-15 18:48 - 2016-06-15 18:48 - 00034784 _____ C:\Users\Russell Ison\Downloads\FRST.txt
- 2016-06-15 18:47 - 2016-06-15 18:48 - 00000000 ____D C:\FRST
- 2016-06-15 18:46 - 2016-06-15 18:47 - 02385920 _____ (Farbar) C:\Users\Russell Ison\Desktop\FRST64.exe
- 2016-06-14 18:32 - 2016-06-14 18:32 - 00000000 _____ C:\windows\system32\REN4CD8.tmp
- 2016-06-14 18:29 - 2016-06-14 18:29 - 00000000 _____ C:\windows\system32\REN858A.tmp
- 2016-06-14 18:27 - 2016-06-14 18:28 - 43189344 _____ (Oracle Corporation) C:\Users\Russell Ison\Downloads\jre-8u45-windows-x64.exe
- 2016-06-14 17:37 - 2016-06-14 17:37 - 00000663 _____ C:\Users\Russell Ison\Desktop\FTB_Launcher.exe - Shortcut.lnk
- 2016-06-14 16:18 - 2016-06-14 16:18 - 00004732 _____ C:\windows\System32\Tasks\DistromaticSearchProtect-hourly
- 2016-06-13 20:32 - 2016-06-15 18:41 - 00000000 ____D C:\ftb
- 2016-06-13 20:28 - 2016-06-15 18:43 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\ftblauncher
- 2016-06-13 20:28 - 2016-06-13 20:33 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\ftblauncher
- 2016-06-13 20:11 - 2016-06-13 20:34 - 00000000 ____D C:\EEK
- 2016-06-13 20:07 - 2016-06-13 20:11 - 237984312 _____ C:\Users\Russell Ison\Downloads\EmsisoftEmergencyKit.exe
- 2016-06-13 19:51 - 2016-06-13 20:28 - 07650529 _____ C:\Users\Russell Ison\Downloads\FTB_Launcher.exe
- 2016-06-13 19:45 - 2016-06-14 16:19 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Curse Client
- 2016-06-13 19:45 - 2016-06-13 19:54 - 00001095 _____ C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
- 2016-06-13 19:44 - 2016-06-13 19:44 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Curse
- 2016-06-13 19:28 - 2016-06-13 19:44 - 80502648 _____ (Curse) C:\Users\Russell Ison\Downloads\CurseClientSetup_[plugin-minecraft].exe
- 2016-06-13 19:05 - 2016-06-13 19:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
- 2016-06-13 19:05 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
- 2016-06-13 19:05 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
- 2016-06-13 19:05 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
- 2016-06-13 19:02 - 2016-06-13 19:04 - 22851472 _____ (Malwarebytes ) C:\Users\Russell Ison\Downloads\mbam-setup-2.2.1.1043(1).exe
- 2016-06-13 18:56 - 2016-06-13 18:56 - 00000000 ____D C:\Users\Russell Ison\Documents\Custom Office Templates
- 2016-06-13 18:53 - 2016-06-15 18:43 - 00000000 ____D C:\Users\Russell Ison\Documents\Microsoft Word
- 2016-06-13 18:46 - 2016-06-13 18:46 - 01610816 _____ (Malwarebytes) C:\Users\Russell Ison\Downloads\JRT(1).exe
- 2016-06-13 16:49 - 2016-06-13 19:55 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
- 2016-06-13 16:49 - 2016-06-13 19:55 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
- 2016-06-13 16:49 - 2016-06-13 19:55 - 00002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
- 2016-06-13 16:49 - 2016-06-13 19:55 - 00002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
- 2016-06-13 16:49 - 2016-06-13 19:55 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
- 2016-06-13 16:49 - 2016-06-13 19:55 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
- 2016-06-13 16:49 - 2016-06-13 19:55 - 00002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
- 2016-06-13 16:49 - 2016-06-13 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
- 2016-06-13 16:27 - 2016-06-13 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
- 2016-06-13 16:26 - 2016-06-13 16:26 - 03479752 _____ (Microsoft Corporation) C:\Users\Russell Ison\Downloads\Setup.X86.en-US_O365HomePremRetail_04a09a18-5406-4d64-b12e-604e84053b65_TX_SG_.exe
- 2016-06-13 09:55 - 2016-06-13 09:56 - 03677248 _____ C:\Users\Russell Ison\Downloads\adwcleaner_5.119.exe
- 2016-06-12 18:31 - 2016-06-14 16:15 - 00000000 ____D C:\Users\Russell Ison\Desktop\Old Firefox Data
- 2016-06-12 17:29 - 2016-06-12 17:29 - 00004600 _____ C:\windows\System32\Tasks\DistromaticUpdater-periodic
- 2016-06-12 17:29 - 2016-06-12 17:29 - 00004208 _____ C:\windows\System32\Tasks\DistromaticSearchProtect-logon
- 2016-06-12 17:29 - 2016-06-12 17:29 - 00004070 _____ C:\windows\System32\Tasks\DistromaticUpdater-logon
- 2016-06-12 17:29 - 2016-06-12 17:29 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\Amazon Browser Settings
- 2016-06-12 17:29 - 2016-06-12 17:29 - 00000000 ____D C:\Program Files (x86)\Amazon Browser Settings
- 2016-06-12 12:26 - 2016-06-13 09:57 - 00399360 _____ (Trend Micro Inc.) C:\windows\RegBootClean64.exe
- 2016-06-12 12:25 - 2016-06-13 20:32 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Checkers
- 2016-06-12 07:54 - 2016-06-12 07:54 - 00003312 _____ C:\windows\System32\Tasks\HPCeeScheduleForRussell Ison
- 2016-06-04 09:45 - 2016-06-04 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
- 2016-05-28 17:15 - 2016-05-28 17:15 - 05367084 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T07_09_13Z_15905.0kHz.wav
- 2016-05-28 17:08 - 2016-05-28 17:08 - 07718188 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_59_51Z_13435.0kHz.wav
- 2016-05-28 16:49 - 2016-05-28 16:49 - 08080172 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_40_18Z_11464.0kHz.wav
- 2016-05-28 16:43 - 2016-05-28 16:43 - 02591276 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_40_11Z_13368.0kHz.wav
- 2016-05-28 16:28 - 2016-05-28 16:29 - 05349164 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_22_42Z_10264.0kHz.wav
- 2016-05-28 16:22 - 2016-05-28 16:22 - 00283180 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_22_12Z_12168.0kHz.wav
- 2016-05-28 16:20 - 2016-05-28 16:20 - 00268844 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_20_24Z_12168.0kHz.wav
- 2016-05-28 14:18 - 2016-05-28 14:18 - 00213292 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T04_17_48Z_13981.0kHz.wav
- 2016-05-28 13:41 - 2016-05-28 13:41 - 00738880 _____ (Oracle Corporation) C:\Users\Russell Ison\Downloads\JavaSetup8u91.exe
- 2016-05-28 09:56 - 2016-05-28 09:56 - 00234796 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-27T23_55_48Z_6935.0kHz.wav
- 2016-05-25 03:29 - 2016-05-25 03:29 - 00635040 _____ (Microsoft Corporation) C:\windows\system32\msvcp140.dll
- 2016-05-25 03:29 - 2016-05-25 03:29 - 00390320 _____ (Microsoft Corporation) C:\windows\system32\vccorlib140.dll
- 2016-05-25 03:29 - 2016-05-25 03:29 - 00332968 _____ (Microsoft Corporation) C:\windows\system32\concrt140.dll
- 2016-05-25 03:29 - 2016-05-25 03:29 - 00088752 _____ (Microsoft Corporation) C:\windows\system32\vcruntime140.dll
- 2016-05-25 02:39 - 2016-05-25 02:39 - 00439608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp140.dll
- 2016-05-25 02:39 - 2016-05-25 02:39 - 00266928 _____ (Microsoft Corporation) C:\windows\SysWOW64\vccorlib140.dll
- 2016-05-25 02:39 - 2016-05-25 02:39 - 00243520 _____ (Microsoft Corporation) C:\windows\SysWOW64\concrt140.dll
- 2016-05-25 02:39 - 2016-05-25 02:39 - 00085328 _____ (Microsoft Corporation) C:\windows\SysWOW64\vcruntime140.dll
- 2016-05-16 15:51 - 2016-06-12 14:51 - 00000392 _____ C:\windows\Tasks\HPCeeScheduleForRussell Ison.job
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-06-15 18:53 - 2016-04-11 12:41 - 00000938 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2016-06-15 18:52 - 2016-04-09 17:52 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Azureus
- 2016-06-15 18:45 - 2015-10-30 17:11 - 00000000 ____D C:\windows\CbsTemp
- 2016-06-15 18:42 - 2015-10-30 17:24 - 00000000 ___HD C:\Program Files\WindowsApps
- 2016-06-15 18:42 - 2015-10-30 17:24 - 00000000 ____D C:\windows\AppReadiness
- 2016-06-15 18:40 - 2016-04-23 15:48 - 00004180 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{0782A026-6CCD-4141-A27B-53740045B1EA}
- 2016-06-15 18:39 - 2016-05-14 21:39 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\Adobe
- 2016-06-15 18:39 - 2016-04-22 19:08 - 00000000 ____D C:\ProgramData\TMDP_Log
- 2016-06-15 00:08 - 2016-03-02 20:26 - 00000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- 2016-06-14 21:53 - 2016-04-11 12:41 - 00000934 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2016-06-14 20:02 - 2016-04-09 15:59 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Skype
- 2016-06-14 18:43 - 2016-04-09 18:45 - 00000000 ____D C:\Users\Russell Ison\Desktop\Stuff
- 2016-06-14 18:29 - 2016-04-09 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
- 2016-06-14 17:48 - 2016-04-23 17:27 - 00000010 _____ C:\Users\Russell Ison\AppData\Local\sponge.last.runtime.cache
- 2016-06-14 16:40 - 2016-04-21 16:40 - 00000556 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 46f415eb-5467-47a2-895d-a27629faa117.job
- 2016-06-14 16:14 - 2015-10-30 16:28 - 00032768 ___SH C:\windows\system32\config\ELAM
- 2016-06-14 16:11 - 2016-04-11 10:08 - 00000000 ___RD C:\Users\Russell Ison\Dropbox
- 2016-06-14 16:07 - 2016-04-22 19:09 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\DP_Tower
- 2016-06-14 16:06 - 2016-04-09 23:01 - 00000000 ____D C:\Program Files (x86)\Steam
- 2016-06-14 16:03 - 2016-03-02 20:26 - 00000940 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- 2016-06-14 16:02 - 2015-11-03 04:02 - 00000006 ____H C:\windows\Tasks\SA.DAT
- 2016-06-14 15:58 - 2016-04-21 17:55 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
- 2016-06-14 15:56 - 2016-04-09 14:11 - 00000000 ____D C:\Users\Russell Ison
- 2016-06-14 15:55 - 2016-04-21 16:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
- 2016-06-13 21:49 - 2016-04-09 15:43 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\.minecraft
- 2016-06-13 21:09 - 2016-03-02 20:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
- 2016-06-13 19:56 - 2016-04-11 12:42 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2016-06-13 19:55 - 2016-05-15 12:12 - 00001214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk
- 2016-06-13 19:55 - 2016-05-15 11:13 - 00001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
- 2016-06-13 19:55 - 2016-05-15 10:56 - 00001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
- 2016-06-13 19:55 - 2016-05-15 10:06 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk
- 2016-06-13 19:55 - 2016-05-14 21:59 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
- 2016-06-13 19:55 - 2016-05-01 17:03 - 00001779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control Panel.lnk
- 2016-06-13 19:55 - 2016-04-28 20:00 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
- 2016-06-13 19:55 - 2016-04-11 12:42 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2016-06-13 19:55 - 2016-04-09 17:53 - 00001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
- 2016-06-13 19:55 - 2016-03-02 20:21 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
- 2016-06-13 19:55 - 2016-03-02 20:15 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP ePrint SW.lnk
- 2016-06-13 19:54 - 2016-04-28 20:00 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
- 2016-06-13 19:54 - 2016-04-10 21:15 - 00001749 _____ C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
- 2016-06-13 19:54 - 2016-04-09 23:01 - 00000993 _____ C:\Users\Public\Desktop\Steam.lnk
- 2016-06-13 19:54 - 2016-04-09 17:30 - 00002130 _____ C:\Users\Russell Ison\Desktop\FL Studio 12 (64bit).lnk
- 2016-06-13 19:54 - 2016-04-09 14:15 - 00002391 _____ C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
- 2016-06-13 19:52 - 2016-03-02 20:12 - 01055998 _____ C:\windows\SysWOW64\rootpa.e2e
- 2016-06-13 19:52 - 2016-03-02 20:02 - 00065536 _____ C:\windows\system32\spu_storage.bin
- 2016-06-13 19:52 - 2015-10-30 16:28 - 00524288 ___SH C:\windows\system32\config\BBI
- 2016-06-13 19:20 - 2016-04-21 09:32 - 00000000 ____D C:\Program Files (x86)\Geqtiondraluing
- 2016-06-13 19:19 - 2016-04-21 10:17 - 00000000 ____D C:\Program Files (x86)\Anisatain
- 2016-06-13 17:33 - 2016-04-22 19:07 - 00000000 ____D C:\ProgramData\Trend Micro
- 2016-06-13 17:21 - 2015-11-03 04:01 - 05012240 _____ C:\windows\system32\FNTCACHE.DAT
- 2016-06-13 17:17 - 2015-10-30 17:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
- 2016-06-13 17:14 - 2015-10-30 17:21 - 00000000 ____D C:\windows\INF
- 2016-06-13 16:27 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
- 2016-06-13 09:56 - 2016-04-21 16:18 - 00000000 ____D C:\AdwCleaner
- 2016-06-12 18:08 - 2016-04-09 15:30 - 00000000 ____D C:\ProgramData\Oracle
- 2016-06-12 17:15 - 2016-04-09 15:31 - 00000000 ____D C:\Users\Russell Ison\.oracle_jre_usage
- 2016-06-12 17:13 - 2016-04-09 15:31 - 00097344 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
- 2016-06-12 17:13 - 2016-04-09 15:30 - 00000000 ____D C:\Program Files (x86)\Java
- 2016-06-12 14:51 - 2016-05-05 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
- 2016-06-12 14:51 - 2016-04-28 20:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2016-06-04 09:45 - 2016-03-02 20:26 - 00000000 ____D C:\Program Files (x86)\Dropbox
- 2016-05-28 20:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\rescache
- 2016-05-27 15:47 - 2016-04-09 15:58 - 00000000 ___RD C:\Program Files (x86)\Skype
- 2016-05-22 13:55 - 2016-04-09 15:58 - 00000000 ____D C:\ProgramData\Skype
- 2016-05-22 13:34 - 2015-11-03 04:02 - 00000000 __RHD C:\Users\Public\AccountPictures
- 2016-05-22 13:28 - 2015-10-30 19:05 - 00000000 ____D C:\Program Files\Windows Journal
- 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\system32\oobe
- 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\system32\appraiser
- 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\Provisioning
- 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\bcastdvr
- 2016-05-22 13:27 - 2015-10-30 17:24 - 00015703 _____ C:\windows\system32\OEMDefaultAssociations.xml
- 2016-05-21 16:07 - 2016-04-09 21:11 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\ElevatedDiagnostics
- 2016-05-21 07:32 - 2016-04-09 14:15 - 00000000 ___RD C:\Users\Russell Ison\OneDrive
- 2016-05-19 15:54 - 2016-04-09 16:41 - 00000000 ____D C:\windows\system32\MRT
- 2016-05-16 15:45 - 2016-04-09 16:41 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
- ==================== Files in the root of some directories =======
- 2016-05-15 10:11 - 2016-05-15 10:14 - 0000033 _____ () C:\Users\Russell Ison\AppData\Roaming\AdobeWLCMCache.dat
- 2016-04-22 19:06 - 2016-04-22 19:06 - 0000036 _____ () C:\Users\Russell Ison\AppData\Local\housecall.guid.cache
- 2016-04-23 17:27 - 2016-06-14 17:48 - 0000010 _____ () C:\Users\Russell Ison\AppData\Local\sponge.last.runtime.cache
- Some files in TEMP:
- ====================
- C:\Users\Russell Ison\AppData\Local\Temp\bdfilters.dll
- C:\Users\Russell Ison\AppData\Local\Temp\i4jdel0.exe
- C:\Users\Russell Ison\AppData\Local\Temp\jre-8u91-windows-au.exe
- C:\Users\Russell Ison\AppData\Local\Temp\McCSPInstall.dll
- C:\Users\Russell Ison\AppData\Local\Temp\mccspuninstall.exe
- C:\Users\Russell Ison\AppData\Local\Temp\SkypeSetup.exe
- C:\Users\Russell Ison\AppData\Local\Temp\VideoBox.exe
- C:\Users\Russell Ison\AppData\Local\Temp\world-super-ext.exe
- C:\Users\Russell Ison\AppData\Local\Temp\{B21A7894-31DD-492E-A2AE-40016CF1DF48}-DropboxClient_3.18.1.exe
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\windows\system32\winlogon.exe => File is digitally signed
- C:\windows\system32\wininit.exe => File is digitally signed
- C:\windows\explorer.exe => File is digitally signed
- C:\windows\SysWOW64\explorer.exe => File is digitally signed
- C:\windows\system32\svchost.exe => File is digitally signed
- C:\windows\SysWOW64\svchost.exe => File is digitally signed
- C:\windows\system32\services.exe => File is digitally signed
- C:\windows\system32\User32.dll => File is digitally signed
- C:\windows\SysWOW64\User32.dll => File is digitally signed
- C:\windows\system32\userinit.exe => File is digitally signed
- C:\windows\SysWOW64\userinit.exe => File is digitally signed
- C:\windows\system32\rpcss.dll => File is digitally signed
- C:\windows\system32\dnsapi.dll => File is digitally signed
- C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
- C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2016-06-14 20:25
- ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement