API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 15th, 2016
338
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 51.09 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016
  2. Ran by Russell Ison (administrator) on LAPTOP-UCFFLMK3 (15-06-2016 18:48:05)
  3. Running from C:\Users\Russell Ison\Downloads
  4. Loaded Profiles: Russell Ison (Available Profiles: Russell Ison)
  5. Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
  6. Internet Explorer Version 11 (Default browser: "C:\Users\Russell Ison\AppData\Local\BrowserAir\Application\BrowserAir.exe" -- "%1")
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (AMD) C:\Windows\System32\atiesrxx.exe
  15. (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
  16. (AMD) C:\Windows\System32\atieclxx.exe
  17. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
  18. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  19. (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
  20. (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
  21. (Microsoft Corporation) C:\Windows\System32\wlanext.exe
  22. (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
  23. (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
  24. (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
  25. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
  26. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  27. (Intel Corporation) C:\Windows\System32\ibtsiva.exe
  28. (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
  29. (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
  30. (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
  31. (Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
  32. (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
  33. (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
  34. (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
  35. (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
  36. (Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
  37. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
  38. (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
  39. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  40. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
  41. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
  42. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  43. () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
  44. () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
  45. () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
  46. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
  47. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  48. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  49. (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
  50. (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
  51. (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
  52. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
  53. (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
  54. (Draughts) C:\Users\Russell Ison\AppData\Roaming\Checkers\Draughts\Draughts.exe
  55. (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
  56. (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
  57. (HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
  58. (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
  59. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  60. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  61. (Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
  62. () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
  63. (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
  64. (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
  65. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
  66. (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
  67. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
  68. () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
  69. (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  70. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  71. (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
  72. () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
  73. (Azureus Software, Inc) C:\Program Files (x86)\Vuze\Azureus.exe
  74. (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
  75. () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
  76. (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe\Music.UI.exe
  77. (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe\Video.UI.exe
  78. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
  79. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
  80. (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
  81. (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_76587b40265ca57e\TiWorker.exe
  82.  
  83.  
  84. ==================== Registry (Whitelisted) ===========================
  85.  
  86. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  87.  
  88. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-05-01] (Realtek Semiconductor)
  89. HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-11] (HP)
  90. HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-17] (Trend Micro Inc.)
  91. HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-17] (Trend Micro Inc.)
  92. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
  93. HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [45672 2015-07-17] (Trend Micro Inc.)
  94. HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-18] (Hewlett-Packard Development Company, L.P.)
  95. HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-07] (Advanced Micro Devices, Inc.)
  96. HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-06-01] (Dropbox, Inc.)
  97. HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [258600 2016-01-05] (HP)
  98. HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2313408 2016-04-07] (Adobe Systems Incorporated)
  99. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
  100. HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2917456 2016-06-10] (Valve Corporation)
  101. HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [953880 2016-04-07] (BlueStack Systems, Inc.)
  102. HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-06-13] (SUPERAntiSpyware)
  103. HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\Run: [Draughts] => C:\Users\Russell Ison\AppData\Roaming\Checkers\Draughts\Draughts.exe [1720528 2016-06-12] (Draughts)
  104. HKU\S-1-5-21-3777230128-999622161-3604897991-1002\...\RunOnce: [Uninstall C:\Users\Russell Ison\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Russell Ison\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
  105. ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
  106. ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
  107. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] ()
  108. ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  109. ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  110. ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  111. ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  112. ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  113. ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  114. ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  115. ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-01] (Dropbox, Inc.)
  116. ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  117. ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  118. ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  119. ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  120. ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  121. ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  122. ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  123. ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-01] (Dropbox, Inc.)
  124. Startup: C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-13]
  125. ShortcutTarget: Curse.lnk -> C:\Users\Russell Ison\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
  126.  
  127. ==================== Internet (Whitelisted) ====================
  128.  
  129. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  130.  
  131. Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
  132. Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
  133. Tcpip\..\Interfaces\{be84f586-4053-4b63-8d22-13217b6f8972}: [DhcpNameServer] 10.0.0.138
  134. ManualProxies:
  135.  
  136. Internet Explorer:
  137. ==================
  138. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  139. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
  140. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
  141. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  142. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
  143. HKU\S-1-5-21-3777230128-999622161-3604897991-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  144. HKU\S-1-5-21-3777230128-999622161-3604897991-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
  145. SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  146. SearchScopes: HKU\S-1-5-21-3777230128-999622161-3604897991-1002 -> DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_c78f2f88_1201_1403_20160612_AU_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
  147. SearchScopes: HKU\S-1-5-21-3777230128-999622161-3604897991-1002 -> {0D15C510-D9E0-4DFE-7D97-CBF254E243D6} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_06c8c330_1201_1403_20160409_AU_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
  148. SearchScopes: HKU\S-1-5-21-3777230128-999622161-3604897991-1002 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_c78f2f88_1201_1403_20160612_AU_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
  149. BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-13] (Microsoft Corporation)
  150. BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
  151. BHO: Password Manager BHO -> {782829FB-43A5-4AE0-A14E-590A252E7946} -> C:\Program Files\Trend Micro\TMIDS\bhoDirectPass64.dll [2016-04-21] (Trend Micro Inc.)
  152. BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
  153. BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
  154. BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
  155. BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-13] (Microsoft Corporation)
  156. BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
  157. BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-12] (Oracle Corporation)
  158. BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
  159. BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
  160. BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
  161. BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
  162. BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-12] (Oracle Corporation)
  163. BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
  164. Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
  165. Toolbar: HKLM - Password Manager ToolBar - {97EE74D2-C351-4ECE-B75A-8CD36FAE3661} - C:\Program Files\Trend Micro\TMIDS\bhoDirectPass64.dll [2016-04-21] (Trend Micro Inc.)
  166. Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
  167. Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
  168. Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
  169. Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
  170. Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-13] (Microsoft Corporation)
  171. Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
  172. Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
  173. Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-17] (Trend Micro Inc.)
  174. Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
  175. Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
  176. Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-17] (Trend Micro Inc.)
  177. Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
  178. Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
  179. Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
  180. Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)
  181.  
  182. FireFox:
  183. ========
  184. FF ProfilePath: C:\Users\Russell Ison\AppData\Roaming\Mozilla\Firefox\Profiles\deed8w8o.default-1465884928209
  185. FF NetworkProxy: "no_proxies_on", "https://localhost, localhost, 127.0.0.1"
  186. FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-04-07] (Adobe Systems)
  187. FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
  188. FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-12] (Oracle Corporation)
  189. FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-12] (Oracle Corporation)
  190. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-13] (Microsoft Corporation)
  191. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
  192. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
  193. FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
  194. FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-13] ()
  195. FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-04-07] (Adobe Systems)
  196. FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
  197. FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2016-04-23]
  198. FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
  199. FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
  200. FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-04-23]
  201. FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
  202. FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-04-23]
  203.  
  204. Chrome:
  205. =======
  206. CHR HomePage: Default -> amazon.com/websearch/?ie=UTF8__PARAM__
  207. CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=g4kzftpbl0cshmoak,f3eaf853-1803-4708-a5b3-ccd29377659e,&vp=ch&prd=set_ch"
  208. CHR Profile: C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default
  209. CHR Extension: (Google Slides) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-09]
  210. CHR Extension: (Google Docs) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-09]
  211. CHR Extension: (Google Drive) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-09]
  212. CHR Extension: (YouTube) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-09]
  213. CHR Extension: (Adblock Plus) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-28]
  214. CHR Extension: (Google Sheets) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-09]
  215. CHR Extension: (Trend Micro Password Manager) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\fokifklggehlihkifghafpekelcicmgl [2016-04-28]
  216. CHR Extension: (Google Docs Offline) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-09]
  217. CHR Extension: (BBC Sherlock) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\kibgjoakhkalcoigpeiaahdkgmpckdbi [2016-04-28]
  218. CHR Extension: (Skype) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-22]
  219. CHR Extension: (Chrome Web Store Payments) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
  220. CHR Extension: (Trend Micro Toolbar) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-04-28]
  221. CHR Extension: (Amazon Smart Search) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebgdicanjhnamfmdlmlbcnkgehkkmf [2016-04-21]
  222. CHR Extension: (Gmail) - C:\Users\Russell Ison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-09]
  223. CHR HKU\S-1-5-21-3777230128-999622161-3604897991-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx
  224. CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
  225. CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
  226.  
  227. ==================== Services (Whitelisted) ========================
  228.  
  229. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  230.  
  231. R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
  232. S2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-08-07] () [File not signed]
  233. R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [694464 2016-04-07] (Adobe Systems Incorporated)
  234. R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
  235. R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
  236. R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-07] (Advanced Micro Devices, Inc.) [File not signed]
  237. S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-07] (BlueStack Systems, Inc.)
  238. R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-07] (BlueStack Systems, Inc.)
  239. S2 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-07] (BlueStack Systems, Inc.)
  240. S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-07] (BlueStack Systems, Inc.)
  241. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
  242. R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
  243. R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2945792 2016-05-26] (Microsoft Corporation)
  244. S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
  245. S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-11] (Dropbox, Inc.)
  246. R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-05-22] (SurfRight B.V.)
  247. R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
  248. R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-18] (Hewlett-Packard Development Company, L.P.)
  249. R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [165616 2015-11-12] (Intel Corporation)
  250. S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] ()
  251. S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-05-25] (Microsoft Corporation) [File not signed]
  252. R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-17] (Trend Micro Inc.)
  253. R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [1617920 2016-04-21] (Trend Micro Inc.)
  254. R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] ()
  255. R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-05-01] (Realtek Semiconductor)
  256. R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2015-12-09] (Synaptics Incorporated)
  257. R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-10-29] (Advanced Micro Devices, Inc.)
  258. S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
  259. S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
  260. R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel® Corporation)
  261. R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
  262. S2 Tiuauh; "C:\Users\Russell Ison\AppData\Roaming\VypiwGyp\Wivmor.exe" -cms [X]
  263.  
  264. ===================== Drivers (Whitelisted) ==========================
  265.  
  266. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  267.  
  268. R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [18968 2015-10-29] (Advanced Micro Devices, INC.)
  269. S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-10-29] (Advanced Micro Devices, Inc. )
  270. R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [82704 2015-10-29] (Advanced Micro Devices, Inc.)
  271. R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-10-29] (Advanced Micro Devices, Inc. )
  272. R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-10-29] (Advanced Micro Devices)
  273. R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-07] (BlueStack Systems)
  274. R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
  275. S3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
  276. R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [300304 2015-11-13] (Intel Corporation)
  277. S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3509512 2015-11-06] (Intel Corporation)
  278. R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [6731520 2016-01-19] (Intel Corporation)
  279. R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
  280. S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
  281. S3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation )
  282. R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
  283. R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
  284. R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [67704 2015-12-09] (Synaptics Incorporated)
  285. S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
  286. R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [133424 2015-11-23] (Trend Micro Inc.)
  287. R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [324912 2015-11-23] (Trend Micro Inc.)
  288. R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [59712 2015-06-12] (Trend Micro Inc.)
  289. R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
  290. S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [39056 2015-06-23] (Trend Micro Inc.)
  291. R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [99632 2015-11-23] (Trend Micro Inc.)
  292. R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [416608 2015-05-29] (Trend Micro Inc.)
  293. S3 tmumh; C:\Windows\system32\DRIVERS\TMUMH.sys [91536 2015-06-29] (Trend Micro Inc.)
  294. R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [116528 2015-06-27] (Trend Micro Inc.)
  295. S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
  296. S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
  297. S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
  298. R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)
  299. U2 TMAgent; no ImagePath
  300.  
  301. ==================== NetSvcs (Whitelisted) ===================
  302.  
  303. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  304.  
  305.  
  306. ==================== One Month Created files and folders ========
  307.  
  308. (If an entry is included in the fixlist, the file/folder will be moved.)
  309.  
  310. 2016-06-15 18:48 - 2016-06-15 18:48 - 00034784 _____ C:\Users\Russell Ison\Downloads\FRST.txt
  311. 2016-06-15 18:47 - 2016-06-15 18:48 - 00000000 ____D C:\FRST
  312. 2016-06-15 18:46 - 2016-06-15 18:47 - 02385920 _____ (Farbar) C:\Users\Russell Ison\Desktop\FRST64.exe
  313. 2016-06-14 18:32 - 2016-06-14 18:32 - 00000000 _____ C:\windows\system32\REN4CD8.tmp
  314. 2016-06-14 18:29 - 2016-06-14 18:29 - 00000000 _____ C:\windows\system32\REN858A.tmp
  315. 2016-06-14 18:27 - 2016-06-14 18:28 - 43189344 _____ (Oracle Corporation) C:\Users\Russell Ison\Downloads\jre-8u45-windows-x64.exe
  316. 2016-06-14 17:37 - 2016-06-14 17:37 - 00000663 _____ C:\Users\Russell Ison\Desktop\FTB_Launcher.exe - Shortcut.lnk
  317. 2016-06-14 16:18 - 2016-06-14 16:18 - 00004732 _____ C:\windows\System32\Tasks\DistromaticSearchProtect-hourly
  318. 2016-06-13 20:32 - 2016-06-15 18:41 - 00000000 ____D C:\ftb
  319. 2016-06-13 20:28 - 2016-06-15 18:43 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\ftblauncher
  320. 2016-06-13 20:28 - 2016-06-13 20:33 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\ftblauncher
  321. 2016-06-13 20:11 - 2016-06-13 20:34 - 00000000 ____D C:\EEK
  322. 2016-06-13 20:07 - 2016-06-13 20:11 - 237984312 _____ C:\Users\Russell Ison\Downloads\EmsisoftEmergencyKit.exe
  323. 2016-06-13 19:51 - 2016-06-13 20:28 - 07650529 _____ C:\Users\Russell Ison\Downloads\FTB_Launcher.exe
  324. 2016-06-13 19:45 - 2016-06-14 16:19 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Curse Client
  325. 2016-06-13 19:45 - 2016-06-13 19:54 - 00001095 _____ C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
  326. 2016-06-13 19:44 - 2016-06-13 19:44 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Curse
  327. 2016-06-13 19:28 - 2016-06-13 19:44 - 80502648 _____ (Curse) C:\Users\Russell Ison\Downloads\CurseClientSetup_[plugin-minecraft].exe
  328. 2016-06-13 19:05 - 2016-06-13 19:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
  329. 2016-06-13 19:05 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
  330. 2016-06-13 19:05 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
  331. 2016-06-13 19:05 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
  332. 2016-06-13 19:02 - 2016-06-13 19:04 - 22851472 _____ (Malwarebytes ) C:\Users\Russell Ison\Downloads\mbam-setup-2.2.1.1043(1).exe
  333. 2016-06-13 18:56 - 2016-06-13 18:56 - 00000000 ____D C:\Users\Russell Ison\Documents\Custom Office Templates
  334. 2016-06-13 18:53 - 2016-06-15 18:43 - 00000000 ____D C:\Users\Russell Ison\Documents\Microsoft Word
  335. 2016-06-13 18:46 - 2016-06-13 18:46 - 01610816 _____ (Malwarebytes) C:\Users\Russell Ison\Downloads\JRT(1).exe
  336. 2016-06-13 16:49 - 2016-06-13 19:55 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
  337. 2016-06-13 16:49 - 2016-06-13 19:55 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
  338. 2016-06-13 16:49 - 2016-06-13 19:55 - 00002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
  339. 2016-06-13 16:49 - 2016-06-13 19:55 - 00002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
  340. 2016-06-13 16:49 - 2016-06-13 19:55 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
  341. 2016-06-13 16:49 - 2016-06-13 19:55 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
  342. 2016-06-13 16:49 - 2016-06-13 19:55 - 00002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
  343. 2016-06-13 16:49 - 2016-06-13 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
  344. 2016-06-13 16:27 - 2016-06-13 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
  345. 2016-06-13 16:26 - 2016-06-13 16:26 - 03479752 _____ (Microsoft Corporation) C:\Users\Russell Ison\Downloads\Setup.X86.en-US_O365HomePremRetail_04a09a18-5406-4d64-b12e-604e84053b65_TX_SG_.exe
  346. 2016-06-13 09:55 - 2016-06-13 09:56 - 03677248 _____ C:\Users\Russell Ison\Downloads\adwcleaner_5.119.exe
  347. 2016-06-12 18:31 - 2016-06-14 16:15 - 00000000 ____D C:\Users\Russell Ison\Desktop\Old Firefox Data
  348. 2016-06-12 17:29 - 2016-06-12 17:29 - 00004600 _____ C:\windows\System32\Tasks\DistromaticUpdater-periodic
  349. 2016-06-12 17:29 - 2016-06-12 17:29 - 00004208 _____ C:\windows\System32\Tasks\DistromaticSearchProtect-logon
  350. 2016-06-12 17:29 - 2016-06-12 17:29 - 00004070 _____ C:\windows\System32\Tasks\DistromaticUpdater-logon
  351. 2016-06-12 17:29 - 2016-06-12 17:29 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\Amazon Browser Settings
  352. 2016-06-12 17:29 - 2016-06-12 17:29 - 00000000 ____D C:\Program Files (x86)\Amazon Browser Settings
  353. 2016-06-12 12:26 - 2016-06-13 09:57 - 00399360 _____ (Trend Micro Inc.) C:\windows\RegBootClean64.exe
  354. 2016-06-12 12:25 - 2016-06-13 20:32 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Checkers
  355. 2016-06-12 07:54 - 2016-06-12 07:54 - 00003312 _____ C:\windows\System32\Tasks\HPCeeScheduleForRussell Ison
  356. 2016-06-04 09:45 - 2016-06-04 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
  357. 2016-05-28 17:15 - 2016-05-28 17:15 - 05367084 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T07_09_13Z_15905.0kHz.wav
  358. 2016-05-28 17:08 - 2016-05-28 17:08 - 07718188 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_59_51Z_13435.0kHz.wav
  359. 2016-05-28 16:49 - 2016-05-28 16:49 - 08080172 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_40_18Z_11464.0kHz.wav
  360. 2016-05-28 16:43 - 2016-05-28 16:43 - 02591276 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_40_11Z_13368.0kHz.wav
  361. 2016-05-28 16:28 - 2016-05-28 16:29 - 05349164 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_22_42Z_10264.0kHz.wav
  362. 2016-05-28 16:22 - 2016-05-28 16:22 - 00283180 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_22_12Z_12168.0kHz.wav
  363. 2016-05-28 16:20 - 2016-05-28 16:20 - 00268844 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T06_20_24Z_12168.0kHz.wav
  364. 2016-05-28 14:18 - 2016-05-28 14:18 - 00213292 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-28T04_17_48Z_13981.0kHz.wav
  365. 2016-05-28 13:41 - 2016-05-28 13:41 - 00738880 _____ (Oracle Corporation) C:\Users\Russell Ison\Downloads\JavaSetup8u91.exe
  366. 2016-05-28 09:56 - 2016-05-28 09:56 - 00234796 _____ C:\Users\Russell Ison\Downloads\websdr_recording_start_2016-05-27T23_55_48Z_6935.0kHz.wav
  367. 2016-05-25 03:29 - 2016-05-25 03:29 - 00635040 _____ (Microsoft Corporation) C:\windows\system32\msvcp140.dll
  368. 2016-05-25 03:29 - 2016-05-25 03:29 - 00390320 _____ (Microsoft Corporation) C:\windows\system32\vccorlib140.dll
  369. 2016-05-25 03:29 - 2016-05-25 03:29 - 00332968 _____ (Microsoft Corporation) C:\windows\system32\concrt140.dll
  370. 2016-05-25 03:29 - 2016-05-25 03:29 - 00088752 _____ (Microsoft Corporation) C:\windows\system32\vcruntime140.dll
  371. 2016-05-25 02:39 - 2016-05-25 02:39 - 00439608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp140.dll
  372. 2016-05-25 02:39 - 2016-05-25 02:39 - 00266928 _____ (Microsoft Corporation) C:\windows\SysWOW64\vccorlib140.dll
  373. 2016-05-25 02:39 - 2016-05-25 02:39 - 00243520 _____ (Microsoft Corporation) C:\windows\SysWOW64\concrt140.dll
  374. 2016-05-25 02:39 - 2016-05-25 02:39 - 00085328 _____ (Microsoft Corporation) C:\windows\SysWOW64\vcruntime140.dll
  375. 2016-05-16 15:51 - 2016-06-12 14:51 - 00000392 _____ C:\windows\Tasks\HPCeeScheduleForRussell Ison.job
  376.  
  377. ==================== One Month Modified files and folders ========
  378.  
  379. (If an entry is included in the fixlist, the file/folder will be moved.)
  380.  
  381. 2016-06-15 18:53 - 2016-04-11 12:41 - 00000938 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  382. 2016-06-15 18:52 - 2016-04-09 17:52 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Azureus
  383. 2016-06-15 18:45 - 2015-10-30 17:11 - 00000000 ____D C:\windows\CbsTemp
  384. 2016-06-15 18:42 - 2015-10-30 17:24 - 00000000 ___HD C:\Program Files\WindowsApps
  385. 2016-06-15 18:42 - 2015-10-30 17:24 - 00000000 ____D C:\windows\AppReadiness
  386. 2016-06-15 18:40 - 2016-04-23 15:48 - 00004180 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{0782A026-6CCD-4141-A27B-53740045B1EA}
  387. 2016-06-15 18:39 - 2016-05-14 21:39 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\Adobe
  388. 2016-06-15 18:39 - 2016-04-22 19:08 - 00000000 ____D C:\ProgramData\TMDP_Log
  389. 2016-06-15 00:08 - 2016-03-02 20:26 - 00000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
  390. 2016-06-14 21:53 - 2016-04-11 12:41 - 00000934 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  391. 2016-06-14 20:02 - 2016-04-09 15:59 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\Skype
  392. 2016-06-14 18:43 - 2016-04-09 18:45 - 00000000 ____D C:\Users\Russell Ison\Desktop\Stuff
  393. 2016-06-14 18:29 - 2016-04-09 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
  394. 2016-06-14 17:48 - 2016-04-23 17:27 - 00000010 _____ C:\Users\Russell Ison\AppData\Local\sponge.last.runtime.cache
  395. 2016-06-14 16:40 - 2016-04-21 16:40 - 00000556 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 46f415eb-5467-47a2-895d-a27629faa117.job
  396. 2016-06-14 16:14 - 2015-10-30 16:28 - 00032768 ___SH C:\windows\system32\config\ELAM
  397. 2016-06-14 16:11 - 2016-04-11 10:08 - 00000000 ___RD C:\Users\Russell Ison\Dropbox
  398. 2016-06-14 16:07 - 2016-04-22 19:09 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\DP_Tower
  399. 2016-06-14 16:06 - 2016-04-09 23:01 - 00000000 ____D C:\Program Files (x86)\Steam
  400. 2016-06-14 16:03 - 2016-03-02 20:26 - 00000940 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
  401. 2016-06-14 16:02 - 2015-11-03 04:02 - 00000006 ____H C:\windows\Tasks\SA.DAT
  402. 2016-06-14 15:58 - 2016-04-21 17:55 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
  403. 2016-06-14 15:56 - 2016-04-09 14:11 - 00000000 ____D C:\Users\Russell Ison
  404. 2016-06-14 15:55 - 2016-04-21 16:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
  405. 2016-06-13 21:49 - 2016-04-09 15:43 - 00000000 ____D C:\Users\Russell Ison\AppData\Roaming\.minecraft
  406. 2016-06-13 21:09 - 2016-03-02 20:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
  407. 2016-06-13 19:56 - 2016-04-11 12:42 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  408. 2016-06-13 19:55 - 2016-05-15 12:12 - 00001214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk
  409. 2016-06-13 19:55 - 2016-05-15 11:13 - 00001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
  410. 2016-06-13 19:55 - 2016-05-15 10:56 - 00001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
  411. 2016-06-13 19:55 - 2016-05-15 10:06 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk
  412. 2016-06-13 19:55 - 2016-05-14 21:59 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
  413. 2016-06-13 19:55 - 2016-05-01 17:03 - 00001779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control Panel.lnk
  414. 2016-06-13 19:55 - 2016-04-28 20:00 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  415. 2016-06-13 19:55 - 2016-04-11 12:42 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  416. 2016-06-13 19:55 - 2016-04-09 17:53 - 00001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
  417. 2016-06-13 19:55 - 2016-03-02 20:21 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
  418. 2016-06-13 19:55 - 2016-03-02 20:15 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP ePrint SW.lnk
  419. 2016-06-13 19:54 - 2016-04-28 20:00 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
  420. 2016-06-13 19:54 - 2016-04-10 21:15 - 00001749 _____ C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
  421. 2016-06-13 19:54 - 2016-04-09 23:01 - 00000993 _____ C:\Users\Public\Desktop\Steam.lnk
  422. 2016-06-13 19:54 - 2016-04-09 17:30 - 00002130 _____ C:\Users\Russell Ison\Desktop\FL Studio 12 (64bit).lnk
  423. 2016-06-13 19:54 - 2016-04-09 14:15 - 00002391 _____ C:\Users\Russell Ison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  424. 2016-06-13 19:52 - 2016-03-02 20:12 - 01055998 _____ C:\windows\SysWOW64\rootpa.e2e
  425. 2016-06-13 19:52 - 2016-03-02 20:02 - 00065536 _____ C:\windows\system32\spu_storage.bin
  426. 2016-06-13 19:52 - 2015-10-30 16:28 - 00524288 ___SH C:\windows\system32\config\BBI
  427. 2016-06-13 19:20 - 2016-04-21 09:32 - 00000000 ____D C:\Program Files (x86)\Geqtiondraluing
  428. 2016-06-13 19:19 - 2016-04-21 10:17 - 00000000 ____D C:\Program Files (x86)\Anisatain
  429. 2016-06-13 17:33 - 2016-04-22 19:07 - 00000000 ____D C:\ProgramData\Trend Micro
  430. 2016-06-13 17:21 - 2015-11-03 04:01 - 05012240 _____ C:\windows\system32\FNTCACHE.DAT
  431. 2016-06-13 17:17 - 2015-10-30 17:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
  432. 2016-06-13 17:14 - 2015-10-30 17:21 - 00000000 ____D C:\windows\INF
  433. 2016-06-13 16:27 - 2015-10-30 17:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
  434. 2016-06-13 09:56 - 2016-04-21 16:18 - 00000000 ____D C:\AdwCleaner
  435. 2016-06-12 18:08 - 2016-04-09 15:30 - 00000000 ____D C:\ProgramData\Oracle
  436. 2016-06-12 17:15 - 2016-04-09 15:31 - 00000000 ____D C:\Users\Russell Ison\.oracle_jre_usage
  437. 2016-06-12 17:13 - 2016-04-09 15:31 - 00097344 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
  438. 2016-06-12 17:13 - 2016-04-09 15:30 - 00000000 ____D C:\Program Files (x86)\Java
  439. 2016-06-12 14:51 - 2016-05-05 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
  440. 2016-06-12 14:51 - 2016-04-28 20:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
  441. 2016-06-04 09:45 - 2016-03-02 20:26 - 00000000 ____D C:\Program Files (x86)\Dropbox
  442. 2016-05-28 20:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\rescache
  443. 2016-05-27 15:47 - 2016-04-09 15:58 - 00000000 ___RD C:\Program Files (x86)\Skype
  444. 2016-05-22 13:55 - 2016-04-09 15:58 - 00000000 ____D C:\ProgramData\Skype
  445. 2016-05-22 13:34 - 2015-11-03 04:02 - 00000000 __RHD C:\Users\Public\AccountPictures
  446. 2016-05-22 13:28 - 2015-10-30 19:05 - 00000000 ____D C:\Program Files\Windows Journal
  447. 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\system32\oobe
  448. 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\system32\appraiser
  449. 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\Provisioning
  450. 2016-05-22 13:28 - 2015-10-30 17:24 - 00000000 ____D C:\windows\bcastdvr
  451. 2016-05-22 13:27 - 2015-10-30 17:24 - 00015703 _____ C:\windows\system32\OEMDefaultAssociations.xml
  452. 2016-05-21 16:07 - 2016-04-09 21:11 - 00000000 ____D C:\Users\Russell Ison\AppData\Local\ElevatedDiagnostics
  453. 2016-05-21 07:32 - 2016-04-09 14:15 - 00000000 ___RD C:\Users\Russell Ison\OneDrive
  454. 2016-05-19 15:54 - 2016-04-09 16:41 - 00000000 ____D C:\windows\system32\MRT
  455. 2016-05-16 15:45 - 2016-04-09 16:41 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
  456.  
  457. ==================== Files in the root of some directories =======
  458.  
  459. 2016-05-15 10:11 - 2016-05-15 10:14 - 0000033 _____ () C:\Users\Russell Ison\AppData\Roaming\AdobeWLCMCache.dat
  460. 2016-04-22 19:06 - 2016-04-22 19:06 - 0000036 _____ () C:\Users\Russell Ison\AppData\Local\housecall.guid.cache
  461. 2016-04-23 17:27 - 2016-06-14 17:48 - 0000010 _____ () C:\Users\Russell Ison\AppData\Local\sponge.last.runtime.cache
  462.  
  463. Some files in TEMP:
  464. ====================
  465. C:\Users\Russell Ison\AppData\Local\Temp\bdfilters.dll
  466. C:\Users\Russell Ison\AppData\Local\Temp\i4jdel0.exe
  467. C:\Users\Russell Ison\AppData\Local\Temp\jre-8u91-windows-au.exe
  468. C:\Users\Russell Ison\AppData\Local\Temp\McCSPInstall.dll
  469. C:\Users\Russell Ison\AppData\Local\Temp\mccspuninstall.exe
  470. C:\Users\Russell Ison\AppData\Local\Temp\SkypeSetup.exe
  471. C:\Users\Russell Ison\AppData\Local\Temp\VideoBox.exe
  472. C:\Users\Russell Ison\AppData\Local\Temp\world-super-ext.exe
  473. C:\Users\Russell Ison\AppData\Local\Temp\{B21A7894-31DD-492E-A2AE-40016CF1DF48}-DropboxClient_3.18.1.exe
  474.  
  475.  
  476. ==================== Bamital & volsnap =================
  477.  
  478. (There is no automatic fix for files that do not pass verification.)
  479.  
  480. C:\windows\system32\winlogon.exe => File is digitally signed
  481. C:\windows\system32\wininit.exe => File is digitally signed
  482. C:\windows\explorer.exe => File is digitally signed
  483. C:\windows\SysWOW64\explorer.exe => File is digitally signed
  484. C:\windows\system32\svchost.exe => File is digitally signed
  485. C:\windows\SysWOW64\svchost.exe => File is digitally signed
  486. C:\windows\system32\services.exe => File is digitally signed
  487. C:\windows\system32\User32.dll => File is digitally signed
  488. C:\windows\SysWOW64\User32.dll => File is digitally signed
  489. C:\windows\system32\userinit.exe => File is digitally signed
  490. C:\windows\SysWOW64\userinit.exe => File is digitally signed
  491. C:\windows\system32\rpcss.dll => File is digitally signed
  492. C:\windows\system32\dnsapi.dll => File is digitally signed
  493. C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
  494. C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
  495.  
  496.  
  497. LastRegBack: 2016-06-14 20:25
  498.  
  499. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!