API tools faq
paste
Advertisement
Guest User

Frst

a guest
Mar 20th, 2016
306
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 36.58 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
  2. Ran by Adam (administrator) on ADAMC (19-03-2016 11:36:05)
  3. Running from C:\Users\Adam\Desktop
  4. Loaded Profiles: Adam (Available Profiles: Adam)
  5. Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
  6. Internet Explorer Version 11 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
  15. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
  16. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  17. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  18. (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
  19. (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  20. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  21. () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
  22. (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
  23. (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
  24. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
  25. (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
  26. (DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
  27. () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
  28. (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
  29. (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
  30. (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
  31. (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
  32. (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
  33. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  34. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
  35. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  36. (Intel Corporation) C:\Windows\System32\igfxEM.exe
  37. (Intel Corporation) C:\Windows\System32\igfxHK.exe
  38. (Intel Corporation) C:\Windows\System32\igfxTray.exe
  39. (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
  40. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  41. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  42. (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
  43. (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
  44. (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
  45. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
  46. (Cisco) C:\Users\Adam\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
  47. (Google Inc.) C:\Users\Adam\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
  48. (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
  49. (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe
  50. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
  51. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
  52. (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
  53. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
  54. (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
  55. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  56. (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
  57. (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
  58. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  59. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  60. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  61. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  62. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  63. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  64. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  65. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  66. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  67. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  68. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  69. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  70. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  71. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  72. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  73. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  74. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
  75. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  76. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\nacl64.exe
  77. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\nacl64.exe
  78. (Connectify) C:\Program Files (x86)\Connectify\ConnectifyGopher.exe
  79. (Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
  80. () C:\Users\Adam\Desktop\adbFire\adbFire.exe
  81. () C:\Users\Adam\Desktop\adbFire\adb.exe
  82. () C:\Users\Adam\Desktop\adbFire\adb.exe
  83. (Microsoft Corporation) C:\Windows\splwow64.exe
  84. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  85. (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
  86. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  87. (g10 Code GmbH) C:\Program Files (x86)\GNU\GnuPG\gpg-agent.exe
  88. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  89. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  90. (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
  91. (Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
  92. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  93. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  94. (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
  95. Failed to access process -> chrome.exe
  96. (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe
  97. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  98. () C:\Users\Adam\eclipse\java-mars\eclipse\eclipse.exe
  99. () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
  100. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  101. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  102. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  103. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  104. (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
  105. (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
  106. (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
  107. (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
  108. (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
  109. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  110. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  111. (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
  112. (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
  113. (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
  114. () C:\Users\Adam\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
  115. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  116. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  117. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  118. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
  119. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
  120. (Microsoft Corporation) C:\Windows\System32\cmd.exe
  121. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  122. (Mozilla Corporation) C:\Users\Adam\Desktop\Tor Browser\Browser\firefox.exe
  123. () C:\Users\Adam\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
  124. (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
  125. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  126. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  127.  
  128.  
  129. ==================== Registry (Whitelisted) ===========================
  130.  
  131. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  132.  
  133. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-27] (Realtek Semiconductor)
  134. HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-27] (Realtek Semiconductor)
  135. HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-07-16] (Synaptics Incorporated)
  136. HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
  137. HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
  138. HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
  139. HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
  140. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation)
  141. HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
  142. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
  143. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [PCShowServer] => C:\Users\Adam\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1631088 2014-09-16] (Cisco)
  144. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
  145. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Google Update] => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-07] (Google Inc.)
  146. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [MusicManager] => C:\Users\Adam\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
  147. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
  148. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
  149. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
  150. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [6302856 2015-11-06] (Plex, Inc.)
  151. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
  152. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
  153. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
  154. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
  155. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
  156. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
  157. ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
  158. ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
  159. ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
  160. ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
  161. ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
  162. ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
  163. ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
  164. ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
  165.  
  166. ==================== Internet (Whitelisted) ====================
  167.  
  168. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  169.  
  170. Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [66048 2015-10-30] (Microsoft Corporation)
  171. Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [66048 2015-10-30] (Microsoft Corporation)
  172. Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
  173. Tcpip\..\Interfaces\{a94e9eb8-3a3f-4b77-b874-fc865e37ac61}: [DhcpNameServer] 75.75.75.75 75.75.76.76
  174. Tcpip\..\Interfaces\{bf12608b-a7c5-4f92-a0d9-853ef29ef9f4}: [DhcpNameServer] 172.4.1.171
  175.  
  176. Internet Explorer:
  177. ==================
  178. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
  179. HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
  180. SearchScopes: HKU\S-1-5-21-3719852253-1006456788-3136384108-1001 -> DefaultScope {7ED8DB49-14AC-4A47-A296-30FA16905ADC} URL =
  181. SearchScopes: HKU\S-1-5-21-3719852253-1006456788-3136384108-1001 -> {7ED8DB49-14AC-4A47-A296-30FA16905ADC} URL =
  182. BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
  183. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-01-21] (Oracle Corporation)
  184. BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
  185. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
  186. BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
  187. BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
  188. Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
  189.  
  190. FireFox:
  191. ========
  192. FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ojthf6as.default
  193. FF DefaultSearchEngine.US: Google
  194. FF Session Restore: -> is enabled.
  195. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-12] ()
  196. FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
  197. FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
  198. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-12] ()
  199. FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
  200. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
  201. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-23] (Microsoft Corporation)
  202. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
  203. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
  204. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
  205. FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @nds.com/PlayerPlugin -> C:\Users\Adam\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2014-09-16] (Cisco)
  206. FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @nds.com/PlayerPlugin64 -> C:\Users\Adam\AppData\Local\DIRECTV Player\win64\npPlayerPlugin64.dll [2014-09-16] (Cisco)
  207. FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
  208. FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
  209. FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
  210. FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: NDS.com/PlayerPlugin -> C:\Users\Adam\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2014-09-16] (Cisco)
  211. FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-12-09] (Octoshape ApS)
  212.  
  213. Chrome:
  214. =======
  215. CHR Session Restore: Default -> is enabled.
  216. CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
  217. CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
  218. CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
  219. CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
  220. CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-15]
  221. CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
  222. CHR Extension: (Honey) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-03-19]
  223. CHR Extension: (Adblock Plus) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
  224. CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
  225. CHR Extension: (Google Play Music) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-03-16]
  226. CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
  227. CHR Extension: (HTTPS Everywhere) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-02-25]
  228. CHR Extension: (Google Docs Offline) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
  229. CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-18]
  230. CHR Extension: (Chrome Web Store Payments) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
  231. CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
  232.  
  233. ==================== Services (Whitelisted) ========================
  234.  
  235. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  236.  
  237. R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
  238. S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
  239. S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
  240. S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
  241. R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
  242. R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-23] (Microsoft Corporation)
  243. R3 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [217088 2015-07-21] (Connectify) [File not signed]
  244. R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2571352 2016-01-05] (Dell Inc.)
  245. R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201816 2016-01-05] (Dell Inc.)
  246. S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
  247. R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [File not signed]
  248. R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
  249. R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-21] (Intel Corporation)
  250. S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
  251. S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
  252. R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-27] (Realtek Semiconductor)
  253. R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-01-12] (Dell Inc.)
  254. R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-16] (Synaptics Incorporated)
  255. R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
  256. R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1148120 2014-06-06] (VMware, Inc.)
  257. S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
  258. S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
  259. R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [528600 2014-06-09] (VMware, Inc.)
  260. R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
  261. R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
  262. S2 WavesSysSvc; "C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe" [X]
  263.  
  264. ===================== Drivers (Whitelisted) ==========================
  265.  
  266. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  267.  
  268. R3 athr; C:\Windows\System32\drivers\athw10x.sys [4341424 2016-01-06] (Qualcomm Atheros Communications, Inc.)
  269. S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
  270. R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [42152 2015-08-06] (Connectify)
  271. R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
  272. R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
  273. R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
  274. R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
  275. R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-01-30] (ESET)
  276. R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
  277. R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)
  278. R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
  279. R3 kiox_ff_driver; C:\Windows\System32\drivers\kiox_ff_driver.sys [41456 2015-06-15] (Kionix, Inc.)
  280. R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
  281. S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
  282. S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed]
  283. S3 rt70x64; C:\Windows\system32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.)
  284. R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [57032 2015-07-16] (Synaptics Incorporated)
  285. R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
  286. S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
  287. S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
  288. S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
  289. R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
  290.  
  291. ==================== NetSvcs (Whitelisted) ===================
  292.  
  293. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  294.  
  295.  
  296. ==================== One Month Created files and folders ========
  297.  
  298. (If an entry is included in the fixlist, the file/folder will be moved.)
  299.  
  300. 2016-03-19 11:36 - 2016-03-19 11:37 - 00028733 _____ C:\Users\Adam\Desktop\FRST.txt
  301. 2016-03-18 11:11 - 2016-03-18 11:46 - 00182896 _____ C:\TDSSKiller.2.8.16.0_18.03.2016_11.11.06_log.txt
  302. 2016-03-18 11:11 - 2016-03-18 11:11 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\92516833.sys
  303. 2016-03-18 11:10 - 2016-03-18 11:10 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Adam\Downloads\tdsskiller.exe
  304. 2016-03-18 10:15 - 2016-03-19 11:36 - 00000000 ____D C:\FRST
  305. 2016-03-18 10:09 - 2016-03-18 10:14 - 02374144 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
  306. 2016-03-12 18:53 - 2016-03-12 18:53 - 11035328 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
  307. 2016-03-11 11:19 - 2016-03-11 11:19 - 00002104 _____ C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
  308. 2016-03-11 11:19 - 2016-03-11 11:19 - 00000000 ____D C:\Users\Adam\jagexcache
  309. 2016-03-11 11:19 - 2016-03-11 11:19 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
  310. 2016-03-11 11:16 - 2016-03-11 11:17 - 24223744 _____ C:\Users\Adam\Downloads\RuneScape.msi
  311. 2016-03-10 16:31 - 2016-03-10 16:31 - 00216437 _____ C:\Users\Adam\Downloads\Class_10_Inheritance(1) (1).pptx
  312. 2016-03-10 16:31 - 2016-03-10 16:31 - 00199216 _____ C:\Users\Adam\Downloads\Class_11_DogsCatsChickens (1).pptx
  313. 2016-03-10 16:30 - 2016-03-10 16:30 - 00219198 _____ C:\Users\Adam\Downloads\Class_09_LessonsLearned_ProgrammingAssignment_03.pptx
  314. 2016-03-08 18:47 - 2016-03-08 18:48 - 00246160 _____ C:\Users\Adam\Downloads\Class_12_AbstractionPolymorphism.pptx
  315. 2016-03-08 11:00 - 2016-03-08 11:00 - 00228898 _____ C:\Users\Adam\Downloads\Class_08_Encapsulation (2).pptx
  316. 2016-03-07 16:22 - 2016-03-07 16:22 - 00928358 _____ C:\Users\Adam\Downloads\TrackerI9File.pdf
  317. 2016-03-04 18:44 - 2016-03-04 18:44 - 00967262 _____ C:\Users\Adam\Downloads\IMG_0442.mov
  318. 2016-03-04 18:43 - 2016-03-04 18:43 - 02794042 _____ C:\Users\Adam\Downloads\IMG_0443 (1).mov
  319. 2016-03-04 18:42 - 2016-03-04 18:43 - 02794042 _____ C:\Users\Adam\Downloads\IMG_0443.mov
  320. 2016-03-03 18:14 - 2016-03-03 18:14 - 00199216 _____ C:\Users\Adam\Downloads\Class_11_DogsCatsChickens.pptx
  321. 2016-03-01 18:20 - 2016-03-01 18:20 - 00216437 _____ C:\Users\Adam\Downloads\Class_10_Inheritance(1).pptx
  322. 2016-02-28 12:24 - 2016-02-28 12:24 - 00228898 _____ C:\Users\Adam\Downloads\Class_08_Encapsulation (1).pptx
  323. 2016-02-28 11:25 - 2016-02-28 11:25 - 00000000 ____D C:\Users\Adam\Desktop\AirVPN2
  324. 2016-02-28 11:24 - 2016-02-28 11:24 - 00007083 _____ C:\Users\Adam\Downloads\AirVPN (3).zip
  325. 2016-02-26 23:41 - 2016-02-26 23:41 - 00000705 _____ C:\Users\Adam\AppData\Local\recently-used.xbel
  326. 2016-02-21 12:08 - 2016-02-21 12:08 - 00007055 _____ C:\Users\Adam\Downloads\AirVPN (2).zip
  327. 2016-02-21 12:08 - 2016-02-21 12:08 - 00000000 ____D C:\Users\Adam\Desktop\AirVPN
  328. 2016-02-20 20:16 - 2016-02-20 20:16 - 00007007 _____ C:\Users\Adam\Downloads\AirVPN (1).zip
  329. 2016-02-19 19:02 - 2016-02-19 19:02 - 00007056 _____ C:\Users\Adam\Downloads\AirVPN.zip
  330.  
  331. ==================== One Month Modified files and folders ========
  332.  
  333. (If an entry is included in the fixlist, the file/folder will be moved.)
  334.  
  335. 2016-03-19 11:30 - 2015-07-23 10:06 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Skype
  336. 2016-03-19 11:21 - 2014-09-10 02:20 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  337. 2016-03-19 11:12 - 2015-05-17 19:37 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3719852253-1006456788-3136384108-1001UA.job
  338. 2016-03-19 10:52 - 2014-12-21 20:45 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  339. 2016-03-19 10:45 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
  340. 2016-03-19 10:45 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
  341. 2016-03-19 10:06 - 2015-05-27 19:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
  342. 2016-03-19 10:04 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
  343. 2016-03-19 07:12 - 2015-02-07 17:25 - 00000864 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3719852253-1006456788-3136384108-1001Core.job
  344. 2016-03-19 01:21 - 2014-09-10 02:20 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  345. 2016-03-18 23:45 - 2014-09-10 02:19 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39A10F4E-8ACA-4A87-AA49-E74E2790C864}
  346. 2016-03-18 12:14 - 2014-09-10 02:20 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  347. 2016-03-18 12:14 - 2014-09-10 02:20 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  348. 2016-03-18 10:44 - 2014-09-14 12:54 - 00000000 ____D C:\WINDOWS\system32\MRT
  349. 2016-03-16 22:19 - 2014-09-14 12:54 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
  350. 2016-03-14 22:44 - 2014-09-10 02:09 - 00000000 __RDO C:\Users\Adam\OneDrive
  351. 2016-03-14 22:42 - 2015-08-01 11:51 - 00002403 _____ C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  352. 2016-03-14 22:40 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
  353. 2016-03-14 22:40 - 2015-07-31 23:40 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  354. 2016-03-12 19:23 - 2015-02-07 13:59 - 00002117 _____ C:\Users\Public\Desktop\Google Slides.lnk
  355. 2016-03-12 19:23 - 2015-02-07 13:59 - 00002115 _____ C:\Users\Public\Desktop\Google Sheets.lnk
  356. 2016-03-12 19:23 - 2015-02-07 13:59 - 00002105 _____ C:\Users\Public\Desktop\Google Docs.lnk
  357. 2016-03-12 19:23 - 2015-02-07 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
  358. 2016-03-11 11:19 - 2015-12-28 11:51 - 00000000 ____D C:\Users\Adam
  359. 2016-03-10 17:14 - 2014-09-10 02:06 - 00000000 ____D C:\Users\Adam\AppData\Local\Packages
  360. 2016-03-10 04:21 - 2015-11-06 13:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
  361. 2016-03-09 13:22 - 2016-01-25 00:45 - 00000000 ____D C:\Users\Adam\AppData\Local\Eclipse
  362. 2016-03-09 13:22 - 2016-01-25 00:39 - 00000000 ____D C:\Users\Adam\.p2
  363. 2016-03-09 12:46 - 2016-01-25 00:45 - 00000000 ____D C:\Users\Adam\workspace
  364. 2016-03-09 09:40 - 2014-11-12 19:22 - 00000000 ____D C:\Users\Adam\Desktop\Tor Browser
  365. 2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
  366. 2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
  367. 2016-03-05 21:07 - 2014-11-18 12:39 - 00000000 ____D C:\Program Files (x86)\Connectify
  368. 2016-02-28 12:03 - 2016-01-25 00:39 - 00000000 ____D C:\Users\Adam\.eclipse
  369. 2016-02-26 23:36 - 2014-12-01 18:11 - 00000000 ____D C:\Users\Adam\AppData\Roaming\gnupg
  370. 2016-02-26 22:29 - 2014-12-01 18:24 - 00003205 _____ C:\Users\Adam\Documents\key.txt
  371. 2016-02-26 22:29 - 2014-12-01 18:14 - 00000000 ____D C:\Users\Adam\AppData\Local\gtk-2.0
  372. 2016-02-20 03:34 - 2014-10-14 01:31 - 00000000 ____D C:\Users\Adam\AppData\Local\4B7441F0-2CEA-46AD-9F7F-F24D68D575CD.aplzod
  373.  
  374. ==================== Files in the root of some directories =======
  375.  
  376. 2015-06-28 19:03 - 2015-06-28 19:04 - 0010240 _____ () C:\Users\Adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  377. 2016-02-26 23:41 - 2016-02-26 23:41 - 0000705 _____ () C:\Users\Adam\AppData\Local\recently-used.xbel
  378. 2015-01-28 00:56 - 2015-01-28 00:56 - 0000057 _____ () C:\ProgramData\Ament.ini
  379. 2015-12-28 11:46 - 2015-12-28 11:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
  380.  
  381. ==================== Bamital & volsnap =================
  382.  
  383. (There is no automatic fix for files that do not pass verification.)
  384.  
  385. C:\WINDOWS\system32\winlogon.exe => File is digitally signed
  386. C:\WINDOWS\system32\wininit.exe => File is digitally signed
  387. C:\WINDOWS\explorer.exe => File is digitally signed
  388. C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
  389. C:\WINDOWS\system32\svchost.exe => File is digitally signed
  390. C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
  391. C:\WINDOWS\system32\services.exe => File is digitally signed
  392. C:\WINDOWS\system32\User32.dll => File is digitally signed
  393. C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
  394. C:\WINDOWS\system32\userinit.exe => File is digitally signed
  395. C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
  396. C:\WINDOWS\system32\rpcss.dll => File is digitally signed
  397. C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
  398. C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
  399. C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
  400.  
  401.  
  402. LastRegBack: 2016-02-09 17:26
  403.  
  404. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!