Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
- Ran by Adam (administrator) on ADAMC (19-03-2016 11:36:05)
- Running from C:\Users\Adam\Desktop
- Loaded Profiles: Adam (Available Profiles: Adam)
- Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
- Internet Explorer Version 11 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
- (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
- () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
- (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
- (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
- (DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
- () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
- (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
- (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
- (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
- (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
- (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- (Intel Corporation) C:\Windows\System32\igfxEM.exe
- (Intel Corporation) C:\Windows\System32\igfxHK.exe
- (Intel Corporation) C:\Windows\System32\igfxTray.exe
- (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
- (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
- (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
- (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
- (Cisco) C:\Users\Adam\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
- (Google Inc.) C:\Users\Adam\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
- (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
- (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe
- (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
- (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
- (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
- (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
- (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
- (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
- (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\nacl64.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\nacl64.exe
- (Connectify) C:\Program Files (x86)\Connectify\ConnectifyGopher.exe
- (Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
- () C:\Users\Adam\Desktop\adbFire\adbFire.exe
- () C:\Users\Adam\Desktop\adbFire\adb.exe
- () C:\Users\Adam\Desktop\adbFire\adb.exe
- (Microsoft Corporation) C:\Windows\splwow64.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (g10 Code GmbH) C:\Program Files (x86)\GNU\GnuPG\gpg-agent.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
- (Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
- Failed to access process -> chrome.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- () C:\Users\Adam\eclipse\java-mars\eclipse\eclipse.exe
- () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
- (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
- (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
- (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
- (Oracle Corporation) C:\Program Files\Java\jre1.8.0_72\bin\javaw.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
- (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
- () C:\Users\Adam\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
- (Microsoft Corporation) C:\Windows\System32\cmd.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Mozilla Corporation) C:\Users\Adam\Desktop\Tor Browser\Browser\firefox.exe
- () C:\Users\Adam\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
- (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-12-27] (Realtek Semiconductor)
- HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-12-27] (Realtek Semiconductor)
- HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-07-16] (Synaptics Incorporated)
- HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
- HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
- HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
- HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation)
- HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [PCShowServer] => C:\Users\Adam\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [1631088 2014-09-16] (Cisco)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Google Update] => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-07] (Google Inc.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [MusicManager] => C:\Users\Adam\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [6302856 2015-11-06] (Plex, Inc.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\...\RunOnce: [Uninstall C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
- ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
- ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
- ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
- ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
- ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
- ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [66048 2015-10-30] (Microsoft Corporation)
- Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [66048 2015-10-30] (Microsoft Corporation)
- Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
- Tcpip\..\Interfaces\{a94e9eb8-3a3f-4b77-b874-fc865e37ac61}: [DhcpNameServer] 75.75.75.75 75.75.76.76
- Tcpip\..\Interfaces\{bf12608b-a7c5-4f92-a0d9-853ef29ef9f4}: [DhcpNameServer] 172.4.1.171
- Internet Explorer:
- ==================
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
- HKU\S-1-5-21-3719852253-1006456788-3136384108-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
- SearchScopes: HKU\S-1-5-21-3719852253-1006456788-3136384108-1001 -> DefaultScope {7ED8DB49-14AC-4A47-A296-30FA16905ADC} URL =
- SearchScopes: HKU\S-1-5-21-3719852253-1006456788-3136384108-1001 -> {7ED8DB49-14AC-4A47-A296-30FA16905ADC} URL =
- BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-01-21] (Oracle Corporation)
- BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
- BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
- BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-21] (Microsoft Corporation)
- Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
- FireFox:
- ========
- FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\ojthf6as.default
- FF DefaultSearchEngine.US: Google
- FF Session Restore: -> is enabled.
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-12] ()
- FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-12] ()
- FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
- FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-23] (Microsoft Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
- FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @nds.com/PlayerPlugin -> C:\Users\Adam\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2014-09-16] (Cisco)
- FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @nds.com/PlayerPlugin64 -> C:\Users\Adam\AppData\Local\DIRECTV Player\win64\npPlayerPlugin64.dll [2014-09-16] (Cisco)
- FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Adam\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
- FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
- FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
- FF Plugin HKU\S-1-5-21-3719852253-1006456788-3136384108-1001: NDS.com/PlayerPlugin -> C:\Users\Adam\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2014-09-16] (Cisco)
- FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-12-09] (Octoshape ApS)
- Chrome:
- =======
- CHR Session Restore: Default -> is enabled.
- CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
- CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
- CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
- CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-15]
- CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
- CHR Extension: (Honey) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-03-19]
- CHR Extension: (Adblock Plus) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
- CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
- CHR Extension: (Google Play Music) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-03-16]
- CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
- CHR Extension: (HTTPS Everywhere) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-02-25]
- CHR Extension: (Google Docs Offline) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
- CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-18]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
- CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
- S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
- S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
- S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
- R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
- R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-23] (Microsoft Corporation)
- R3 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [217088 2015-07-21] (Connectify) [File not signed]
- R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2571352 2016-01-05] (Dell Inc.)
- R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201816 2016-01-05] (Dell Inc.)
- S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
- R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [File not signed]
- R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
- R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-21] (Intel Corporation)
- S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
- S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
- R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-12-27] (Realtek Semiconductor)
- R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-01-12] (Dell Inc.)
- R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-16] (Synaptics Incorporated)
- R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
- R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1148120 2014-06-06] (VMware, Inc.)
- S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
- S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
- R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [528600 2014-06-09] (VMware, Inc.)
- R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
- R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
- S2 WavesSysSvc; "C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe" [X]
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R3 athr; C:\Windows\System32\drivers\athw10x.sys [4341424 2016-01-06] (Qualcomm Atheros Communications, Inc.)
- S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
- R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [42152 2015-08-06] (Connectify)
- R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
- R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
- R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
- R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
- R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-01-30] (ESET)
- R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
- R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)
- R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
- R3 kiox_ff_driver; C:\Windows\System32\drivers\kiox_ff_driver.sys [41456 2015-06-15] (Kionix, Inc.)
- R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
- S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
- S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed]
- S3 rt70x64; C:\Windows\system32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.)
- R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [57032 2015-07-16] (Synaptics Incorporated)
- R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
- S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
- S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
- S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
- R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-03-19 11:36 - 2016-03-19 11:37 - 00028733 _____ C:\Users\Adam\Desktop\FRST.txt
- 2016-03-18 11:11 - 2016-03-18 11:46 - 00182896 _____ C:\TDSSKiller.2.8.16.0_18.03.2016_11.11.06_log.txt
- 2016-03-18 11:11 - 2016-03-18 11:11 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\92516833.sys
- 2016-03-18 11:10 - 2016-03-18 11:10 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Adam\Downloads\tdsskiller.exe
- 2016-03-18 10:15 - 2016-03-19 11:36 - 00000000 ____D C:\FRST
- 2016-03-18 10:09 - 2016-03-18 10:14 - 02374144 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
- 2016-03-12 18:53 - 2016-03-12 18:53 - 11035328 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
- 2016-03-11 11:19 - 2016-03-11 11:19 - 00002104 _____ C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
- 2016-03-11 11:19 - 2016-03-11 11:19 - 00000000 ____D C:\Users\Adam\jagexcache
- 2016-03-11 11:19 - 2016-03-11 11:19 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
- 2016-03-11 11:16 - 2016-03-11 11:17 - 24223744 _____ C:\Users\Adam\Downloads\RuneScape.msi
- 2016-03-10 16:31 - 2016-03-10 16:31 - 00216437 _____ C:\Users\Adam\Downloads\Class_10_Inheritance(1) (1).pptx
- 2016-03-10 16:31 - 2016-03-10 16:31 - 00199216 _____ C:\Users\Adam\Downloads\Class_11_DogsCatsChickens (1).pptx
- 2016-03-10 16:30 - 2016-03-10 16:30 - 00219198 _____ C:\Users\Adam\Downloads\Class_09_LessonsLearned_ProgrammingAssignment_03.pptx
- 2016-03-08 18:47 - 2016-03-08 18:48 - 00246160 _____ C:\Users\Adam\Downloads\Class_12_AbstractionPolymorphism.pptx
- 2016-03-08 11:00 - 2016-03-08 11:00 - 00228898 _____ C:\Users\Adam\Downloads\Class_08_Encapsulation (2).pptx
- 2016-03-07 16:22 - 2016-03-07 16:22 - 00928358 _____ C:\Users\Adam\Downloads\TrackerI9File.pdf
- 2016-03-04 18:44 - 2016-03-04 18:44 - 00967262 _____ C:\Users\Adam\Downloads\IMG_0442.mov
- 2016-03-04 18:43 - 2016-03-04 18:43 - 02794042 _____ C:\Users\Adam\Downloads\IMG_0443 (1).mov
- 2016-03-04 18:42 - 2016-03-04 18:43 - 02794042 _____ C:\Users\Adam\Downloads\IMG_0443.mov
- 2016-03-03 18:14 - 2016-03-03 18:14 - 00199216 _____ C:\Users\Adam\Downloads\Class_11_DogsCatsChickens.pptx
- 2016-03-01 18:20 - 2016-03-01 18:20 - 00216437 _____ C:\Users\Adam\Downloads\Class_10_Inheritance(1).pptx
- 2016-02-28 12:24 - 2016-02-28 12:24 - 00228898 _____ C:\Users\Adam\Downloads\Class_08_Encapsulation (1).pptx
- 2016-02-28 11:25 - 2016-02-28 11:25 - 00000000 ____D C:\Users\Adam\Desktop\AirVPN2
- 2016-02-28 11:24 - 2016-02-28 11:24 - 00007083 _____ C:\Users\Adam\Downloads\AirVPN (3).zip
- 2016-02-26 23:41 - 2016-02-26 23:41 - 00000705 _____ C:\Users\Adam\AppData\Local\recently-used.xbel
- 2016-02-21 12:08 - 2016-02-21 12:08 - 00007055 _____ C:\Users\Adam\Downloads\AirVPN (2).zip
- 2016-02-21 12:08 - 2016-02-21 12:08 - 00000000 ____D C:\Users\Adam\Desktop\AirVPN
- 2016-02-20 20:16 - 2016-02-20 20:16 - 00007007 _____ C:\Users\Adam\Downloads\AirVPN (1).zip
- 2016-02-19 19:02 - 2016-02-19 19:02 - 00007056 _____ C:\Users\Adam\Downloads\AirVPN.zip
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2016-03-19 11:30 - 2015-07-23 10:06 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Skype
- 2016-03-19 11:21 - 2014-09-10 02:20 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- 2016-03-19 11:12 - 2015-05-17 19:37 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3719852253-1006456788-3136384108-1001UA.job
- 2016-03-19 10:52 - 2014-12-21 20:45 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- 2016-03-19 10:45 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
- 2016-03-19 10:45 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
- 2016-03-19 10:06 - 2015-05-27 19:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
- 2016-03-19 10:04 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
- 2016-03-19 07:12 - 2015-02-07 17:25 - 00000864 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3719852253-1006456788-3136384108-1001Core.job
- 2016-03-19 01:21 - 2014-09-10 02:20 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- 2016-03-18 23:45 - 2014-09-10 02:19 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{39A10F4E-8ACA-4A87-AA49-E74E2790C864}
- 2016-03-18 12:14 - 2014-09-10 02:20 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2016-03-18 12:14 - 2014-09-10 02:20 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2016-03-18 10:44 - 2014-09-14 12:54 - 00000000 ____D C:\WINDOWS\system32\MRT
- 2016-03-16 22:19 - 2014-09-14 12:54 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
- 2016-03-14 22:44 - 2014-09-10 02:09 - 00000000 __RDO C:\Users\Adam\OneDrive
- 2016-03-14 22:42 - 2015-08-01 11:51 - 00002403 _____ C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
- 2016-03-14 22:40 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
- 2016-03-14 22:40 - 2015-07-31 23:40 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2016-03-12 19:23 - 2015-02-07 13:59 - 00002117 _____ C:\Users\Public\Desktop\Google Slides.lnk
- 2016-03-12 19:23 - 2015-02-07 13:59 - 00002115 _____ C:\Users\Public\Desktop\Google Sheets.lnk
- 2016-03-12 19:23 - 2015-02-07 13:59 - 00002105 _____ C:\Users\Public\Desktop\Google Docs.lnk
- 2016-03-12 19:23 - 2015-02-07 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
- 2016-03-11 11:19 - 2015-12-28 11:51 - 00000000 ____D C:\Users\Adam
- 2016-03-10 17:14 - 2014-09-10 02:06 - 00000000 ____D C:\Users\Adam\AppData\Local\Packages
- 2016-03-10 04:21 - 2015-11-06 13:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
- 2016-03-09 13:22 - 2016-01-25 00:45 - 00000000 ____D C:\Users\Adam\AppData\Local\Eclipse
- 2016-03-09 13:22 - 2016-01-25 00:39 - 00000000 ____D C:\Users\Adam\.p2
- 2016-03-09 12:46 - 2016-01-25 00:45 - 00000000 ____D C:\Users\Adam\workspace
- 2016-03-09 09:40 - 2014-11-12 19:22 - 00000000 ____D C:\Users\Adam\Desktop\Tor Browser
- 2016-03-08 03:12 - 2015-10-30 03:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
- 2016-03-08 03:12 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
- 2016-03-05 21:07 - 2014-11-18 12:39 - 00000000 ____D C:\Program Files (x86)\Connectify
- 2016-02-28 12:03 - 2016-01-25 00:39 - 00000000 ____D C:\Users\Adam\.eclipse
- 2016-02-26 23:36 - 2014-12-01 18:11 - 00000000 ____D C:\Users\Adam\AppData\Roaming\gnupg
- 2016-02-26 22:29 - 2014-12-01 18:24 - 00003205 _____ C:\Users\Adam\Documents\key.txt
- 2016-02-26 22:29 - 2014-12-01 18:14 - 00000000 ____D C:\Users\Adam\AppData\Local\gtk-2.0
- 2016-02-20 03:34 - 2014-10-14 01:31 - 00000000 ____D C:\Users\Adam\AppData\Local\4B7441F0-2CEA-46AD-9F7F-F24D68D575CD.aplzod
- ==================== Files in the root of some directories =======
- 2015-06-28 19:03 - 2015-06-28 19:04 - 0010240 _____ () C:\Users\Adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
- 2016-02-26 23:41 - 2016-02-26 23:41 - 0000705 _____ () C:\Users\Adam\AppData\Local\recently-used.xbel
- 2015-01-28 00:56 - 2015-01-28 00:56 - 0000057 _____ () C:\ProgramData\Ament.ini
- 2015-12-28 11:46 - 2015-12-28 11:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\WINDOWS\system32\winlogon.exe => File is digitally signed
- C:\WINDOWS\system32\wininit.exe => File is digitally signed
- C:\WINDOWS\explorer.exe => File is digitally signed
- C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
- C:\WINDOWS\system32\svchost.exe => File is digitally signed
- C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
- C:\WINDOWS\system32\services.exe => File is digitally signed
- C:\WINDOWS\system32\User32.dll => File is digitally signed
- C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
- C:\WINDOWS\system32\userinit.exe => File is digitally signed
- C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
- C:\WINDOWS\system32\rpcss.dll => File is digitally signed
- C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
- C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
- C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2016-02-09 17:26
- ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement