API tools faq
paste
Advertisement
Guest User

real first.txt

a guest
May 13th, 2017
1,012
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 49.58 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
  2. Ran by BIGJT64 (administrator) on BIGJ-TSERVER (14-05-2017 08:43:17)
  3. Running from C:\Users\BIGJT64\Desktop
  4. Loaded Profiles: BIGJT64 (Available Profiles: BIGJT64)
  5. Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
  6. Internet Explorer Version 11 (Default browser: FF)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (AMD) C:\Windows\System32\atiesrxx.exe
  15. (AMD) C:\Windows\System32\atieclxx.exe
  16. (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
  17. (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
  18. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
  19. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
  20. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
  21. (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
  22. (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\idman.exe
  23. (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIN2E.EXE
  24. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
  25. (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
  26. (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
  27. (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
  28. () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
  29. (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
  30. (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
  31. (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
  32. (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
  33. () C:\Users\BIGJT64\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
  34. (Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Bin\ccSvcHst.exe
  35. (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
  36. (Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Bin\ccSvcHst.exe
  37. (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
  38. (GlavSoft LLC.) C:\Program Files (x86)\TightVNC\tvnserver.exe
  39. (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
  40. (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
  41. (Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Bin64\Smc.exe
  42. (QFX Software Corporation) D:\KeyScrambler\KeyScrambler.exe
  43. (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
  44. (QFX Software Corporation) D:\KeyScrambler\x64\KeyScrambler.exe
  45. (CafeSuite) D:\CafeSuite\cafestation.exe
  46. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  47. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  48. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  49. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  50. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  51. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  52. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  53. (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
  54. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  55. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  56. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  57. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  58. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  59. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  60. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  61. (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
  62. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  63. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  64. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  65. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  66. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  67. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  68. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  69. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  70. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  71.  
  72. ==================== Registry (Whitelisted) ====================
  73.  
  74. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  75.  
  76. HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [503856 2015-09-23] (Acronis)
  77. HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
  78. HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
  79. HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
  80. HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7568104 2015-09-23] ()
  81. HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2016-11-10] (Acronis International GmbH)
  82. HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)
  83. HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
  84. HKLM-x32\...\Run: [Yahoo Messenger] => [X]
  85. HKLM-x32\...\Run: [KeyScrambler] => D:\KeyScrambler\keyscrambler.exe [515600 2017-04-23] (QFX Software Corporation)
  86. HKU\S-1-5-19\...\Run: [] => [X]
  87. HKU\S-1-5-19\...\RunOnce: [] => [X]
  88. HKU\S-1-5-20\...\Run: [] => [X]
  89. HKU\S-1-5-20\...\RunOnce: [] => [X]
  90. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3966064 2016-11-10] (Tonec Inc.)
  91. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Run: [] => [X]
  92. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIN2E.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION)
  93. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Run: [COM+] => regsvr32 /s /n /u /i:hxxp://server2.39slxu3bw.ru/sitemap.xml scrobj.dll
  94. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Policies\system: [ConsentPromptBehaviorAdmin] 0
  95. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Policies\system: [EnableLUA] 0
  96. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Policies\system: [PromptOnSecureDesktop] 0
  97. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Policies\Explorer: [HideClock] 0
  98. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Policies\Explorer: [NoFind] 0
  99. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Policies\Explorer: [NoViewContextMenu] 0
  100. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Policies\Explorer: [NoFile] 0
  101. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {01e6d824-e1cf-11e6-8453-bc5ff43ce846} - E:\AutoRun.exe
  102. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {03a0a139-bc14-11e6-b352-bc5ff43ce846} - E:\Setup.exe /s
  103. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {0fbb74a4-8f48-11e6-acf4-bc5ff43ce846} - E:\AutoRun.exe
  104. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {1181b1e1-0526-11e7-ac38-bc5ff43ce846} - E:\Setup.exe /s
  105. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {14245e4c-7d35-11e6-88b4-bc5ff43ce846} - E:\Loader.exe
  106. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {1b69d94c-344e-11e7-bcee-bc5ff43ce846} - E:\Setup.exe /s
  107. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {1f364352-18cb-11e7-8687-bc5ff43ce846} - E:\Lenovo_Suite.exe
  108. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {2bfd5668-a227-11e6-b207-bc5ff43ce846} - E:\HTC_Sync_Manager_PC.exe
  109. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {33b8f65a-15a5-11e7-91f6-bc5ff43ce846} - E:\Setup.exe /s
  110. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {3410545f-9054-11e6-8d27-bc5ff43ce846} - E:\LaunchU3.exe -a
  111. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {3f04c6a8-0dce-11e7-8236-bc5ff43ce846} - E:\Setup.exe /s
  112. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {40361bf4-e68a-11e6-b4c5-bc5ff43ce846} - E:\.\ShowModem.exe
  113. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {4406223b-e8e1-11e6-9d97-bc5ff43ce846} - E:\AutoRun.exe
  114. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {446710be-294c-11e7-9e41-bc5ff43ce846} - E:\Setup.exe
  115. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {49f4db1e-e03d-11e6-b86d-bc5ff43ce846} - E:\LaunchU3.exe -a
  116. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {4c6bb791-df77-11e6-8a5e-bc5ff43ce846} - E:\LGAutoRun.exe
  117. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {4e57d613-9400-11e6-88b1-bc5ff43ce846} - E:\iLinker.exe
  118. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {5649af6a-89c6-11e6-a32d-bc5ff43ce846} - E:\Autorun.exe
  119. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {618ef039-be93-11e6-b21a-bc5ff43ce846} - E:\LaunchU3.exe -a
  120. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {72eb3815-ee5f-11e6-9ac8-bc5ff43ce846} - E:\Setup.exe /s
  121. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {7830a201-cb06-11e6-9e12-bc5ff43ce846} - E:\Setup.exe /s
  122. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {d543a5bc-8c20-11e6-a250-bc5ff43ce846} - E:\HiSuiteDownLoader.exe
  123. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {d7daec99-9bfe-11e6-81a7-bc5ff43ce846} - E:\Setup.exe /s
  124. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {d7daece3-9bfe-11e6-81a7-bc5ff43ce846} - E:\Setup.exe /s
  125. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {dad4bae3-1283-11e7-8567-bc5ff43ce846} - E:\Setup.exe
  126. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {db3ada56-fd4a-11e6-9092-bc5ff43ce846} - E:\Setup.exe /s
  127. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {e585596e-1bef-11e7-8c7b-bc5ff43ce846} - E:\HiSuiteDownLoader.exe
  128. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {ea99763a-dc51-11e6-839c-bc5ff43ce846} - E:\Setup.exe
  129. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {ef283243-ffa7-11e6-bf33-bc5ff43ce846} - E:\Lenovo_Suite.exe
  130. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\MountPoints2: {ff8d439e-2ba6-11e7-b8ef-bc5ff43ce846} - E:\Setup.exe
  131. HKU\S-1-5-18\...\Run: [] => [X]
  132. Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
  133. ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
  134. ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
  135. ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
  136. ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
  137. ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
  138. Startup: C:\Users\BIGJT64\Start Menu\Programs\Startup\Start.lnk [2016-10-11]
  139. ShortcutTarget: Start.lnk -> C:\Users\BIGJT64\AppData\Roaming\liyxxldbl\fkxoylfyj64.exe (Microsoft Corporation)
  140. Startup: C:\Users\BIGJT64\Start Menu\Programs\Startup\U.lnk [2017-05-12]
  141. ShortcutTarget: U.lnk -> C:\Users\BIGJT64\AppData\Roaming\eeyywwuuse.exe ()
  142. GroupPolicy: Restriction <======= ATTENTION
  143.  
  144. ==================== Internet (Whitelisted) ====================
  145.  
  146. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  147.  
  148. HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
  149. Hosts: 127.0.0.1 activation.acronis.com
  150. Tcpip\..\Interfaces\{13A70751-64DA-4D11-BC9B-936673F829E2}: [DhcpNameServer] 192.168.137.129
  151. Tcpip\..\Interfaces\{4196485E-2368-4678-8D6D-E6B0196C785D}: [NameServer] 208.67.222.222,8.8.8.8
  152. Tcpip\..\Interfaces\{EA5C5AF3-DB0F-4248-AA88-9FCE81D4FCF2}: [DhcpNameServer] 192.168.42.129
  153.  
  154. Internet Explorer:
  155. ==================
  156. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://login.hhtxnet.com/
  157. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/enterprise/security_response/index.jsp?inid=biz_SR_sep_V12_1_MR_2
  158. HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.hhtxnet.com/
  159. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  160. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  161. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  162. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  163. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/enterprise/security_response/index.jsp?inid=biz_SR_sep_V12_1_MR_2
  164. HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/enterprise/security_response/index.jsp?inid=biz_SR_sep_V12_1_MR_2
  165. HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  166. HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/enterprise/security_response/index.jsp?inid=biz_SR_sep_V12_1_MR_2
  167. HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  168. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
  169. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/enterprise/security_response/index.jsp?inid=biz_SR_sep_V12_1_MR_2
  170. HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp
  171. BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-10-11] (Internet Download Manager, Tonec Inc.)
  172. BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security)
  173. BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-07-10] (Microsoft Corporation)
  174. BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
  175. BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
  176. BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-10-11] (Internet Download Manager, Tonec Inc.)
  177. BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26] (Intel Security)
  178. BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
  179. BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
  180. BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\bin\IPS\IPSBHO.DLL [2014-06-17] (Symantec Corporation)
  181. BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
  182. BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
  183. Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security)
  184. Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26] (Intel Security)
  185. Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
  186. Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
  187.  
  188. FireFox:
  189. ========
  190. FF DefaultProfile: q8r17451.default
  191. FF ProfilePath: C:\Users\BIGJT64\AppData\Roaming\Mozilla\Firefox\Profiles\q8r17451.default [2017-05-14]
  192. FF user.js: detected! => C:\Users\BIGJT64\AppData\Roaming\Mozilla\Firefox\Profiles\q8r17451.default\user.js [2016-10-10]
  193. FF Homepage: Mozilla\Firefox\Profiles\q8r17451.default -> hxxp://login.hhtxnet.com/search.php?q=
  194. FF Keyword.URL: Mozilla\Firefox\Profiles\q8r17451.default -> hxxp://login.hhtxnet.com/search.php?q=
  195. FF Extension: (YouTube Video and Audio Downloader) - C:\Users\BIGJT64\AppData\Roaming\Mozilla\Firefox\Profiles\q8r17451.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-02]
  196. FF Extension: (AdBlocker for YouTube™) - C:\Users\BIGJT64\AppData\Roaming\Mozilla\Firefox\Profiles\q8r17451.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2017-02-25]
  197. FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
  198. FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-04-22] [not signed]
  199. FF HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
  200. FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-10-11]
  201. FF HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
  202. FF HKU\S-1-5-21-3086366465-1504510743-3309700462-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\BIGJT64\AppData\Roaming\IDM\idmmzcc5
  203. FF Extension: (IDM CC) - C:\Users\BIGJT64\AppData\Roaming\IDM\idmmzcc5 [2017-05-14] [not signed]
  204. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
  205. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-10] (Microsoft Corporation)
  206. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
  207. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
  208. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
  209. FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
  210. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
  211. FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-10] (Microsoft Corporation)
  212. FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
  213.  
  214. Chrome:
  215. =======
  216. CHR HomePage: Default -> hxxps://www.google.com/
  217. CHR StartupUrls: Default -> "hxxps://www.google.com/"
  218. CHR Profile: C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default [2017-05-14]
  219. CHR Extension: (Google Slides) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-01]
  220. CHR Extension: (Google Docs) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-01]
  221. CHR Extension: (YouTube) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-03]
  222. CHR Extension: (Adobe Acrobat) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
  223. CHR Extension: (Google Sheets) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-03]
  224. CHR Extension: (Google Docs Offline) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-04]
  225. CHR Extension: (Adblock Plus for YouTube™) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmphebflmgdapnodojiagpcigfklffcp [2016-12-27]
  226. CHR Extension: (IDM Integration Module) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-04-27]
  227. CHR Extension: (Chrome Web Store Payments) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
  228. CHR Extension: (Gmail) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-03]
  229. CHR Extension: (Chrome Media Router) - C:\Users\BIGJT64\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
  230. CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-10-23]
  231. CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
  232. CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-10-23]
  233.  
  234. ==================== Services (Whitelisted) ====================
  235.  
  236. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  237.  
  238. S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
  239. R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
  240. R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
  241. R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
  242. R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
  243. R2 KingoSoftService; C:\Users\BIGJT64\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [367584 2016-10-19] ()
  244. S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3114464 2012-05-18] (Symantec Corporation)
  245. S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
  246. S3 QFXUpdateService; D:\KeyScrambler\x64\QFXUpdateService.exe [86544 2017-04-23] ()
  247. R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Bin\ccSvcHst.exe [143928 2014-06-17] (Symantec Corporation)
  248. R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Bin64\Smc.exe [2299192 2014-06-17] (Symantec Corporation)
  249. S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Bin64\snac64.exe [334736 2014-06-16] (Symantec Corporation)
  250. R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-18] (McAfee, Inc.)
  251. R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-18] (McAfee, Inc.)
  252. S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-18] (McAfee, Inc.)
  253. R2 tvnserver; C:\Program Files (x86)\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
  254. R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)
  255. S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-05-16] (Microsoft Corporation)
  256. S2 EraserSvc11620; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\ccSvcHst.exe" /h ccCommon [X]
  257. S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
  258.  
  259. ===================== Drivers (Whitelisted) ======================
  260.  
  261. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  262.  
  263. R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
  264. R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Data\Definitions\BASHDefs\20170508.001\BHDrvx64.sys [1831064 2017-04-07] (Symantec Corporation)
  265. R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
  266. R1 ccSettings_{FA0ED830-25A2-4721-AB37-26A5FF82EB30}; C:\Windows\System32\Drivers\SEP\0C010834\082D.105\x64\ccSetx64.sys [168096 2014-06-16] (Symantec Corporation)
  267. R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507032 2017-05-11] (Symantec Corporation)
  268. R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-05-11] (Symantec Corporation)
  269. R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2016-09-05] (Acronis International GmbH)
  270. U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
  271. R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Data\Definitions\IPSDefs\20170513.011\IDSvia64.sys [1012952 2017-02-03] (Symantec Corporation)
  272. R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [233248 2017-02-20] (QFX Software Corporation)
  273. S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
  274. R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Data\Definitions\VirusDefs\20170512.009\ENG64.SYS [138912 2017-02-01] (Symantec Corporation)
  275. R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Data\Definitions\VirusDefs\20170512.009\EX64.SYS [2151072 2017-02-01] (Symantec Corporation)
  276. R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010834\082D.105\x64\SRTSP64.SYS [796248 2014-06-16] (Symantec Corporation)
  277. R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010834\082D.105\x64\SRTSPX64.SYS [36952 2014-06-16] (Symantec Corporation)
  278. S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2100.2093.105\Bin64\SyDvCtrl64.sys [34800 2014-06-16] (Symantec Corporation)
  279. R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010834\082D.105\x64\SYMDS64.SYS [493216 2014-06-16] (Symantec Corporation)
  280. R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010834\082D.105\x64\SYMEFA64.SYS [1133216 2014-06-16] (Symantec Corporation)
  281. R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2016-09-05] (Symantec Corporation)
  282. R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010834\082D.105\x64\Ironx64.SYS [224416 2014-06-16] (Symantec Corporation)
  283. R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010834\082D.105\x64\SYMNETS.SYS [432800 2014-06-16] (Symantec Corporation)
  284. R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [155352 2016-09-05] (Symantec Corporation)
  285. R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [91944 2014-06-17] (Symantec Corporation)
  286. R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2016-09-05] (Acronis International GmbH)
  287. R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198088 2016-09-05] (Acronis International GmbH)
  288. S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [553912 2016-09-05] (Acronis International GmbH)
  289. U0 aswVmm; no ImagePath
  290. U0 sr; no ImagePath
  291. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  292. S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
  293.  
  294. ==================== NetSvcs (Whitelisted) ===================
  295.  
  296. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  297.  
  298.  
  299. ==================== One Month Created files and folders ========
  300.  
  301. (If an entry is included in the fixlist, the file/folder will be moved.)
  302.  
  303. 2017-05-14 08:43 - 2017-05-14 08:43 - 00030653 _____ C:\Users\BIGJT64\Desktop\FRST.txt
  304. 2017-05-14 08:43 - 2017-05-14 08:43 - 00000000 ____D C:\FRST
  305. 2017-05-14 08:42 - 2017-05-14 08:41 - 02429440 _____ (Farbar) C:\Users\BIGJT64\Desktop\FRST64.exe
  306. 2017-05-14 08:23 - 2017-05-14 08:23 - 00000745 _____ C:\Users\BIGJT64\Downloads\coins password.txt
  307. 2017-05-13 20:13 - 2017-05-14 08:29 - 00932864 _____ C:\Users\BIGJT64\Desktop\Padala Record May 14.xls
  308. 2017-05-13 17:06 - 2017-05-13 17:06 - 00003192 _____ C:\Windows\System32\Tasks\{4C0DB3A3-2093-4ADA-9E33-99A55DD60E3C}
  309. 2017-05-13 17:06 - 2017-05-13 17:06 - 00000000 ____D C:\Program Files\Enigma Software Group
  310. 2017-05-13 17:05 - 2017-05-13 17:05 - 13016728 _____ (Litecoin Core project) C:\Users\BIGJT64\Downloads\litecoin-0.13.2-win64-setup.exe
  311. 2017-05-13 16:33 - 2017-05-13 16:33 - 00000000 ____D C:\Users\BIGJT64\AppData\Roaming\QFX Software
  312. 2017-05-13 16:33 - 2017-05-13 16:33 - 00000000 ____D C:\ProgramData\QFX Software
  313. 2017-05-13 16:29 - 2017-05-13 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
  314. 2017-05-13 16:29 - 2017-02-20 03:15 - 00233248 _____ (QFX Software Corporation) C:\Windows\system32\Drivers\keyscrambler.sys
  315. 2017-05-13 16:06 - 2017-05-13 16:07 - 00000000 ____D C:\Windows\pss
  316. 2017-05-13 14:09 - 2017-05-13 14:09 - 00346251 _____ C:\Users\BIGJT64\Downloads\romelyn.pdf
  317. 2017-05-12 15:16 - 2017-05-12 15:17 - 00000000 ____D C:\Users\Public\123
  318. 2017-05-12 12:54 - 2017-05-12 12:54 - 00125441 _____ C:\Users\Public\11111.pdf
  319. 2017-05-12 08:29 - 2017-05-12 08:29 - 71679202 __RSH C:\Users\BIGJT64\AppData\Roaming\eeyywwuuse.exe
  320. 2017-05-11 20:39 - 2017-05-11 21:29 - 00078380 _____ C:\Users\Public\biz1.pptx
  321. 2017-05-11 19:18 - 2017-05-11 19:38 - 00029696 _____ C:\Users\Public\~WRA0601.wbk
  322. 2017-05-11 19:18 - 2017-05-11 19:28 - 00029696 ____H C:\Users\Public\~WRL0125.tmp
  323. 2017-05-11 19:18 - 2017-05-11 19:18 - 00029696 ____H C:\Users\Public\~WRL0004.tmp
  324. 2017-05-11 12:04 - 2017-05-11 12:04 - 00366138 _____ C:\Users\Public\Cebu Pacific.pdf
  325. 2017-05-11 12:00 - 2017-05-11 12:00 - 00617492 _____ C:\Users\Public\a
  326. 2017-05-11 10:26 - 2017-05-11 10:26 - 00158998 _____ C:\Users\Public\Individual Evaluation Report.pdf
  327. 2017-05-11 08:53 - 2017-05-11 08:53 - 00143732 _____ C:\Users\Public\347002936012 (1).pdf
  328. 2017-05-10 22:30 - 2017-05-10 22:30 - 00726130 _____ C:\Users\Public\MDF (1).pdf
  329. 2017-05-10 14:49 - 2017-05-10 14:49 - 00032256 _____ C:\Users\Public\Cost Distribution Lorenzo Ruiz School.xls
  330. 2017-05-10 14:46 - 2017-05-10 14:46 - 00032256 _____ C:\Users\BIGJT64\Downloads\Cost Distribution Lorenzo Ruiz School (2).xls
  331. 2017-05-10 14:45 - 2017-05-10 14:45 - 00032256 _____ C:\Users\BIGJT64\Downloads\Cost Distribution Lorenzo Ruiz School (1).xls
  332. 2017-05-10 14:36 - 2017-05-10 14:36 - 00032256 _____ C:\Users\BIGJT64\Downloads\Cost Distribution Lorenzo Ruiz School.xls
  333. 2017-05-09 22:58 - 2017-05-09 22:58 - 00050688 _____ C:\Users\Public\~WRA1593.asd
  334. 2017-05-09 18:59 - 2017-05-09 18:59 - 00205316 _____ C:\Users\Public\1Itinerary_PDF.pdf
  335. 2017-05-09 18:59 - 2017-05-09 18:59 - 00031548 _____ C:\Users\Public\2Official Receipt PDF.pdf
  336. 2017-05-09 15:53 - 2017-05-09 15:53 - 00344944 _____ C:\Users\Public\PDFFile.pdf
  337. 2017-05-08 18:26 - 2017-05-08 18:26 - 00040468 _____ C:\Users\Public\20170430-0200000844-SMMG-Mall-CARICA DISTRIBUTORS INC.pdf
  338. 2017-05-08 14:59 - 2017-05-08 14:59 - 00368301 _____ C:\Users\Public\2 VALID ID'S.PDF
  339. 2017-05-08 14:58 - 2017-05-08 14:58 - 00103792 _____ C:\Users\Public\Your voucher - Metrodeal Philippines3.pdf
  340. 2017-05-08 14:56 - 2017-05-08 14:56 - 00102677 _____ C:\Users\Public\Your voucher - Metrodeal Philippines2.pdf
  341. 2017-05-08 14:03 - 2017-05-08 13:56 - 00064514 _____ C:\Users\Public\discharge-of-domingo (1).PDF
  342. 2017-05-08 11:50 - 2017-05-08 11:49 - 00443485 _____ C:\Users\Public\CS-Form-100-Revised-September-2016.pdf
  343. 2017-05-08 11:46 - 2017-05-08 11:45 - 00651081 _____ C:\Users\Public\CS Form 100_Revised 2015_For Oct 23 2016 CSE PPT_a.pdf
  344. 2017-05-07 17:05 - 2017-05-07 17:05 - 00533800 _____ C:\Users\Public\2 VALID ID'S2.pdf
  345. 2017-05-07 09:04 - 2017-05-07 09:04 - 00129684 _____ C:\Users\Public\Manila Cockers Club, Inc_.pdf
  346. 2017-05-06 22:15 - 2017-05-06 22:15 - 00293459 _____ C:\Users\Public\XRQCFD_FMNPH30F9DAD3E.pdf
  347. 2017-05-06 22:14 - 2017-05-06 22:14 - 00291992 _____ C:\Users\Public\Booking Details.pdf
  348. 2017-05-06 22:12 - 2017-05-06 22:12 - 00634437 _____ C:\Users\Public\Cruise-Confirmation-YEUNG.pdf
  349. 2017-05-06 18:19 - 2017-05-06 18:19 - 00000000 ___RD C:\Users\Public\Documents\Documents (2)
  350. 2017-05-06 18:19 - 2017-05-06 18:19 - 00000000 ____D C:\Users\Public\Documents\My Apps
  351. 2017-05-06 16:34 - 2017-05-06 16:33 - 00345325 _____ C:\Users\Public\00092017080900056.pdf
  352. 2017-05-06 16:17 - 2017-05-06 16:17 - 00002752 _____ C:\Users\Public\doc.pdf
  353. 2017-05-05 21:01 - 2017-05-05 21:01 - 00260845 _____ C:\Users\BIGJT64\Downloads\CALLE GOMEZ - BUDGETARY COST.pdf
  354. 2017-05-05 21:01 - 2017-05-05 21:01 - 00010156 _____ C:\Users\BIGJT64\Downloads\CALLE GOMEZ BOARDING HOUSE final-Model.pdf
  355. 2017-05-04 21:53 - 2017-05-04 21:54 - 00000000 ____D C:\Users\Public\scan101
  356. 2017-05-04 19:45 - 2017-05-04 19:45 - 00000000 ____D C:\Users\Public\Display Own Grades (Add_Edit_Delete)_files
  357. 2017-05-04 19:45 - 2017-05-04 19:43 - 00012968 _____ C:\Users\Public\Display Own Grades (Add_Edit_Delete).html
  358. 2017-05-04 12:58 - 2017-05-04 12:58 - 00062955 _____ C:\Users\BIGJT64\Downloads\A Dog's Purpose (2017) [1080p] [YTS.AG].torrent
  359. 2017-05-04 12:55 - 2017-05-04 12:55 - 00082383 _____ C:\Users\BIGJT64\Downloads\Fifty Shades Darker (2017) [1080p] [YTS.AG].torrent
  360. 2017-05-04 11:48 - 2017-05-04 11:48 - 00346266 _____ C:\Users\Public\00072017080100683 (1).pdf
  361. 2017-05-04 09:15 - 2017-05-04 09:15 - 00001151 _____ C:\Users\Public\Desktop\True Key.lnk
  362. 2017-05-03 21:59 - 2017-05-03 21:59 - 00857277 _____ C:\Users\Public\cal.xlsx
  363. 2017-05-02 17:53 - 2017-05-02 17:53 - 00112329 _____ C:\Users\Public\TKT ROWENA CEBU.pdf
  364. 2017-05-02 17:53 - 2017-05-02 17:53 - 00110464 _____ C:\Users\Public\TKT ROWENA QR.pdf
  365. 2017-05-02 11:31 - 2017-05-02 11:31 - 00141571 _____ C:\Users\Public\SICKNESS NOTIFICATION FORM (1).pdf
  366. 2017-05-02 10:12 - 2017-05-02 10:12 - 00361124 _____ C:\Users\Public\1HERMES GROUND RATES CARD_MINOR SPONSORS2017.pdf
  367. 2017-05-02 10:12 - 2017-05-02 10:12 - 00344745 _____ C:\Users\Public\1HERMES SPORTS_SPONSOR MAP_NAASCU2017.pdf
  368. 2017-05-02 10:09 - 2017-05-02 10:09 - 00332726 _____ C:\Users\Public\1HERMES PRODUCTIONS_SOLAR_RATE CARD_2017 (2) (1).pdf
  369. 2017-05-01 13:31 - 2017-05-01 12:42 - 00211184 _____ C:\Users\Public\GILBERT LAYLO (1)_2.pdf
  370. 2017-05-01 13:28 - 2017-05-01 12:42 - 00211184 _____ C:\Users\Public\GILBERT LAYLO (1).pdf
  371. 2017-04-30 20:32 - 2017-04-30 20:23 - 00609502 _____ C:\Users\Public\UPDATED CV.pdf
  372. 2017-04-30 19:05 - 2017-04-30 19:05 - 00023040 _____ C:\Users\Public\~WRA0980.asd
  373. 2017-04-29 19:52 - 2017-04-29 19:51 - 00515581 _____ C:\Users\Public\mabunga, arlene.jpeg
  374. 2017-04-29 17:07 - 2017-04-29 17:07 - 00121373 _____ C:\Users\Public\MED2SY_D3D69E168AD44FC08105BC64F3BF2F78.pdf
  375. 2017-04-28 22:53 - 2017-04-28 22:53 - 00551220 _____ C:\Users\Public\JZGTHAI Flor's Garden Certificate - 29 april 2017.pptx
  376. 2017-04-28 17:06 - 2017-04-28 17:09 - 00000000 ____D C:\Users\Public\qwert
  377. 2017-04-28 13:39 - 2017-04-28 12:55 - 00345460 _____ C:\Users\Public\yolanda passport.pdf
  378. 2017-04-28 11:51 - 2017-04-28 11:51 - 00031463 _____ C:\Users\Public\wds makati(1).pdf
  379. 2017-04-27 16:17 - 2017-04-27 16:37 - 00023040 _____ C:\Users\Public\~WRA2240.asd
  380. 2017-04-27 13:46 - 2017-04-27 13:46 - 00265420 _____ C:\Users\Public\Joann Heruela (1).pdf
  381. 2017-04-27 11:25 - 2017-04-27 11:14 - 00301066 _____ C:\Users\Public\Resume (1).pdf
  382. 2017-04-26 16:24 - 2017-04-26 16:24 - 00501119 _____ C:\Users\Public\SHS_Certificate_426201712254 (1).pdf
  383. 2017-04-26 14:28 - 2017-04-26 14:28 - 00132010 _____ C:\Users\Public\NSO Certificate Delivery Pay Online _ NSOHelpline.pdf
  384. 2017-04-26 08:47 - 2017-04-26 08:46 - 00346067 _____ C:\Users\Public\00062017072500644.pdf
  385. 2017-04-25 23:19 - 2017-04-26 00:01 - 00000000 ____D C:\Users\Public\sc
  386. 2017-04-25 21:40 - 2017-04-25 21:34 - 00075133 _____ C:\Users\Public\CEACAA006URLIK.PDF
  387. 2017-04-25 19:41 - 2017-04-25 19:38 - 00345106 _____ C:\Users\Public\00042017071402160.pdf
  388. 2017-04-25 08:58 - 2017-04-25 08:57 - 00666088 _____ C:\Users\Public\Offer Letter-No. 636 Pinaglaanan St., Brgy. Pedro Cruz, San Juan City.pdf
  389. 2017-04-24 21:51 - 2017-04-24 21:49 - 00036294 _____ C:\Users\Public\GALINDEZ, SYLL WEIN C.res.pdf
  390. 2017-04-24 15:14 - 2017-04-24 15:14 - 00010407 _____ C:\Users\Public\DBS.xlsx
  391. 2017-04-24 14:14 - 2017-04-24 14:14 - 00157940 _____ C:\Users\Public\PRC Official Website - Online Application System.pdf
  392. 2017-04-24 14:13 - 2017-04-24 14:13 - 00199920 _____ C:\Users\Public\PRC Official Website - Online Application for Licensure Examination.pdf
  393. 2017-04-23 22:26 - 2017-04-23 22:27 - 00028160 _____ C:\Users\Public\AutoRecovery save of sampleMechanical Engineering Resume.asd
  394. 2017-04-23 17:46 - 2017-04-23 17:46 - 00339291 _____ C:\Users\Public\00042017042401032.pdf
  395. 2017-04-21 20:15 - 2017-04-21 20:15 - 00048128 _____ C:\Users\Public\~WRA0414.asd
  396. 2017-04-21 19:04 - 2017-04-21 19:04 - 00023040 _____ C:\Users\Public\~WRA0378.asd
  397. 2017-04-21 14:56 - 2017-04-21 14:56 - 00187361 _____ C:\Users\Public\https___www.eserve.com.sa_VVSWeb_actions_vvs.pdf
  398. 2017-04-20 15:45 - 2017-04-20 15:45 - 00118182 _____ C:\Users\Public\3.pdf
  399. 2017-04-20 15:44 - 2017-04-20 15:44 - 00162870 _____ C:\Users\Public\4.pdf
  400. 2017-04-20 15:40 - 2017-04-20 15:40 - 00104413 _____ C:\Users\Public\Untitled Document2.pdf
  401. 2017-04-20 15:39 - 2017-04-20 15:39 - 00117810 _____ C:\Users\Public\Untitled Document.pdf
  402. 2017-04-20 12:35 - 2017-04-20 12:35 - 00345815 _____ C:\Users\Public\00092017071200963 (1).pdf
  403. 2017-04-20 09:11 - 2017-04-20 09:10 - 00131909 _____ C:\Users\Public\Itinerary_PDF-1.pdf
  404. 2017-04-20 08:41 - 2017-05-14 08:41 - 00000911 _____ C:\Windows\Tasks\EPSON L220 Series Update {853603A9-B34E-4613-A1D2-C4E8390AAF10}.job
  405. 2017-04-20 08:41 - 2017-04-20 08:41 - 00003978 _____ C:\Windows\System32\Tasks\EPSON L220 Series Update {853603A9-B34E-4613-A1D2-C4E8390AAF10}
  406. 2017-04-18 22:46 - 2017-04-18 22:46 - 00235502 _____ C:\Users\Public\Final-template-of-Medical-Certification-michelle.pptx
  407. 2017-04-18 08:56 - 2017-04-18 16:24 - 00000000 ____D C:\Users\Public\Reset EpsonL110-L210-L300-L350-L355 - printersdrivercenter.blogspot.com
  408. 2017-04-18 08:55 - 2017-04-18 08:55 - 01242048 _____ C:\Users\Public\Reset EpsonL110-L210-L300-L350-L355 - printersdrivercenter.blogspot.com.zip
  409. 2017-04-17 21:20 - 2017-04-17 21:20 - 00073598 _____ C:\Users\Public\Republic of the Philippines Social Security System.pdf
  410. 2017-04-17 12:27 - 2017-04-17 12:26 - 00126902 _____ C:\Users\Public\Application Guide For A License As A Certified Pesticide Applicator.pdf
  411. 2017-04-17 12:27 - 2017-04-17 12:26 - 00121917 _____ C:\Users\Public\Application Guide For A License As A Franchise Urban Pest Control Operator.pdf
  412. 2017-04-17 12:27 - 2017-04-17 12:25 - 00235818 _____ C:\Users\Public\Brochure Urban Pest Management Program Designed For CPAs April 19-21, 2017.pdf
  413. 2017-04-17 11:37 - 2017-04-17 11:36 - 00344669 _____ C:\Users\Public\00242017052400204.pdf
  414. 2017-04-16 16:44 - 2017-04-16 16:44 - 00120832 _____ C:\Users\Public\~WRA0882.wbk
  415. 2017-04-16 13:26 - 2017-04-16 14:16 - 00036864 _____ C:\Users\Public\~WRA2796.asd
  416. 2017-04-15 19:34 - 2017-04-15 19:34 - 00002052 _____ C:\Windows\epplauncher.mif
  417. 2017-04-14 17:17 - 2017-04-14 17:17 - 00015391 _____ C:\Users\BIGJT64\Downloads\Evan Almighty (2007) [1080p] [YTS.AG].torrent
  418.  
  419. ==================== One Month Modified files and folders ========
  420.  
  421. (If an entry is included in the fixlist, the file/folder will be moved.)
  422.  
  423. 2017-05-14 08:42 - 2016-09-04 23:49 - 00000000 ____D C:\Users\BIGJT64\AppData\Roaming\DMCache
  424. 2017-05-14 08:39 - 2016-12-01 13:14 - 00000000 ____D C:\Users\BIGJT64\AppData\LocalLow\Mozilla
  425. 2017-05-14 08:25 - 2009-07-14 12:45 - 00018912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  426. 2017-05-14 08:25 - 2009-07-14 12:45 - 00018912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  427. 2017-05-14 08:12 - 2016-12-30 22:33 - 00000000 ____D C:\Users\BIGJT64\Desktop\Print
  428. 2017-05-14 08:12 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  429. 2017-05-13 23:49 - 2017-01-11 23:52 - 00034304 _____ C:\Users\BIGJT64\Desktop\BIGJ-DAILY-SALES-SLIP-2017.xls
  430. 2017-05-13 22:40 - 2009-07-14 13:13 - 00785562 _____ C:\Windows\system32\PerfStringBackup.INI
  431. 2017-05-13 22:40 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
  432. 2017-05-13 21:57 - 2016-12-16 18:52 - 00000000 ____D C:\Users\Public\New folder
  433. 2017-05-13 18:21 - 2016-09-27 13:43 - 00000000 ____D C:\Users\BIGJT64\AppData\Roaming\vlc
  434. 2017-05-13 16:10 - 2016-09-04 22:32 - 00112864 _____ C:\Users\BIGJT64\AppData\Local\GDIPFONTCACHEV1.DAT
  435. 2017-05-13 16:09 - 2009-07-14 12:45 - 00427272 _____ C:\Windows\system32\FNTCACHE.DAT
  436. 2017-05-13 14:43 - 2016-10-12 16:19 - 00000000 ____D C:\Users\BIGJT64\AppData\Local\CrashDumps
  437. 2017-05-13 14:41 - 2016-11-30 14:40 - 00000000 ____D C:\Program Files (x86)\TeamViewer
  438. 2017-05-13 12:43 - 2017-04-06 14:58 - 00000000 ____D C:\Users\Public\1
  439. 2017-05-13 11:19 - 2016-09-04 23:30 - 00000000 ____D C:\ProgramData\Symantec
  440. 2017-05-12 15:17 - 2017-02-23 20:55 - 00937472 ___SH C:\Users\Public\Thumbs.db
  441. 2017-05-12 08:42 - 2016-12-01 20:17 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  442. 2017-05-12 08:42 - 2016-12-01 20:17 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  443. 2017-05-12 08:39 - 2017-02-13 12:29 - 00000000 ____D C:\Users\Public\mariel
  444. 2017-05-11 08:15 - 2016-09-05 17:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
  445. 2017-05-10 22:04 - 2017-03-13 11:59 - 00114001 _____ C:\Users\Public\NBI CLEARANCE.pdf
  446. 2017-05-10 17:43 - 2016-10-26 17:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
  447. 2017-05-10 08:25 - 2017-01-24 17:25 - 00000000 ____D C:\Program Files (x86)\McAfee
  448. 2017-05-09 10:00 - 2017-01-24 17:25 - 00003312 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
  449. 2017-05-09 10:00 - 2017-01-24 17:00 - 00000000 ____D C:\ProgramData\McAfee
  450. 2017-05-08 20:59 - 2016-09-04 23:49 - 00000000 ____D C:\Users\BIGJT64\Downloads\Video
  451. 2017-05-08 14:56 - 2017-03-04 09:50 - 00102677 _____ C:\Users\Public\Your voucher - Metrodeal Philippines.pdf
  452. 2017-05-07 23:24 - 2017-04-05 17:14 - 00000000 ____D C:\Users\BIGJT64\Desktop\Scan
  453. 2017-05-06 20:53 - 2016-09-27 23:28 - 00000000 ____D C:\Users\BIGJT64\AppData\Roaming\uTorrent
  454. 2017-05-06 16:14 - 2017-03-01 18:38 - 00002752 _____ C:\Users\Public\payslip.pdf
  455. 2017-05-06 15:58 - 2017-04-05 20:50 - 00002759 _____ C:\Users\Public\payslip2.pdf
  456. 2017-05-06 15:56 - 2017-04-05 20:50 - 00002752 _____ C:\Users\Public\payslip1.pdf
  457. 2017-05-05 21:42 - 2017-04-05 20:52 - 00021411 _____ C:\Users\Public\Book1.xlsx
  458. 2017-05-05 16:00 - 2016-09-04 23:40 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
  459. 2017-05-04 19:01 - 2017-01-24 17:00 - 00000000 ____D C:\Program Files\TrueKey
  460. 2017-05-04 16:26 - 2017-01-11 20:31 - 00000000 ____D C:\Users\Public\jorge
  461. 2017-05-04 09:15 - 2017-01-24 17:28 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
  462. 2017-05-02 13:32 - 2017-03-07 15:50 - 00049711 _____ C:\Users\Public\SEC Appointment System.pdf
  463. 2017-04-29 08:45 - 2016-12-01 20:10 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  464. 2017-04-29 08:45 - 2016-12-01 20:10 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  465. 2017-04-27 11:44 - 2017-03-01 17:50 - 00088125 _____ C:\Users\Public\POEA OEC PRINTING.pdf
  466. 2017-04-26 19:12 - 2017-04-02 12:25 - 00110258 _____ C:\Users\Public\Printing.pdf
  467. 2017-04-26 13:38 - 2017-02-25 12:31 - 00150845 _____ C:\Users\Public\Dragonpay Payment Instruction.pdf
  468. 2017-04-24 21:44 - 2017-02-24 21:53 - 00053242 _____ C:\Users\Public\certificate.pdf
  469. 2017-04-24 14:47 - 2017-03-16 21:24 - 00000000 ____D C:\Users\Public\asdf
  470. 2017-04-24 13:36 - 2017-03-17 14:53 - 00445890 _____ C:\Users\Public\MDF.pdf
  471. 2017-04-22 12:00 - 2016-09-04 22:44 - 00000000 ____D C:\Program Files (x86)\EPSON Software
  472. 2017-04-22 11:58 - 2016-09-04 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
  473. 2017-04-18 08:57 - 2016-10-31 09:20 - 00000000 ____D C:\Adjustment Program
  474. 2017-04-15 23:41 - 2016-10-16 19:29 - 00000440 __RSH C:\ProgramData\ntuser.pol
  475. 2017-04-15 17:28 - 2017-03-24 14:33 - 00719055 _____ C:\Users\Public\1.xps
  476. 2017-04-15 08:57 - 2016-11-06 13:31 - 00000000 ____D C:\Program Files\Common Files\AV
  477.  
  478. ==================== Files in the root of some directories =======
  479.  
  480. 2017-05-12 08:29 - 2017-05-12 08:29 - 71679202 __RSH () C:\Users\BIGJT64\AppData\Roaming\eeyywwuuse.exe
  481. 2016-10-04 08:24 - 2016-10-04 08:24 - 0000036 _____ () C:\Users\BIGJT64\AppData\Local\housecall.guid.cache
  482. 2016-11-18 00:00 - 2016-11-28 13:19 - 0007604 _____ () C:\Users\BIGJT64\AppData\Local\Resmon.ResmonCfg
  483. 2016-11-06 13:20 - 2016-11-06 13:30 - 0000184 _____ () C:\Users\BIGJT64\AppData\Local\uts.ini
  484.  
  485. Files to move or delete:
  486. ====================
  487. C:\Users\Public\BlueStacks2-Installer_native.exe
  488. C:\Users\Public\Firefox Setup Stub 51.0.1.exe
  489. C:\Users\Public\flashplayer24pp_ka_install.exe
  490. C:\Users\Public\flashplayer24_ka_install.exe
  491. C:\Users\Public\TeamViewer_Setup.exe
  492.  
  493.  
  494. Some files in TEMP:
  495. ====================
  496. 2017-05-12 08:29 - 2016-05-16 21:51 - 0805376 _____ (Microsoft Corporation) C:\Users\BIGJT64\AppData\Local\Temp\cdo2042736815.dll
  497. 2017-05-12 08:30 - 2016-05-16 21:51 - 0805376 _____ (Microsoft Corporation) C:\Users\BIGJT64\AppData\Local\Temp\cdo3897107792.dll
  498. 2017-05-12 08:30 - 2016-05-16 21:51 - 0805376 _____ (Microsoft Corporation) C:\Users\BIGJT64\AppData\Local\Temp\cdo977051993.dll
  499. 2017-01-26 12:49 - 2015-12-01 14:12 - 0128608 _____ (BlueStack Systems) C:\Users\BIGJT64\AppData\Local\Temp\HD-ShortcutHandler.dll
  500. 2017-05-13 15:21 - 2015-07-02 13:49 - 1209888 ____N (CANON INC.) C:\Users\BIGJT64\AppData\Local\Temp\MSETUP4.EXE
  501. 2017-01-08 13:15 - 2017-01-06 02:16 - 1342792 _____ (Andy OS, inc.) C:\Users\BIGJT64\AppData\Local\Temp\RemoveTemp.exe
  502. 2017-01-08 12:12 - 2017-01-08 12:12 - 1214528 _____ (Andy OS, inc.) C:\Users\BIGJT64\AppData\Local\Temp\SetAPK.exe
  503. 2017-01-26 12:49 - 2015-12-01 16:51 - 0487008 _____ (BlueStack Systems, Inc.) C:\Users\BIGJT64\AppData\Local\Temp\uninstall.exe
  504.  
  505. ==================== Bamital & volsnap ======================
  506.  
  507. (There is no automatic fix for files that do not pass verification.)
  508.  
  509. C:\Windows\system32\winlogon.exe => File is digitally signed
  510. C:\Windows\system32\wininit.exe => File is digitally signed
  511. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  512. C:\Windows\explorer.exe => File is digitally signed
  513. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  514. C:\Windows\system32\svchost.exe => File is digitally signed
  515. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  516. C:\Windows\system32\services.exe => File is digitally signed
  517. C:\Windows\system32\User32.dll => File is digitally signed
  518. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  519. C:\Windows\system32\userinit.exe => File is digitally signed
  520. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  521. C:\Windows\system32\rpcss.dll => File is digitally signed
  522. C:\Windows\system32\dnsapi.dll => File is digitally signed
  523. C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
  524. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  525.  
  526. LastRegBack: 2017-01-24 09:11
  527.  
  528. ==================== End of FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!