Inactive Accidentally entered a hacked website

Status
Not open for further replies.
M

mint123

Posts: 6   +0
Hi,


I accidentally clicked on a website (oakthreestudios.com/) while I was google searching, this is what is says at the google search page:


You'r website hacked by Talleryrand Ayyildiz.org [ Ayyildiz.org //Talleryrand ] [ Hacked ]. I'M HERE I'M Talleryrand Tarihine bak. T¨¹rk Milletine karsı isyanın sonu ...



Any cause of concerns? Will my laptop be infected with virus? I close the website immediately but scanned my laptop using Trend Micro Max Security but it did not found anything suspicious? Can I take it that everything is okay?



Thank you so much, I’m an IT noob so any advices are much appreciated.
 
Welcome aboard

It's hard to say, so better take a look.

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Hi, I tried to download Farbar Recovery Scan Tool (FRST) , but my Trend Micro Maximum Security has been attempting to block it. The threat stated is HEU_AEGISCS986. Please kindly advise, thank you!
 
FRST.txt part 1:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2017
Ran by Huey Min (administrator) on DESKTOP-3UHOCC7 (16-07-2017 00:46:21)
Running from C:\Users\Huey Min\Downloads
Loaded Profiles: Huey Min (Available Profiles: defaultuser0 & Huey Min)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\IntelCpHDCPSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
() C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
() C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\chrome_extension2\host\chrome_native_msg_host.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266176 2016-12-02] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [256744 2016-07-25] (Trend Micro Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
HKU\S-1-5-21-3341730244-1619866131-124171938-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe [934912 2017-04-23] ()
HKU\S-1-5-21-3341730244-1619866131-124171938-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{36b599e2-2800-43cf-9a5a-aa8538e4642f}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b3410cc0-3378-42f8-8152-135f5140755c}: [DhcpNameServer] 40.53.1.13
Internet Explorer:
==================
HKU\S-1-5-21-3341730244-1619866131-124171938-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3341730244-1619866131-124171938-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3341730244-1619866131-124171938-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg.dll [2017-01-10] (Trend Micro Inc.)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-17] (Microsoft Corporation)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg32.dll [2017-01-10] (Trend Micro Inc.)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-01] (Microsoft Corporation)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-07-01] (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg.dll [2017-01-10] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg32.dll [2017-01-10] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2016-07-25] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2016-07-25] (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2016-07-25] (Trend Micro Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2017-06-03]
FF HKLM\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: (No Name) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2017-06-03] [not signed]
FF HKLM\...\Firefox\Extensions: [com.trendmicro.tmopfirefox.ext@trendop] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\com.trendmicro.tmopfirefox.ext@trendop.xpi
FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\com.trendmicro.tmopfirefox.ext@trendop.xpi [2017-01-24]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2017-06-03]
FF HKLM-x32\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [com.trendmicro.tmopfirefox.ext@trendop] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\com.trendmicro.tmopfirefox.ext@trendop.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-06-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.nus.edu.sg/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default [2017-07-16]
CHR Extension: (Google Slides) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-03]
CHR Extension: (Google Docs) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-03]
CHR Extension: (Google Drive) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-03]
CHR Extension: (YouTube) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-03]
CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2017-06-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-19]
CHR Extension: (Google Sheets) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-03]
CHR Extension: (Google Docs Offline) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-03]
CHR Extension: (ShopBack Cashback Button) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjngckebbndpdeeakdgohmcdnecidcjk [2017-06-03]
CHR Extension: (Awesome Screenshot App) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpiaehgjbbfednooihadalhehabhcjo [2017-06-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-03]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2017-06-04]
CHR Extension: (Gmail) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-03]
CHR Extension: (Chrome Media Router) - C:\Users\Huey Min\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-21] (ASUSTek Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
R3 cphs; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\IntelCpHeciSvc.exe [302568 2016-12-28] (Intel Corporation)
R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\IntelCpHDCPSvc.exe [480224 2016-12-28] (Intel Corporation)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2210424 2016-12-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\igfxCUIService.exe [341984 2016-12-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-14] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-20] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-10] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-12-27] ()
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-24] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2017-03-06] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-02-24] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1105840 2017-04-21] (Intel Security, Inc.)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1145856 2016-12-02] (Trend Micro Inc.)
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2466304 2017-04-23] (Trend Micro Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] ()
R2 SAService; C:\Windows\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-10] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-12-27] (Intel® Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
 
Continued for FRST.txt

2017-07-12 07:31 - 2017-06-21 14:58 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 07:31 - 2017-06-21 14:58 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2017-07-12 07:31 - 2017-06-21 14:58 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-07-12 07:31 - 2017-06-21 14:58 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-07-12 07:31 - 2017-06-21 14:57 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-07-12 07:31 - 2017-06-21 14:57 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-07-12 07:31 - 2017-06-21 14:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-07-12 07:31 - 2017-06-21 14:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-07-12 07:31 - 2017-06-21 14:57 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2017-07-12 07:31 - 2017-06-21 14:57 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\XamlTileRender.dll
2017-07-12 07:31 - 2017-06-21 14:57 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-07-12 07:31 - 2017-06-21 14:57 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2017-07-12 07:31 - 2017-06-21 14:56 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-07-12 07:31 - 2017-06-21 14:56 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2017-07-12 07:31 - 2017-06-21 14:56 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-07-12 07:31 - 2017-06-21 14:56 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-07-12 07:31 - 2017-06-21 14:56 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-07-12 07:31 - 2017-06-21 14:56 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-07-12 07:31 - 2017-06-21 14:56 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-07-12 07:31 - 2017-06-21 14:55 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-07-12 07:31 - 2017-06-21 14:55 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-07-12 07:31 - 2017-06-21 14:55 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-07-12 07:31 - 2017-06-21 14:54 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-07-12 07:31 - 2017-06-21 14:54 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-07-12 07:31 - 2017-06-21 14:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-07-12 07:31 - 2017-06-21 14:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll
2017-07-12 07:31 - 2017-06-21 14:54 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2017-07-12 07:31 - 2017-06-21 14:53 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-07-12 07:31 - 2017-06-21 14:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-07-12 07:31 - 2017-06-21 14:53 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-07-12 07:31 - 2017-06-21 14:53 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2017-07-12 07:31 - 2017-06-21 14:53 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-07-12 07:31 - 2017-06-21 14:52 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-07-12 07:31 - 2017-06-21 14:52 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 07:31 - 2017-06-21 14:52 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-07-12 07:31 - 2017-06-21 14:52 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-07-12 07:31 - 2017-06-21 14:52 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-07-12 07:31 - 2017-06-21 14:52 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2017-07-12 07:31 - 2017-06-21 14:51 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-07-12 07:31 - 2017-06-21 14:51 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-07-12 07:31 - 2017-06-21 14:50 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2017-07-12 07:31 - 2017-06-21 14:50 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-07-12 07:31 - 2017-06-21 14:49 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-07-12 07:31 - 2017-06-21 14:49 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-07-12 07:31 - 2017-06-21 14:49 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-07-12 07:31 - 2017-06-21 14:49 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2017-07-12 07:31 - 2017-06-21 14:48 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-07-12 07:31 - 2017-06-21 14:48 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll
2017-07-12 07:31 - 2017-06-21 14:47 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-07-12 07:31 - 2017-06-21 14:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-07-12 07:31 - 2017-06-21 14:47 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-07-12 07:31 - 2017-06-21 14:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll
2017-07-12 07:31 - 2017-06-21 14:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-07-12 07:31 - 2017-06-21 14:46 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-07-12 07:31 - 2017-06-21 14:46 - 00925184 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2017-07-12 07:31 - 2017-06-21 14:46 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\uReFSv1.dll
2017-07-12 07:31 - 2017-06-21 14:46 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-07-12 07:31 - 2017-06-21 14:46 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll
2017-07-12 07:31 - 2017-06-21 14:45 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-07-12 07:31 - 2017-06-21 14:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2017-07-12 07:31 - 2017-06-21 14:44 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-07-12 07:31 - 2017-06-21 14:43 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2017-07-12 07:31 - 2017-06-21 14:43 - 00953344 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-07-12 07:31 - 2017-06-21 14:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-07-12 07:31 - 2017-06-21 14:43 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2017-07-12 07:31 - 2017-06-21 14:42 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-07-12 07:31 - 2017-06-21 14:42 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-07-12 07:31 - 2017-06-21 14:42 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-07-12 07:31 - 2017-06-21 14:42 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-07-12 07:31 - 2017-06-21 14:42 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2017-07-12 07:31 - 2017-06-21 14:41 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-07-12 07:31 - 2017-06-21 14:41 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 07:31 - 2017-06-21 14:41 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-07-12 07:31 - 2017-06-21 14:41 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2017-07-12 07:31 - 2017-06-21 14:41 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-07-12 07:31 - 2017-06-21 14:41 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-07-12 07:31 - 2017-06-21 14:41 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-07-12 07:31 - 2017-06-21 14:40 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-07-12 07:31 - 2017-06-21 14:40 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-07-12 07:31 - 2017-06-21 14:40 - 01421824 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-07-12 07:31 - 2017-06-21 14:40 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-07-12 07:31 - 2017-06-21 14:40 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-07-12 07:31 - 2017-06-21 14:39 - 02916864 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-07-12 07:31 - 2017-06-21 14:39 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-07-12 07:31 - 2017-06-21 14:39 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-07-12 07:31 - 2017-06-21 14:39 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-12 07:31 - 2017-06-21 14:39 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-07-12 07:31 - 2017-06-21 14:39 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-07-12 07:31 - 2017-06-21 14:38 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-07-12 07:31 - 2017-06-21 14:38 - 02695680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-07-12 07:31 - 2017-06-21 14:38 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-07-12 07:31 - 2017-06-21 14:38 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-07-12 07:31 - 2017-06-21 14:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-07-12 07:31 - 2017-06-21 14:37 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-07-12 07:31 - 2017-06-21 14:37 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-07-12 07:31 - 2017-06-21 14:37 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-07-12 07:31 - 2017-06-21 14:36 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-12 07:31 - 2017-06-21 14:36 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2017-07-12 07:31 - 2017-06-21 14:36 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-07-12 07:31 - 2017-06-21 14:36 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2017-07-12 07:31 - 2017-06-21 14:35 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-07-12 07:31 - 2017-06-21 14:35 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-07-12 07:31 - 2017-06-21 14:35 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-07-12 07:31 - 2017-06-21 14:34 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-07-12 07:31 - 2017-06-21 14:34 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2017-07-12 07:31 - 2017-03-04 14:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-07-12 07:31 - 2017-03-04 14:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-07-12 07:31 - 2017-03-04 14:20 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-07-12 07:31 - 2017-03-04 14:19 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-07-12 07:31 - 2017-03-04 14:14 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-07-09 20:59 - 2017-07-09 20:59 - 00000253 _____ C:\Users\Huey Min\Documents\Last Scan.csv
2017-07-09 20:57 - 2017-07-09 21:08 - 00407608 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2017-07-09 20:56 - 2017-07-16 00:46 - 00029595 _____ C:\Users\Huey Min\Downloads\FRST.txt
2017-07-09 20:56 - 2017-07-16 00:44 - 00019965 _____ C:\Users\Huey Min\Downloads\Addition.txt
2017-07-09 20:55 - 2017-07-09 20:56 - 00000000 ____D C:\FRST
2017-07-08 11:30 - 2017-07-08 11:30 - 00068937 _____ C:\Users\Huey Min\Downloads\NOA-IIT_OB25201707030604203I9.pdf
2017-07-06 22:44 - 2017-07-06 22:44 - 00000690 _____ C:\Users\Huey Min\Desktop\JRT.txt
2017-07-06 22:02 - 2017-07-06 22:02 - 01663672 _____ (Malwarebytes) C:\Users\Huey Min\Downloads\JRT.exe
2017-07-06 22:00 - 2017-07-16 00:46 - 32091470 _____ C:\Windows\ZAM.krnl.trace
2017-07-06 22:00 - 2017-07-16 00:46 - 04958161 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-07-06 22:00 - 2017-07-06 22:00 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-07-06 21:59 - 2017-07-06 22:00 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-07-06 21:59 - 2017-07-06 21:59 - 06589840 _____ (Zemana Ltd. ) C:\Users\Huey Min\Downloads\Zemana.AntiMalware.Setup.exe
2017-07-06 21:59 - 2017-07-06 21:59 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-07-06 21:59 - 2017-07-06 21:59 - 00001219 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-07-06 21:59 - 2017-07-06 21:59 - 00000000 ____D C:\Users\Huey Min\AppData\Local\Zemana
2017-07-06 21:59 - 2017-07-06 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-07-06 21:49 - 2017-07-16 00:04 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-06 21:49 - 2017-07-12 19:33 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-06 21:49 - 2017-07-12 19:33 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-06 21:49 - 2017-07-12 19:33 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-06 21:49 - 2017-07-06 21:49 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-06 21:49 - 2017-07-06 21:49 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-06 21:49 - 2017-07-06 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-06 21:49 - 2017-07-06 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-06 21:49 - 2017-07-06 21:49 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-06 21:49 - 2017-06-27 12:06 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-06 21:48 - 2017-07-06 21:48 - 65033984 _____ (Malwarebytes ) C:\Users\Huey Min\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-06 21:37 - 2017-07-06 22:49 - 00000000 ____D C:\AdwCleaner
2017-07-06 21:37 - 2017-07-06 21:37 - 04110280 _____ C:\Users\Huey Min\Downloads\AdwCleaner.exe
2017-07-06 00:16 - 2017-07-06 00:16 - 146892298 _____ C:\Users\Huey Min\Downloads\drive-download-20170705T161533Z-001.zip
2017-07-02 23:42 - 2017-07-02 23:42 - 00048527 _____ C:\Users\Huey Min\Desktop\dds.txt
2017-07-02 23:42 - 2017-07-02 23:42 - 00005844 _____ C:\Users\Huey Min\Desktop\attach.txt
2017-07-02 23:40 - 2017-07-02 23:41 - 00688992 ____R (Swearware) C:\Users\Huey Min\Downloads\dds.scr
2017-07-01 21:40 - 2017-07-01 21:40 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-29 20:53 - 2017-06-29 20:53 - 00296626 _____ C:\Users\Huey Min\Downloads\3 Room GME.pdf
2017-06-29 00:10 - 2017-06-29 00:10 - 00000000 ____D C:\Users\Huey Min\Downloads\Photopass_C_20170628_ab95fd_00
2017-06-29 00:03 - 2017-06-29 00:08 - 282481152 _____ C:\Users\Huey Min\Downloads\Photopass_C_20170628_ab95fd_00.zip
2017-06-29 00:03 - 2017-06-29 00:07 - 271042668 _____ C:\Users\Huey Min\Downloads\Photopass_C_20170628_ab95fd_01.zip
2017-06-29 00:03 - 2017-06-29 00:07 - 231689570 _____ C:\Users\Huey Min\Downloads\Photopass_C_20170628_ab95fd_02.zip
2017-06-29 00:03 - 2017-06-29 00:07 - 173934588 _____ C:\Users\Huey Min\Downloads\Photopass_20170628_4f13aa_00.zip
2017-06-29 00:03 - 2017-06-29 00:04 - 44993950 _____ C:\Users\Huey Min\Downloads\Photopass_C_20170628_ab95fd_03.zip
2017-06-28 23:57 - 2017-06-28 23:57 - 04751959 _____ C:\Users\Huey Min\Downloads\PhotoPass_Visiting_EPCOT_403212668152.jpeg
2017-06-28 23:57 - 2017-06-28 23:57 - 04338562 _____ C:\Users\Huey Min\Downloads\PhotoPass_Visiting_EPCOT_403212777685.jpeg
2017-06-28 23:57 - 2017-06-28 23:57 - 04338562 _____ C:\Users\Huey Min\Downloads\PhotoPass_Visiting_EPCOT_403212777685 (1).jpeg
2017-06-28 23:54 - 2017-06-28 23:54 - 04973397 _____ C:\Users\Huey Min\Downloads\PhotoPass_Visiting_EPCOT_403215286373.jpeg
2017-06-28 23:54 - 2017-06-28 23:54 - 03361796 _____ C:\Users\Huey Min\Downloads\PhotoPass_Visiting_EPCOT_403215255877.jpeg
2017-06-28 23:53 - 2017-06-28 23:54 - 05467948 _____ C:\Users\Huey Min\Downloads\PhotoPass_Visiting_EPCOT_403215158220.jpeg
2017-06-28 23:53 - 2017-06-28 23:54 - 04416497 _____ C:\Users\Huey Min\Downloads\PhotoPass_Visiting_EPCOT_8064277574.jpeg
2017-06-28 22:41 - 2017-06-28 22:45 - 280021565 _____ C:\Users\Huey Min\Downloads\Photopass_C_20170628_ac09fa_00.zip
2017-06-28 22:41 - 2017-06-28 22:44 - 173934588 _____ C:\Users\Huey Min\Downloads\Photopass_100836777_20170628_8d8c31_00.zip
2017-06-28 22:41 - 2017-06-28 22:42 - 73901032 _____ C:\Users\Huey Min\Downloads\Photopass_CB_EPCOT_00.zip
2017-06-28 22:41 - 2017-06-28 22:42 - 66904349 _____ C:\Users\Huey Min\Downloads\Photopass_CB_MK_00.zip
2017-06-27 00:04 - 2017-06-27 00:04 - 12400872 _____ C:\Users\Huey Min\Downloads\compressjpeg.zip
2017-06-24 01:21 - 2017-06-24 01:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-06-19 22:45 - 2017-06-19 22:45 - 00000000 ____D C:\Users\Huey Min\AppData\LocalLow\Adobe
2017-06-19 22:45 - 2017-06-19 22:45 - 00000000 ____D C:\Users\Huey Min\AppData\Local\CEF
2017-06-19 22:37 - 2017-07-13 21:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-06-19 22:37 - 2017-06-20 21:01 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-06-19 22:37 - 2017-06-19 23:41 - 00000000 ____D C:\ProgramData\Adobe
2017-06-19 22:37 - 2017-06-19 22:37 - 00002126 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-06-19 22:37 - 2017-06-19 22:37 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-19 22:36 - 2017-06-19 22:45 - 00000000 ____D C:\Users\Huey Min\AppData\Local\Adobe
2017-06-19 21:32 - 2017-06-19 21:32 - 00000000 ____D C:\Users\Huey Min\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-06-19 21:30 - 2017-06-19 21:30 - 00000000 ____D C:\Users\Huey Min\Downloads\FireShot
2017-06-19 00:20 - 2017-06-19 00:20 - 00000000 ____D C:\Users\Huey Min\Documents\Custom Office Templates
2017-06-16 02:14 - 2017-06-16 02:14 - 00000000 ___SD C:\Windows\UpdateAssistantV2
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-07-16 00:46 - 2017-06-03 23:12 - 00000000 ____D C:\Users\Huey Min\AppData\Local\DP_Tower_3.7
2017-07-16 00:19 - 2016-11-10 10:19 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-16 00:02 - 2017-06-04 00:14 - 00000010 _____ C:\Users\Huey Min\AppData\Local\sponge.last.runtime.cache
2017-07-15 23:59 - 2017-06-04 16:28 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{41637F9D-6695-4C89-88E9-0DADFBF98A1C}
2017-07-15 23:59 - 2017-05-13 06:06 - 00000200 _____ C:\Users\Huey Min\AppData\Roaming\sp_data.sys
2017-07-15 23:56 - 2017-05-13 06:03 - 00000000 __SHD C:\Users\Huey Min\IntelGraphicsProfiles
2017-07-15 23:56 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\AppReadiness
2017-07-15 18:26 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-15 14:49 - 2017-05-13 05:22 - 00003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-07-15 14:49 - 2017-05-13 05:22 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-07-15 14:49 - 2017-05-13 05:09 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-14 22:14 - 2016-11-10 10:18 - 00000000 ____D C:\Windows\Panther
2017-07-14 22:11 - 2017-03-19 11:20 - 00000000 ___HD C:\$WINDOWS.~BT
2017-07-14 21:53 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\rescache
2017-07-13 23:43 - 2017-06-13 00:21 - 00000000 ____D C:\Users\Huey Min\AppData\Local\CrashDumps
2017-07-13 20:50 - 2017-05-13 06:03 - 00000000 ____D C:\Users\Huey Min\AppData\Local\ASUS GIFTBOX
2017-07-13 20:50 - 2016-11-10 10:28 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-07-12 19:40 - 2016-11-10 10:28 - 01560158 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-12 19:40 - 2016-11-10 09:49 - 00455662 _____ C:\Windows\system32\prfh0804.dat
2017-07-12 19:40 - 2016-11-10 09:49 - 00168548 _____ C:\Windows\system32\prfc0804.dat
2017-07-12 19:36 - 2016-07-16 14:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-07-12 19:35 - 2017-05-13 05:01 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 19:33 - 2016-11-10 10:19 - 00465344 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-12 19:33 - 2016-11-10 10:19 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-12 19:33 - 2016-07-16 19:45 - 00000000 ____D C:\Windows\INF
2017-07-12 19:33 - 2016-07-16 14:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-07-12 19:32 - 2016-07-16 19:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-12 19:32 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\oobe
2017-07-12 19:32 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-12 19:32 - 2016-07-16 19:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-07-12 19:32 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 19:32 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 07:39 - 2016-07-16 19:36 - 00000000 ____D C:\Windows\CbsTemp
2017-07-12 07:35 - 2017-06-03 23:49 - 00000000 ____D C:\Windows\system32\MRT
2017-07-12 07:34 - 2017-06-03 23:49 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-12 07:12 - 2016-11-10 10:24 - 00244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-07-12 07:12 - 2016-11-10 10:23 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-07-12 07:12 - 2016-11-10 10:23 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-07-12 07:12 - 2016-11-10 10:23 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2017-07-12 07:12 - 2016-11-10 10:22 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-07-12 07:12 - 2016-11-10 10:22 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-12 07:12 - 2016-07-16 19:43 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2017-07-11 22:28 - 2017-06-11 00:50 - 00000000 ____D C:\Windows\system32\UNP
2017-07-11 22:28 - 2017-06-11 00:50 - 00000000 ____D C:\Program Files\UNP
2017-07-09 20:57 - 2017-06-03 23:09 - 00000000 ____D C:\ProgramData\Trend Micro
2017-07-06 22:00 - 2017-05-13 06:03 - 00000000 ____D C:\Users\Huey Min
2017-07-02 10:32 - 2017-05-13 05:38 - 00000000 ____D C:\Program Files\Microsoft Office
2017-07-01 21:40 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-01 21:40 - 2016-07-16 19:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-30 22:46 - 2016-07-16 19:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-30 22:46 - 2016-07-16 19:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-29 19:28 - 2017-06-03 22:45 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 19:28 - 2017-06-03 22:45 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-19 22:45 - 2017-05-13 06:03 - 00000000 ____D C:\Users\Huey Min\AppData\Roaming\Adobe
==================== Files in the root of some directories =======
2017-05-13 06:06 - 2017-07-15 23:59 - 0000200 _____ () C:\Users\Huey Min\AppData\Roaming\sp_data.sys
2017-06-03 23:08 - 2017-06-03 23:08 - 0000036 _____ () C:\Users\Huey Min\AppData\Local\housecall.guid.cache
2017-06-04 00:14 - 2017-07-16 00:02 - 0000010 _____ () C:\Users\Huey Min\AppData\Local\sponge.last.runtime.cache
Some files in TEMP:
====================
2017-02-28 17:10 - 2017-02-28 17:10 - 0244264 _____ (McAfee, Inc.) C:\Users\Huey Min\AppData\Local\Temp\McCSPInstall.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-07-14 20:03
==================== End of FRST.txt ============================
 
Hi, I have trouble submitting the logs.. the FRST.txt is incomplete..

The following error occurred:
Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator.
 
Hi, actually the FRST.txt is incomplete, I only managed to post part of the log and I got the error message when I wanted to submit the remaining log. I will try to post it up again.

The following error occurred:
Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator.
 
Status
Not open for further replies.

Similar threads

midian182
Google Glass killed off for a second time
Replies
4
Views
610
Watzupken
W
Shawn Knight
That SSC Tuatara world record video was misleading
Replies
18
Views
4K
Athlonite
Athlonite
Matthew DeCarlo
The time I had to crack my own Reddit password
Replies
5
Views
2K
dogofwars
dogofwars

Latest posts

Back