Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:19-12-2015 Ran by SYSTEM on MININT-3VD67UV (20-12-2015 11:25:49) Running from N:\ Platform: Windows 7 Ultimate (X64) Language: English (United States) Internet Explorer Version 10 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => "G:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" HKLM\...\Run: [MSC] => "G:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey HKLM\...\Run: [IntelliType Pro] => "G:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" HKLM\...\Run: [IntelliPoint] => "G:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [AdobeCS5ServiceManager] => "G:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin HKLM-x32\...\Run: [SwitchBoard] => G:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe HKLM-x32\...\Run: [BCSSync] => "G:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "G:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [Adobe ARM] => "G:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM-x32\...\Run: [VirtualCloneDrive] => "M:\VirtualCloneDrive\VCDDaemon.exe" /s HKLM-x32\...\Run: [ApnUpdater] => "G:\Program Files (x86)\Ask.com\Updater\Updater.exe" HKLM-x32\...\Run: [SunJavaUpdateSched] => "G:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM-x32\...\Run: [HP Software Update] => G:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe HKLM-x32\...\Run: [] => [X] HKLM\...\RunOnce: [*Restore] => G:\Windows\system32\rstrui.exe /RUNONCE HKLM\...\Winlogon: [Userinit] G:\Windows\system32\userinit.exe, HKU\Default\...\RunOnce: [mctadmin] => G:\Windows\System32\mctadmin.exe HKU\TEMP\...\RunOnce: [mctadmin] => G:\Windows\System32\mctadmin.exe Startup: C:\Users\Keith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2012-06-01] ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> G:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File) GroupPolicyScripts: Restriction <======= ATTENTION ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; G:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X] S4 BBSvc; G:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [X] S4 BBUpdate; G:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [X] S4 BcmSqlStartupSvc; "G:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [X] S2 clr_optimization_v4.0.30319_32; G:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X] S2 clr_optimization_v4.0.30319_64; G:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [X] S4 DeltaCopyService; "M:\DeltaCopy\DCServce.exe" [X] S3 fsssvc; "G:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [X] S2 gupdate; "G:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "G:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S3 gusvc; "G:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X] S3 hpqcxs08; G:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [X] S2 hpqddsvc; G:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [X] S2 HPSLPSVC; G:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [X] S3 Microsoft SharePoint Workspace Audit Service; "G:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice [X] S2 MsMpSvc; "G:\Program Files\Microsoft Security Client\MsMpEng.exe" [X] S3 MSSQL$MSSMLBIZ; "G:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [X] S4 MSSQLServerADHelper100; "G:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" [X] S2 Net Driver HPZ12; G:\Windows\system32\HPZinw12.dll [X] S4 NetMsmqActivator; "G:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X] S4 NetPipeActivator; G:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X] S4 NetTcpActivator; G:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X] S4 NetTcpPortSharing; G:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X] S3 NisSrv; "G:\Program Files\Microsoft Security Client\NisSrv.exe" [X] S4 NovacomD; G:\Program Files (x86)\Palm\SDK\bin\novacomd\amd64\novacomd.exe [X] S3 ose; "G:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X] S3 osppsvc; "G:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X] S2 Pml Driver HPZ12; G:\Windows\system32\HPZipm12.dll [X] S2 RapportMgmtService; "G:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe" [X] S4 SQLAgent$MSSMLBIZ; "G:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE" -i MSSMLBIZ [X] S4 SQLBrowser; "G:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [X] S2 SQLWriter; "G:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [X] S3 SwitchBoard; "G:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X] S4 TomTomHOMEService; "G:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" [X] S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X] S4 wlcrasvc; "G:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X] S2 wlidsvc; "G:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X] S2 wuauserv; G:\Windows\system32\wuaueng.dll [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation) S3 BDA_Capture_220A; C:\Windows\System32\Drivers\BDA_Capture_220A_x64.sys [23296 2009-03-28] (WideViewer Electronics CO., LTD) S3 BDA_Loader_220A; C:\Windows\System32\Drivers\BDA_Loader_220A_x64.sys [21248 2009-03-28] (WideView Technology Inc.) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation) S0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [236248 2013-02-13] (Trusteer Ltd.) S3 gdrv; \??\G:\Windows\gdrv.sys [X] S3 GVTDrv64; \??\C:\Windows\GVTDrv64.sys [X] S1 RapportCerberus_50414; \??\G:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_50414.sys [X] S1 RapportEI64; \??\G:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [X] S3 RapportIaso; \??\g:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [X] S1 RapportPG64; \??\G:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [X] S3 RdpVideoMiniport; System32\drivers\rdpvideominiport.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-20 11:25 - 2015-12-20 11:25 - 00000000 ____D C:\FRST 2015-12-19 09:22 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2015-12-19 09:22 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2015-12-19 09:22 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll 2015-12-19 09:22 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2015-12-19 08:51 - 2014-05-14 01:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2015-12-19 08:51 - 2014-05-14 01:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-19 08:51 - 2014-05-14 01:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2015-12-19 08:51 - 2014-05-14 01:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-19 11:54 - 2011-12-16 03:15 - 00000000 ____D C:\Windows\rescache 2015-12-19 11:54 - 2011-11-19 14:48 - 00000000 ____D C:\Windows\System32\Macromed 2015-12-19 11:54 - 2011-10-18 14:41 - 00000000 ____D C:\Windows\System32\SPReview 2015-12-19 11:54 - 2011-05-04 11:40 - 00000000 ____D C:\Windows\Minidump 2015-12-19 11:54 - 2011-03-16 11:26 - 00000000 ____D C:\Windows\System32\EventProviders 2015-12-19 11:54 - 2010-07-04 11:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2015-12-19 11:54 - 2010-06-15 12:46 - 00000000 ____D C:\Windows\System32\1033 2015-12-19 11:54 - 2010-06-15 12:25 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-12-19 11:54 - 2009-07-13 23:46 - 00000000 ____D C:\Windows\ShellNew 2015-12-19 11:54 - 2009-07-13 23:46 - 00000000 ____D C:\Program Files\Windows Journal 2015-12-19 11:54 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\winrm 2015-12-19 11:54 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\WCN 2015-12-19 11:54 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\slmgr 2015-12-19 11:54 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts 2015-12-19 11:54 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns 2015-12-19 11:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender 2015-12-19 11:54 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-12-19 11:54 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spool 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\SMI 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ras 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\MUI 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\manifeststore 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lv-LV 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lt-LT 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\IME 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\icsxml 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ias 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\et-EE 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\schemas 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas 2015-12-19 11:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows 2015-12-19 11:53 - 2012-10-14 03:57 - 00000000 ____D C:\Program Files (x86)\Ask.com 2015-12-19 11:53 - 2012-05-17 14:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-19 11:53 - 2012-05-17 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-19 11:53 - 2012-05-01 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2015-12-19 11:53 - 2011-10-19 02:13 - 00000000 ____D C:\Program Files\Microsoft Security Client 2015-12-19 11:53 - 2011-10-17 13:49 - 00000000 ____D C:\Program Files (x86)\HP 2015-12-19 11:53 - 2011-10-17 13:42 - 00000000 ____D C:\ProgramData\HP 2015-12-19 11:53 - 2011-06-06 07:53 - 00000000 ____D C:\Program Files\Java 2015-12-19 11:53 - 2010-06-22 02:20 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-12-19 11:53 - 2010-06-17 13:51 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-19 11:53 - 2010-06-15 12:23 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-19 11:53 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-19 11:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat 2015-12-19 11:53 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-12-19 11:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2015-12-19 11:50 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Msdtc 2015-12-19 11:43 - 2010-06-22 02:20 - 00000000 ____D C:\ProgramData\Adobe 2015-12-19 11:42 - 2012-09-22 11:26 - 00000000 __SHD C:\found.000 2015-12-19 11:42 - 2011-01-24 11:29 - 00000000 ____D C:\Program Files (x86)\Google 2015-12-19 11:42 - 2010-06-15 12:23 - 00000000 __RHD C:\MSOCache 2015-12-19 11:42 - 2010-06-15 12:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-12-19 09:41 - 2012-04-05 03:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-19 09:25 - 2012-06-15 02:56 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-19 08:52 - 2014-01-29 02:45 - 00000000 ____D C:\Program Files (x86)\7-Zip 2015-12-19 08:51 - 2015-10-09 08:55 - 00000000 ____D C:\Program Files (x86)\WinMerge 2015-12-19 08:51 - 2015-09-15 04:34 - 00000000 ___RD C:\Users\jowettguest\Virtual Machines 2015-12-19 08:51 - 2015-09-15 04:33 - 00000000 ____D C:\users\jowettguest 2015-12-19 08:51 - 2015-05-14 11:59 - 00000000 ____D C:\Program Files (x86)\cwRsync 2015-12-19 08:51 - 2015-04-29 08:16 - 00000000 ____D C:\Program Files (x86)\Gallery Remote 2015-12-19 08:51 - 2015-02-12 00:24 - 00000000 ____D C:\Program Files (x86)\QuickTime 2015-12-19 08:51 - 2014-07-22 04:15 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-12-19 08:51 - 2014-07-22 04:15 - 00000000 ____D C:\ProgramData\Skype 2015-12-19 08:51 - 2014-07-11 01:43 - 00000000 ____D C:\Program Files (x86)\Wondershare 2015-12-19 08:51 - 2014-02-22 05:19 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2015-12-19 08:51 - 2014-01-29 09:06 - 00000000 ____D C:\Program Files (x86)\Replay Telecorder for Skype 2015-12-19 08:51 - 2014-01-29 09:05 - 00000000 ____D C:\Program Files (x86)\Replay Media Splitter 2015-12-19 08:51 - 2014-01-29 09:04 - 00000000 ____D C:\Program Files (x86)\Replay Converter 4 2015-12-19 08:51 - 2014-01-29 08:55 - 00000000 ____D C:\Program Files (x86)\Replay Music 6 2015-12-19 08:51 - 2014-01-29 07:16 - 00000000 ____D C:\Program Files (x86)\Replay Video Capture 7 2015-12-19 08:51 - 2014-01-29 07:12 - 00000000 ____D C:\Program Files (x86)\WinPcap 2015-12-19 08:51 - 2014-01-29 07:10 - 00000000 ____D C:\Windows\Applian Director 2015-12-19 08:51 - 2013-11-05 15:02 - 00000000 ____D C:\Program Files (x86)\ImageMagick-6.8.7-Q16 2015-12-19 08:51 - 2013-05-01 02:40 - 00000000 ____D C:\Program Files (x86)\ImgBurn 2015-12-19 08:50 - 2015-04-05 00:59 - 00000000 ___SD C:\Windows\System32\GWX 2015-12-19 08:50 - 2014-05-07 22:59 - 00000000 ___SD C:\Windows\System32\CompatTel 2015-12-19 08:50 - 2011-11-07 09:22 - 00000000 ____D C:\Windows\System32\Tasks\Event Viewer Tasks 2015-12-19 08:37 - 2009-07-13 20:45 - 00015136 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-19 08:37 - 2009-07-13 20:45 - 00015136 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-19 08:34 - 2009-07-13 21:13 - 00870974 _____ C:\Windows\System32\PerfStringBackup.INI 2015-12-19 08:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf 2015-12-19 08:29 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-18 14:47 - 2015-04-05 00:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-12-17 06:46 - 2012-08-06 01:55 - 00000000 ____D C:\Users\Keith\Documents\Outlook Files 2015-12-09 19:35 - 2013-07-15 15:55 - 00000000 ____D C:\Windows\System32\MRT 2015-12-08 19:39 - 2010-02-25 16:10 - 00301728 _____ (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2015-12-08 05:14 - 2015-03-24 01:29 - 00000000 ____D C:\ProgramData\Oracle ==================== Known DLLs (Whitelisted) ========================= C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 6141.46 MB Available physical RAM: 5375.13 MB Total Virtual: 6139.61 MB Available Virtual: 5384.97 MB ==================== Drives ================================ Drive c: (w7-os) (Fixed) (Total:244.14 GB) (Free:193.68 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (InboardFiles) (Fixed) (Total:931.51 GB) (Free:719.4 GB) NTFS Drive f: (newback) (Fixed) (Total:931.51 GB) (Free:643.14 GB) NTFS Drive g: (OtherBackup) (Fixed) (Total:931.51 GB) (Free:4.72 GB) NTFS Drive h: (edit) (Fixed) (Total:146.48 GB) (Free:114.03 GB) NTFS Drive i: (2-OS) (Fixed) (Total:48.83 GB) (Free:47.27 GB) NTFS Drive j: (vhd) (Fixed) (Total:472.51 GB) (Free:172.37 GB) NTFS Drive k: (pagefile) (Fixed) (Total:19.53 GB) (Free:10.03 GB) NTFS Drive m: (SystemBackUp) (Fixed) (Total:931.51 GB) (Free:112.93 GB) NTFS Drive n: (Lexar) (Removable) (Total:29.8 GB) (Free:29.72 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (OnboardRAID) (Fixed) (Total:931.51 GB) (Free:573.57 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A906E018) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 628E907E) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=244.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=667.8 GB) - (Type=OF Extended) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 628E907F) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A6BA6F9E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C6C7B88F) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 931.5 GB) (Disk ID: 08632CC2) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 6 (MBR Code: Windows XP) (Size: 29.8 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=29.8 GB) - (Type=0C) LastRegBack: 2015-12-09 16:44 ==================== End of FRST.txt ============================