Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-12-2015
Ran by SYSTEM on MININT-JNN9CM7 (30-12-2015 18:20:05)
Running from F:\
Platform: WIN_7 (X64) Language: English (United States)
Boot Mode: Recovery
Default: ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

ATTENTION: Software hive is not loaded.
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-30 12:37 - 2009-07-13 17:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-12-30 12:17 - 2015-12-30 03:42 - 02370560 _____ (Farbar) C:\FRST64.exe
2015-12-29 11:36 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\System32\icardres.dll
2015-12-29 11:36 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-12-29 11:36 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-12-29 11:36 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2015-12-29 11:36 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\System32\icardagt.exe
2015-12-29 11:36 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\System32\infocardapi.dll
2015-12-29 11:36 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-12-29 11:36 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-12-20 11:25 - 2015-12-30 18:20 - 00000000 ____D C:\FRST

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-30 06:08 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-30 05:10 - 2011-11-11 09:29 - 00810062 _____ C:\Windows\ntbtlog.txt
2015-12-29 16:59 - 2011-12-16 03:15 - 00000000 ____D C:\Windows\rescache
2015-12-29 16:59 - 2011-11-19 14:48 - 00000000 ____D C:\Windows\System32\Macromed
2015-12-29 16:59 - 2011-10-18 14:41 - 00000000 ____D C:\Windows\System32\SPReview
2015-12-29 16:59 - 2011-05-04 11:40 - 00000000 ____D C:\Windows\Minidump
2015-12-29 16:59 - 2011-03-16 11:26 - 00000000 ____D C:\Windows\System32\EventProviders
2015-12-29 16:59 - 2010-07-04 11:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-12-29 16:59 - 2010-06-15 12:46 - 00000000 ____D C:\Windows\System32\1033
2015-12-29 16:59 - 2010-06-15 12:25 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-12-29 16:59 - 2009-07-13 23:46 - 00000000 ____D C:\Windows\ShellNew
2015-12-29 16:59 - 2009-07-13 23:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-29 16:59 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\winrm
2015-12-29 16:59 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\WCN
2015-12-29 16:59 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\slmgr
2015-12-29 16:59 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2015-12-29 16:59 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2015-12-29 16:59 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-29 16:59 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-29 16:59 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\spool
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\SMI
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ras
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\MUI
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\manifeststore
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lv-LV
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\lt-LT
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\IME
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\icsxml
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\ias
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\et-EE
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\com
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\schemas
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas
2015-12-29 16:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2015-12-29 16:58 - 2012-10-14 03:57 - 00000000 ____D C:\Program Files (x86)\Ask.com
2015-12-29 16:58 - 2012-05-17 14:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-29 16:58 - 2012-05-17 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-29 16:58 - 2012-05-01 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-12-29 16:58 - 2011-10-19 02:13 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-12-29 16:58 - 2011-10-17 13:49 - 00000000 ____D C:\Program Files (x86)\HP
2015-12-29 16:58 - 2011-10-17 13:42 - 00000000 ____D C:\ProgramData\HP
2015-12-29 16:58 - 2011-06-06 07:53 - 00000000 ____D C:\Program Files\Java
2015-12-29 16:58 - 2010-07-02 08:13 - 00000000 ___RD C:\Users\Keith\Virtual Machines
2015-12-29 16:58 - 2010-06-22 02:20 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-29 16:58 - 2010-06-17 13:51 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-29 16:58 - 2010-06-15 12:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-29 16:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-29 16:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2015-12-29 16:58 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-29 16:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2015-12-29 16:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Msdtc
2015-12-29 16:48 - 2012-08-02 01:13 - 00000000 ____D C:\Users\Keith\AppData\Roaming\TomTom
2015-12-29 16:48 - 2011-05-25 07:11 - 00000000 ____D C:\Users\Keith\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-12-29 16:48 - 2010-06-22 02:20 - 00000000 ____D C:\Users\Keith\AppData\Roaming\Macromedia
2015-12-29 16:48 - 2010-06-22 02:20 - 00000000 ____D C:\Users\Keith\AppData\Roaming\Adobe
2015-12-29 16:48 - 2010-06-22 02:20 - 00000000 ____D C:\ProgramData\Adobe
2015-12-29 16:48 - 2010-06-17 13:51 - 00000000 ____D C:\Users\Keith\AppData\LocalLow\Sun
2015-12-29 16:48 - 2010-06-15 15:38 - 00000000 ____D C:\users\Keith
2015-12-29 16:47 - 2012-09-22 11:26 - 00000000 __SHD C:\found.000
2015-12-29 16:47 - 2011-01-24 11:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-29 16:47 - 2010-06-15 12:23 - 00000000 __RHD C:\MSOCache
2015-12-29 16:47 - 2010-06-15 12:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-29 11:41 - 2012-04-05 03:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-29 11:25 - 2012-06-15 02:56 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-29 10:09 - 2009-07-13 20:45 - 00015136 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-29 10:09 - 2009-07-13 20:45 - 00015136 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-29 10:08 - 2009-07-13 21:13 - 00870974 _____ C:\Windows\System32\PerfStringBackup.INI
2015-12-29 10:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-19 08:52 - 2014-01-29 02:45 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-12-19 08:51 - 2015-10-09 08:55 - 00000000 ____D C:\Program Files (x86)\WinMerge
2015-12-19 08:51 - 2015-09-15 04:34 - 00000000 ___RD C:\Users\jowettguest\Virtual Machines
2015-12-19 08:51 - 2015-09-15 04:33 - 00000000 ____D C:\users\jowettguest
2015-12-19 08:51 - 2015-05-14 11:59 - 00000000 ____D C:\Program Files (x86)\cwRsync
2015-12-19 08:51 - 2015-04-29 08:16 - 00000000 ____D C:\Program Files (x86)\Gallery Remote
2015-12-19 08:51 - 2015-02-12 00:24 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-12-19 08:51 - 2014-07-22 04:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-19 08:51 - 2014-07-22 04:15 - 00000000 ____D C:\ProgramData\Skype
2015-12-19 08:51 - 2014-07-11 01:43 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-12-19 08:51 - 2014-02-22 05:19 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-19 08:51 - 2014-01-29 09:06 - 00000000 ____D C:\Program Files (x86)\Replay Telecorder for Skype
2015-12-19 08:51 - 2014-01-29 09:05 - 00000000 ____D C:\Program Files (x86)\Replay Media Splitter
2015-12-19 08:51 - 2014-01-29 09:04 - 00000000 ____D C:\Program Files (x86)\Replay Converter 4
2015-12-19 08:51 - 2014-01-29 08:55 - 00000000 ____D C:\Program Files (x86)\Replay Music 6
2015-12-19 08:51 - 2014-01-29 07:16 - 00000000 ____D C:\Program Files (x86)\Replay Video Capture 7
2015-12-19 08:51 - 2014-01-29 07:12 - 00000000 ____D C:\Program Files (x86)\WinPcap
2015-12-19 08:51 - 2014-01-29 07:10 - 00000000 ____D C:\Windows\Applian Director
2015-12-19 08:51 - 2013-11-05 15:02 - 00000000 ____D C:\Program Files (x86)\ImageMagick-6.8.7-Q16
2015-12-19 08:51 - 2013-05-01 02:40 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2015-12-19 08:50 - 2015-04-05 00:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-19 08:50 - 2015-04-05 00:59 - 00000000 ___SD C:\Windows\System32\GWX
2015-12-19 08:50 - 2014-05-07 22:59 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-12-19 08:50 - 2011-11-07 09:22 - 00000000 ____D C:\Windows\System32\Tasks\Event Viewer Tasks
2015-12-17 06:46 - 2012-08-06 01:55 - 00000000 ____D C:\Users\Keith\Documents\Outlook Files
2015-12-09 19:35 - 2013-07-15 15:55 - 00000000 ____D C:\Windows\System32\MRT
2015-12-08 05:14 - 2015-03-24 01:29 - 00000000 ____D C:\ProgramData\Oracle

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================


==================== Memory info =========================== 

Percentage of memory in use: 14%
Total physical RAM: 6141.46 MB
Available physical RAM: 5233.65 MB
Total Virtual: 6139.61 MB
Available Virtual: 5275.95 MB

==================== Drives ================================

Drive c: (w7-os) (Fixed) (Total:244.14 GB) (Free:189.77 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (InboardFiles) (Fixed) (Total:931.51 GB) (Free:719.37 GB) NTFS
Drive f: (newback) (Fixed) (Total:931.51 GB) (Free:616.91 GB) NTFS
Drive g: (edit) (Fixed) (Total:146.48 GB) (Free:114.03 GB) NTFS
Drive h: (2-OS) (Fixed) (Total:48.83 GB) (Free:47.27 GB) NTFS
Drive i: (vhd) (Fixed) (Total:472.51 GB) (Free:172.33 GB) NTFS
Drive j: (pagefile) (Fixed) (Total:19.53 GB) (Free:10.03 GB) NTFS
Drive k: (GB1CULXFRER_EN_DVD) (CDROM) (Total:3.2 GB) (Free:0 GB) UDF
Drive l: (OtherBackup) (Fixed) (Total:931.51 GB) (Free:4.72 GB) NTFS
Drive m: (SystemBackUp) (Fixed) (Total:931.51 GB) (Free:0 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (OnboardRAID) (Fixed) (Total:931.51 GB) (Free:574.51 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A906E018)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 628E907E)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=667.8 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 628E907F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A6BA6F9E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C6C7B88F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: 08632CC2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)


LastRegBack: 2015-12-30 17:48

==================== End of FRST.txt ============================