Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2016 Ran by SYSTEM on MININT-B703807 (28-11-2016 09:34:36) Running from f:\ Platform: Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet004 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.) HKLM\...\Run: [CmPCIaudio] => RunDll32 CMICNFG3.cpl,CMICtrlWnd HKLM\...\Run: [ACPW09EN] => C:\Program Files\ACD Systems\ACDSee Pro\9.0\acdIDInTouch2.exe [1731016 2016-07-14] (ACD Systems) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software) S2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-14] (HP Inc.) S4 lxdp_device; C:\Windows\system32\lxdpcoms.exe [589824 2007-11-19] ( ) S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [420920 2016-10-25] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [420920 2016-10-25] (NVIDIA Corporation) S2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [931896 2016-10-25] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation) S2 WsAppService; C:\Program Files\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) S3 WsDrvInst; C:\Program Files\Wondershare\Dr.Fone for Android (CPC)\DriverInstall.exe [115856 2016-09-21] (Wondershare) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-30] (AVAST Software) S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-30] (AVAST Software) S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-30] (AVAST Software) S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-08-30] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [60424 2016-08-30] (AVAST Software) S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-08-30] (AVAST Software) S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2016-08-25] (IVT Corporation.) S3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1872192 2009-11-30] (C-Media Inc) S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [185472 2013-04-16] (eMPIA Technology Corp.) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2016-10-25] (Samsung Electronics Co., Ltd.) S3 DualCoreCenter; C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys [36152 2010-02-08] (MICRO-STAR INT'L CO., LTD.) S3 emAudio; C:\Windows\System32\drivers\emAudio.sys [26112 2013-07-04] (eMPIA Technology Corp.) S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5632 2013-04-16] (eMPIA Technology Corp.) S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-08-25] (REALiX(tm)) S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.) S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.) S2 mi2c; C:\Windows\system32\drivers\mi2c.sys [18224 2016-01-28] (Nicomsoft Ltd.) S3 NVR0Dev; C:\Windows\nvoclock.sys [6912 2006-10-13] (NVidia Corp.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27704 2016-10-25] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [42040 2016-10-25] (NVIDIA Corporation) S3 RushTopDevice2; C:\Program Files\MSI\DualCoreCenter\RushTop.sys [55296 2009-03-18] (Your Corporation) S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [6144 2013-04-16] (eMPIA Technology Corp.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.) S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X] S3 MSICDSetup; \??\E:\CDriver.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-26 07:43 - 2016-11-28 09:34 - 00000000 ____D C:\FRST 2016-11-18 14:19 - 2016-11-18 14:19 - 00000000 __SHD C:\found.002 2016-11-18 07:18 - 2016-11-18 08:44 - 00000000 ____D C:\Users\TK\AppData\LocalLow\Mozilla 2016-11-18 06:16 - 2016-11-18 06:16 - 00003288 ____N C:\bootsqm.dat 2016-11-17 13:08 - 2016-11-17 13:08 - 00000000 __SHD C:\found.001 2016-11-09 12:11 - 2016-11-09 12:11 - 00074635 _____ C:\Users\TK\Documents\H6LLWJ.pdf 2016-11-08 09:56 - 2016-11-08 09:56 - 04629193 _____ C:\Users\TK\Downloads\TomTom-ONEv5-XLv2-en-GB.pdf 2016-11-07 11:13 - 2016-10-25 12:21 - 00095800 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap32v.dll 2016-11-07 11:13 - 2016-10-25 12:21 - 00042040 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad32v.sys 2016-11-07 07:12 - 2016-11-07 07:12 - 00011895 _____ C:\Users\TK\Documents\Flash GN.xlsx ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-27 17:02 - 2015-04-06 16:04 - 00000000 ____D C:\ProgramData\NVIDIA 2016-11-27 16:58 - 2016-09-24 04:21 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-11-27 16:58 - 2015-04-06 20:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-11-18 06:23 - 2009-07-13 20:34 - 00028720 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-18 06:23 - 2009-07-13 20:34 - 00028720 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-18 05:50 - 2015-04-06 10:31 - 00000000 ____D C:\users\TK 2016-11-16 16:14 - 2010-11-20 13:01 - 00006206 _____ C:\Windows\System32\PerfStringBackup.INI 2016-11-09 12:13 - 2015-04-22 08:09 - 00223744 ___SH C:\Users\TK\Documents\Thumbs.db 2016-11-08 08:22 - 2016-01-28 11:15 - 00182784 ___SH C:\Users\TK\Downloads\Thumbs.db 2016-11-08 07:36 - 2015-04-14 05:16 - 00000000 ____D C:\Users\TK\AppData\Roaming\NVIDIA 2016-11-07 12:29 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf 2016-11-07 11:14 - 2016-10-08 00:38 - 00001374 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-11-07 11:14 - 2015-04-06 16:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-11-07 11:13 - 2015-04-06 16:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-11-06 10:43 - 2015-05-05 07:23 - 00001259 _____ C:\Users\TK\Desktop\BillPay.txt 2016-11-05 07:12 - 2015-04-13 04:37 - 00000000 ____D C:\Users\TK\AppData\Local\Microsoft Help ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll [2016-09-22 08:43] - [2016-08-15 18:48] - 0811520 ____A (Microsoft Corporation) CC157E3445C86456494ED940E1250247 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 4095.37 MB Available physical RAM: 3597.69 MB Total Virtual: 4093.65 MB Available Virtual: 3595.04 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:456.77 GB) (Free:384.26 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (DISK 1 PART 2) (Fixed) (Total:8.99 GB) (Free:5.61 GB) NTFS Drive f: (TRAVELDRIVE) (Removable) (Total:3.73 GB) (Free:1.36 GB) FAT32 Drive g: (TOSHIBA EXT) (Fixed) (Total:298.01 GB) (Free:159.25 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: ED50ED50) Partition 1: (Active) - (Size=456.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=9 GB) - (Type=05) ======================================================== Disk: 1 (Size: 3.7 GB) (Disk ID: 28032449) Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B) ======================================================== Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: C27C4F8F) Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C) LastRegBack: 2016-11-05 08:53 ==================== End of FRST.txt ============================