Hello everyone,
So the other day I was downloading some stuff for Arma 3 and I came accross an infected file that I downloaded and installed. It infected my computer with Malware and now my computer installs optimizers, toolbars and other random programs on my computer. I attempted to follow a couple of guides and tutorials posted on here but they only seemed to supress the malware for a small amount of time. I currently have FRST, JDW, OTL and JRE currently installed. For some reason ComboFix does not work on my PC despite running as admin (I currently run Win8.) it says that my OS isn't supported. So I know the drill, below are my initial FRST Scans and my System Specs. Any and all help is greatly appreciated. I know this is on your own time.
FRST Reports:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
Ran by Brandon (administrator) on VICEOFMORDOR (13-09-2015 23:23:57)
Running from C:\Users\PAM\Documents\FixIts
Loaded Profiles: Brandon & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS (Available Profiles: Brandon & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files (x86)\dataup\dataup.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\1441770685\s9.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Valid Applications) C:\ProgramData\lpADmp\QPYYKZHuUjY.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\ProgramData\Cienaueo\1.0.5.1\fnenniuu.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Google Inc.) C:\Users\PAM\AppData\Local\Temp\20150909\ct.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\ProgramData\Cienaueo\1.0.5.1\fnenniuu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Spotify Ltd) C:\Users\PAM\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\msrtn32\msrtn32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
() C:\Program Files (x86)\cpx\cpx.exe
() C:\Program Files (x86)\cpx\cpx.exe
() C:\Program Files (x86)\cpx\cpx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\DriverRestore\DriverRestore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
() C:\Program Files (x86)\msrtn32\cdhtr.exe
() C:\Program Files (x86)\msrtn32\rthdcpd.exe
() C:\Program Files (x86)\cpx\cpx.exe
() C:\Program Files (x86)\cpx\cpx.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-06-03] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM\...\Run: [prtstart] => C:\Program Files\shopperz080920151129\dr_inst.exe url=aHR0cDovL2Nkcy5zNm01bTlkNy5od2Nkbi5uZXQvYWRkb24vcHIvMDgwOTIwMTUvL3ByYzY0LmV4ZQ== lpath=QzpcUHJvZ3JhbSBGaWxlc1xzaG9wcGVyejA4MDkyMDE1MTEyOVxwcmMuZXh (the data entry has 24 more characters).
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM-x32\...\Run: [cpx] => C:\Program Files (x86)\cpx\cpx.exe [1172992 2015-07-03] ()
HKLM-x32\...\Run: [msrtn32] => C:\Program Files (x86)\msrtn32\msrtn32.exe [1221120 2015-08-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Run: [Spotify Web Helper] => C:\Users\PAM\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-14] (Spotify Ltd)
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Run: [BitTorrent] => C:\Users\PAM\AppData\Roaming\BitTorrent\BitTorrent.exe [1698152 2015-08-18] (BitTorrent Inc.)
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Run: [Spotify] => C:\Users\PAM\AppData\Roaming\Spotify\Spotify.exe [7675448 2015-08-14] (Spotify Ltd)
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Run: [DV] => C:\ProgramData\DataFile\Downloads\DV.exe [277504 2015-09-04] ()
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58FF73D5-9C8B-4E33-9C83-68FFF2941406}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-56948544-175400317-1807394744-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-56948544-175400317-1807394744-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-56948544-175400317-1807394744-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?gws_rd=ssl
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-425977601-1203083412-1631309457-2457533047-3321749933] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-56948544-175400317-1807394744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-56948544-175400317-1807394744-1001 -> {2582021E-73A4-4BB1-B89D-025F48C938D1} URL =
SearchScopes: HKU\S-1-5-21-56948544-175400317-1807394744-1001 -> {DF4E90BD-B786-4FF1-9EA9-E74A05ACFC3F} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=502468&p={searchTerms}
SearchScopes: HKU\S-1-5-21-56948544-175400317-1807394744-1001 -> {E0A72E9A-7D26-4DF6-AE45-C188B2A9D7E5} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Extension: No Name - C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default\Extensions\trash [2015-09-08]
FF Extension: Image and Flash Blocker - C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default\Extensions\[email protected] [2015-06-06]
FF Extension: AdBlock Lite - C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default\Extensions\[email protected] [2015-06-06]
FF Extension: Strict Pop-up Blocker - C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default\Extensions\[email protected] [2015-06-06]
FF Extension: AdBlock for YouTube™ - C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default\Extensions\[email protected] [2015-06-06]
FF Extension: Bluhell Firewall - C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2015-06-06]
FF Extension: FirefoxAdKiller - C:\Users\PAM\AppData\Roaming\Mozilla\Firefox\Profiles\9r0jzj47.default\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2015-06-06]
FF HKLM\...\Firefox\Extensions: [{A9BD0126-107A-4CE4-8DAF-23F7D903078A}] - C:\Program Files\shopperz090920150628\Firefox
FF HKLM\...\Firefox\Extensions: [{0C297AD1-F730-4FE3-9753-2E03841998C1}] - C:\Program Files\shopperz080920151129\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{A9BD0126-107A-4CE4-8DAF-23F7D903078A}] - C:\Program Files\shopperz090920150628\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{0C297AD1-F730-4FE3-9753-2E03841998C1}] - C:\Program Files\shopperz080920151129\Firefox
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-09-08] ()
R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [77824 2015-08-06] () [File not signed] <==== ATTENTION
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-15] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 QPYYKZHuUjY; C:\ProgramData\lpADmp\QPYYKZHuUjY.exe [2732800 2015-09-10] (Valid Applications)
R2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS12.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2450112 2014-02-21] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation)
R2 UdvdPork; C:\ProgramData\1441770685\s9.exe [404480 2015-04-07] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 windowsmanagementservice; C:\Users\PAM\AppData\Local\Temp\20150909\ct.exe [850432 2015-07-28] (Google Inc.) [File not signed]
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [119240 2013-10-15] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-28] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-13 23:23 - 2015-09-13 23:23 - 00010240 ___SH C:\Users\PAM\Desktop\Thumbs.db
2015-09-13 23:07 - 2015-09-13 23:07 - 00003728 _____ C:\Windows\System32\Tasks\DriverRestore_ScheduledScan
2015-09-13 23:07 - 2015-09-13 23:07 - 00003584 _____ C:\Windows\System32\Tasks\DriverRestore_DailyScan
2015-09-13 23:07 - 2015-09-13 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2015-09-13 23:07 - 2015-09-13 23:07 - 00000000 ____D C:\Program Files (x86)\DriverRestore
2015-09-13 23:07 - 2014-11-24 14:09 - 00020872 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2015-09-12 23:04 - 2015-09-12 23:04 - 00000000 ____D C:\ProgramData\Radio
2015-09-12 22:28 - 2015-09-12 22:33 - 00000000 ____D C:\Users\PAM\Desktop\deleted files
2015-09-11 22:08 - 2015-09-11 22:08 - 00000000 ____D C:\ProgramData\Browser
2015-09-10 20:48 - 2015-09-10 20:48 - 00000000 ____D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
2015-09-10 20:04 - 2015-09-10 20:04 - 00000000 ____D C:\Users\PAM\Documents\FixIts
2015-09-10 19:46 - 2015-09-10 19:46 - 00000143 _____ C:\junk.txt
2015-09-10 19:36 - 2015-09-13 23:14 - 00000000 ____D C:\Users\PAM\AppData\Local\FinanceAlert
2015-09-10 19:26 - 2015-09-13 23:24 - 00000000 ____D C:\FRST
2015-09-10 19:17 - 2015-09-13 21:38 - 00003442 _____ C:\Windows\System32\Tasks\Cienaueo
2015-09-10 19:17 - 2015-09-10 19:17 - 00000000 ____D C:\ProgramData\Cienaueo
2015-09-10 19:12 - 2015-09-10 19:13 - 00000000 ____D C:\ProgramData\lpADmp
2015-09-10 19:07 - 2015-09-10 19:07 - 00000000 ____D C:\_OTL
2015-09-10 18:52 - 2015-09-10 19:35 - 00000000 ____D C:\AdwCleaner
2015-09-10 18:42 - 2015-09-13 23:25 - 00000488 _____ C:\Windows\Tasks\CIMT_S-1-5-21-56948544-175400317-1807394744-1001.job
2015-09-10 18:42 - 2015-09-10 18:47 - 00000522 _____ C:\Windows\Tasks\CIMT_daily_S-1-5-21-56948544-175400317-1807394744-1001.job
2015-09-10 18:42 - 2015-09-10 18:42 - 00003582 _____ C:\Windows\System32\Tasks\CIMT_daily_S-1-5-21-56948544-175400317-1807394744-1001
2015-09-10 18:42 - 2015-09-10 18:42 - 00003472 _____ C:\Windows\System32\Tasks\CIMT_S-1-5-21-56948544-175400317-1807394744-1001
2015-09-10 18:42 - 2015-09-10 18:42 - 00000000 ____D C:\Program Files (x86)\Setup Support for Consumer Input
2015-09-10 18:38 - 2015-09-10 18:38 - 03378936 _____ C:\Windows\SysWOW64\ins_smk.exe
2015-09-10 18:38 - 2015-09-10 18:38 - 00520704 _____ C:\Windows\SysWOW64\ins_U501EXE.exe
2015-09-10 18:38 - 2015-09-10 18:38 - 00000000 ____D C:\Users\PAM\AppData\Local\CrashRpt
2015-09-09 21:50 - 2015-09-12 22:44 - 00000000 ____D C:\Program Files (x86)\cpx
2015-09-09 21:50 - 2015-09-12 21:58 - 00000000 ____D C:\Users\PAM\AppData\Local\mstrn32
2015-09-09 21:50 - 2015-09-10 19:15 - 00000000 ____D C:\Users\PAM\AppData\Local\cpx
2015-09-09 21:50 - 2015-09-09 21:50 - 00000000 ____D C:\Program Files (x86)\regtool
2015-09-09 21:50 - 2015-09-09 21:50 - 00000000 ____D C:\Program Files (x86)\msrtn32
2015-09-09 21:50 - 2015-09-09 21:50 - 00000000 ____D C:\Program Files (x86)\dataup
2015-09-09 21:38 - 2015-09-09 23:25 - 00000000 ____D C:\Users\PAM\AppData\Roaming\GameTracker
2015-09-09 21:38 - 2015-09-09 21:38 - 00001026 _____ C:\Users\PAM\Desktop\GameTracker Lite.lnk
2015-09-09 21:38 - 2015-09-09 21:38 - 00000000 ____D C:\Users\PAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite
2015-09-09 21:38 - 2015-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\GameTracker
2015-09-09 21:35 - 2015-09-09 21:35 - 05782856 _____ C:\Users\PAM\Downloads\GTSetup.exe
2015-09-09 21:21 - 2015-09-09 21:25 - 00000000 ____D C:\Users\PAM\Documents\Arma 3
2015-09-09 20:33 - 2015-09-09 20:33 - 00000000 ____D C:\Users\PAM\Documents\My Received Files
2015-09-09 20:32 - 2015-09-09 20:32 - 00001708 _____ C:\Users\PAM\Desktop\BitTorrent.lnk
2015-09-09 20:09 - 2015-09-09 20:09 - 00000993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-09 20:09 - 2015-09-09 20:09 - 00000981 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-09 20:02 - 2015-09-09 20:10 - 00000000 ____D C:\ProgramData\DataFile
2015-09-09 20:02 - 2015-09-09 20:08 - 00004752 _____ C:\Windows\SysWOW64\Oemupfahdh.ini
2015-09-09 20:02 - 2015-09-09 20:08 - 00002472 _____ C:\Windows\SysWOW64\OemupfahdhOff.ini
2015-09-09 20:02 - 2015-09-09 20:08 - 00002472 _____ C:\Windows\system32\OemupfahdhOff.ini
2015-09-09 20:02 - 2015-09-09 20:02 - 00000000 ____D C:\Windows\system32\phbo
2015-09-09 20:02 - 2015-09-08 01:32 - 00353632 _____ C:\Windows\system32\Oemupfahdh64.dll
2015-09-09 20:02 - 2015-09-08 01:32 - 00283488 _____ C:\Windows\SysWOW64\Oemupfahdh.dll
2015-09-09 20:01 - 2015-09-13 23:07 - 00000372 ____H C:\Windows\Tasks\AXCINCXHMDOCGGXC.job
2015-09-09 20:01 - 2015-09-09 20:01 - 00003384 _____ C:\Windows\System32\Tasks\AXCINCXHMDOCGGXC
2015-09-09 20:01 - 2015-09-09 20:01 - 00000000 ____D C:\ProgramData\Service1291
2015-09-09 17:58 - 2015-09-09 17:59 - 00000000 ____D C:\Users\PAM\AppData\Local\Arma 3 Launcher
2015-09-09 17:58 - 2015-09-09 17:58 - 00000000 ____D C:\Users\PAM\AppData\Local\Bohemia_Interactive
2015-09-09 17:57 - 2015-09-09 23:03 - 00001380 _____ C:\Users\PAM\AppData\Roaming\BreakingPoint_Options.ini
2015-09-08 22:18 - 2015-09-09 19:58 - 00000222 _____ C:\Users\PAM\Desktop\Arma 3.url
2015-09-08 20:55 - 2015-08-03 21:03 - 00000854 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-09-08 20:54 - 2015-09-09 20:03 - 00000000 ____D C:\Users\PAM\AppData\Local\Tempfolder
2015-09-08 20:54 - 2015-09-08 21:08 - 00004792 _____ C:\Windows\SysWOW64\Ufiodnukb.ini
2015-09-08 20:54 - 2015-09-08 21:08 - 00002504 _____ C:\Windows\SysWOW64\UfiodnukbOff.ini
2015-09-08 20:54 - 2015-09-08 21:08 - 00002504 _____ C:\Windows\system32\UfiodnukbOff.ini
2015-09-08 20:54 - 2015-09-08 20:54 - 00000903 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-09-08 20:54 - 2015-09-08 20:54 - 00000000 ____D C:\Windows\system32\tak
2015-09-08 20:54 - 2015-09-08 20:54 - 00000000 ____D C:\Users\PAM\AppData\Roaming\ortmp
2015-09-08 20:54 - 2015-09-08 20:31 - 00353648 _____ C:\Windows\system32\Ufiodnukb64.dll
2015-09-08 20:54 - 2015-09-08 20:31 - 00283504 _____ C:\Windows\SysWOW64\Ufiodnukb.dll
2015-09-08 20:51 - 2015-09-08 20:51 - 00000000 ____D C:\Users\PAM\AppData\Roaming\c
2015-09-08 20:51 - 2015-09-08 20:51 - 00000000 ____D C:\ProgramData\u4c
2015-09-08 20:51 - 2015-09-08 20:51 - 00000000 ____D C:\ProgramData\1441770685
2015-09-08 20:48 - 2015-09-08 20:48 - 00003490 _____ C:\Windows\System32\Tasks\ZIYBY
2015-09-08 20:48 - 2015-09-08 20:48 - 00000000 ____D C:\ProgramData\Service0561
2015-09-08 20:39 - 2015-09-08 20:39 - 00000000 ____D C:\ProgramData\Steam
2015-09-08 17:22 - 2015-09-09 22:52 - 00000000 ____D C:\Breaking Point
2015-09-08 17:22 - 2015-09-08 17:26 - 00001671 _____ C:\Users\Public\Desktop\BreakingPoint.lnk
2015-09-08 17:22 - 2015-09-08 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breaking Point
2015-09-08 16:34 - 2015-09-09 22:52 - 00000301 _____ C:\Users\PAM\AppData\Roaming\BreakingPoint_Login.ini
2015-09-08 16:17 - 2015-09-08 16:17 - 00000000 ____D C:\ProgramData\Caphyon
2015-09-08 16:15 - 2015-09-08 16:15 - 00000000 ____D C:\Users\PAM\AppData\Roaming\The Zombie Infection
2015-09-08 16:14 - 2015-09-08 16:14 - 32333991 _____ (The Zombie Infection) C:\Users\PAM\Downloads\Breaking_Point_Launcher.exe
2015-09-08 13:55 - 2015-08-26 19:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 13:55 - 2015-08-26 11:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 13:55 - 2015-08-26 11:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 13:55 - 2015-08-26 11:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 13:55 - 2015-08-26 11:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 13:55 - 2015-08-26 07:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 13:55 - 2015-08-26 07:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 13:55 - 2015-08-26 07:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 13:55 - 2015-08-26 07:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-08 13:55 - 2015-08-26 07:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 13:55 - 2015-08-26 07:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 13:55 - 2015-08-26 07:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 13:54 - 2015-09-02 19:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 13:54 - 2015-09-02 19:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 13:54 - 2015-09-02 11:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 13:54 - 2015-09-02 10:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 13:54 - 2015-07-30 10:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 13:54 - 2015-07-30 09:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 13:54 - 2015-07-22 07:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 13:54 - 2015-07-22 06:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 13:54 - 2015-07-17 07:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 13:54 - 2015-07-17 07:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-08 13:54 - 2015-06-27 04:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 13:53 - 2015-08-22 11:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 13:53 - 2015-08-22 10:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 13:53 - 2015-08-22 10:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 13:53 - 2015-08-22 10:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 13:53 - 2015-08-22 10:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 13:53 - 2015-08-22 10:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 13:53 - 2015-08-22 09:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 13:53 - 2015-08-22 09:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 13:53 - 2015-08-22 09:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 13:53 - 2015-08-22 09:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-08 13:53 - 2015-08-22 09:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 13:53 - 2015-08-22 09:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 13:53 - 2015-08-22 09:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 13:53 - 2015-08-22 09:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 13:53 - 2015-08-22 09:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 13:53 - 2015-08-22 09:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 13:53 - 2015-08-22 09:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 13:53 - 2015-08-22 09:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 13:53 - 2015-08-22 09:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-08 13:53 - 2015-08-22 09:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 13:53 - 2015-08-22 09:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 13:53 - 2015-08-22 09:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 13:53 - 2015-08-22 09:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 13:53 - 2015-08-22 09:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 13:53 - 2015-08-22 08:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 13:52 - 2015-08-22 09:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-08 13:52 - 2015-08-22 09:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-08 13:52 - 2015-08-22 09:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 13:52 - 2015-08-22 08:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 13:51 - 2015-09-01 19:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 13:51 - 2015-09-01 19:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 13:51 - 2015-09-01 19:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 13:51 - 2015-09-01 19:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 13:51 - 2015-09-01 19:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 13:51 - 2015-08-03 14:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 13:51 - 2015-08-03 14:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 13:51 - 2015-08-01 07:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 13:51 - 2015-07-31 20:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-08 13:51 - 2015-07-31 20:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-08 13:51 - 2015-07-31 20:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 13:51 - 2015-07-31 20:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-08 13:51 - 2015-07-31 20:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-08 13:51 - 2015-07-22 07:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 13:51 - 2015-07-22 07:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 13:51 - 2015-07-22 07:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 13:51 - 2015-07-22 07:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 13:51 - 2015-07-18 11:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-08 13:51 - 2015-07-18 11:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 13:51 - 2015-07-18 11:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-08 13:51 - 2015-07-18 11:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 13:51 - 2015-07-13 20:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-08 13:51 - 2015-07-13 12:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-08 13:51 - 2015-07-10 12:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-08 13:51 - 2015-07-09 09:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-08 13:51 - 2015-07-03 14:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-08 13:51 - 2015-07-03 07:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-08 13:51 - 2015-06-19 10:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-08 12:12 - 2015-09-08 12:12 - 00000000 ___SH C:\Users\PAM\AppData\Local\LumaEmu
2015-09-08 12:11 - 2015-09-12 22:59 - 00000000 ____D C:\Users\PAM\AppData\Local\Arma 3
2015-09-08 12:11 - 2015-09-08 12:11 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-09-08 11:53 - 2015-09-09 20:18 - 00000000 ____D C:\Games
2015-09-07 12:40 - 2015-09-07 12:40 - 00000000 ____D C:\Users\PAM\AppData\Roaming\Atari
2015-09-07 12:38 - 2015-09-07 12:38 - 00002224 _____ C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
2015-09-07 12:33 - 2015-09-07 12:40 - 00000000 ____D C:\Users\PAM\Documents\RCT3
2015-09-07 12:33 - 2015-09-07 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2015-09-07 12:27 - 2015-09-07 12:27 - 00000000 ____D C:\Program Files (x86)\Atari
2015-09-07 12:25 - 2015-09-07 12:26 - 00000000 ____D C:\Users\PAM\Documents\Rollercoaster Tycoon 3 Platinum
2015-08-27 20:30 - 2015-09-08 21:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 14:10 - 2015-08-31 19:02 - 00000000 ____D C:\Users\PAM\Documents\AcaciaParkPayment
2015-08-19 18:23 - 2015-08-19 18:23 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-14 14:19 - 2015-08-14 14:19 - 00000000 ____D C:\Users\PAM\AppData\Local\CEF
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-13 23:13 - 2014-04-05 10:16 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-56948544-175400317-1807394744-1001
2015-09-13 23:02 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-13 22:55 - 2014-03-03 16:27 - 01943301 _____ C:\Windows\WindowsUpdate.log
2015-09-13 22:43 - 2015-06-06 20:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-13 00:11 - 2015-08-06 20:07 - 00000000 ____D C:\Users\PAM\AppData\Roaming\Kodi
2015-09-13 00:01 - 2015-05-14 18:57 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-12 22:03 - 2014-03-03 16:39 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-09-12 21:58 - 2015-05-10 20:30 - 00000000 __RDO C:\Users\PAM\SkyDrive
2015-09-12 19:04 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-11 22:26 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2015-09-10 20:03 - 2015-07-06 21:16 - 00000000 ____D C:\Users\PAM\Documents\Image-Line
2015-09-10 20:01 - 2014-12-21 12:02 - 00000000 ____D C:\ProgramData\softthinks
2015-09-10 19:49 - 2013-08-22 07:46 - 00026493 _____ C:\Windows\setupact.log
2015-09-10 19:49 - 2013-08-22 07:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-10 19:48 - 2013-08-22 06:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-09-10 19:32 - 2015-07-06 20:44 - 00000000 ____D C:\Users\PAM\AppData\Roaming\BitTorrent
2015-09-10 19:11 - 2015-06-06 01:51 - 00000000 ____D C:\Users\PAM\AppData\Roaming\Spotify
2015-09-10 19:10 - 2015-06-06 01:52 - 00000000 ____D C:\Users\PAM\AppData\Local\Spotify
2015-09-10 19:07 - 2014-03-03 16:19 - 01019952 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-10 18:39 - 2014-04-05 10:11 - 00001658 _____ C:\Users\PAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet-Explorer.lnk
2015-09-09 20:41 - 2014-03-03 16:37 - 00000000 ____D C:\ProgramData\McAfee
2015-09-09 20:41 - 2014-03-03 16:05 - 00060042 _____ C:\Windows\PFRO.log
2015-09-09 20:39 - 2013-08-22 08:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-09-09 17:53 - 2014-03-03 16:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-08 22:18 - 2015-05-14 19:06 - 00000000 ____D C:\Users\PAM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-08 21:07 - 2013-08-22 06:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-08 21:06 - 2013-08-22 07:44 - 00492664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-08 21:05 - 2015-06-06 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-08 21:00 - 2013-08-22 12:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-08 21:00 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-08 20:54 - 2015-05-11 12:48 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-09-08 20:54 - 2015-05-11 12:47 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-09-08 20:37 - 2014-03-03 16:35 - 00027772 _____ C:\Windows\DirectX.log
2015-09-08 19:53 - 2015-05-08 17:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-08 19:52 - 2013-08-22 08:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-08 19:41 - 2015-05-09 11:01 - 00000000 ____D C:\Windows\system32\MRT
2015-09-08 10:50 - 2015-05-11 11:52 - 00000000 ____D C:\Users\PAM\Desktop\School Assignments
2015-09-07 13:30 - 2014-04-05 10:11 - 00000000 ____D C:\Users\PAM\AppData\Local\VirtualStore
2015-09-07 12:27 - 2014-03-03 16:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-06 19:32 - 2015-08-10 18:30 - 00000000 ____D C:\Users\PAM\Documents\Desktop Backgrounds
2015-08-26 18:37 - 2015-05-09 11:01 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-23 01:04 - 2015-08-06 22:46 - 00001037 ____H C:\Users\PAM\.swfinfo
2015-08-17 22:12 - 2015-05-25 21:12 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLEXPRESS
2015-08-17 22:11 - 2015-05-25 21:13 - 00000000 ____D C:\Users\ReportServer$SQLEXPRESS
2015-08-17 22:11 - 2015-05-25 21:12 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-08-17 22:11 - 2014-04-05 10:10 - 00000000 ____D C:\Users\PAM
2015-08-14 13:59 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 13:59 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 13:59 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 13:59 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
==================== Files in the root of some directories =======
2015-09-08 16:34 - 2015-09-09 22:52 - 0000301 _____ () C:\Users\PAM\AppData\Roaming\BreakingPoint_Login.ini
2015-09-09 17:57 - 2015-09-09 23:03 - 0001380 _____ () C:\Users\PAM\AppData\Roaming\BreakingPoint_Options.ini
2015-09-08 12:12 - 2015-09-08 12:12 - 0000000 ___SH () C:\Users\PAM\AppData\Local\LumaEmu
2014-03-03 16:07 - 2014-03-03 16:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-03 16:34 - 2014-03-03 16:35 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-03-03 16:31 - 2014-03-03 16:32 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-03-03 16:32 - 2014-03-03 16:33 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-03-03 16:33 - 2014-03-03 16:34 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-03-03 16:31 - 2014-03-03 16:31 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\PAM\AppData\Local\Temp\130807136398573833.exe
C:\Users\PAM\AppData\Local\Temp\13080713643707854438.exe
C:\Users\PAM\AppData\Local\Temp\1mj6gmhr.dll
C:\Users\PAM\AppData\Local\Temp\2032.exe
C:\Users\PAM\AppData\Local\Temp\8e7remtq.dll
C:\Users\PAM\AppData\Local\Temp\ARMA 3 Steamworks Fix NINO FIX Downloader__15047_i1635984875_il1360443.exe
C:\Users\PAM\AppData\Local\Temp\BRSVC_442028625_hlp.exe
C:\Users\PAM\AppData\Local\Temp\compete.exe
C:\Users\PAM\AppData\Local\Temp\cw.exe
C:\Users\PAM\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\PAM\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\PAM\AppData\Local\Temp\msC509.tmp.exe
C:\Users\PAM\AppData\Local\Temp\MSETUP4.EXE
C:\Users\PAM\AppData\Local\Temp\offer-8C7A8782-6475-4D07-A2C2-EB287CA389D1.exe
C:\Users\PAM\AppData\Local\Temp\oprun12404.exe
C:\Users\PAM\AppData\Local\Temp\oprun14997.exe
C:\Users\PAM\AppData\Local\Temp\oprun22280.exe
C:\Users\PAM\AppData\Local\Temp\oprun26437.exe
C:\Users\PAM\AppData\Local\Temp\proxy_vole5148578707414626857.dll
C:\Users\PAM\AppData\Local\Temp\setup_ospd_us.exe
C:\Users\PAM\AppData\Local\Temp\SpOrder.dll
C:\Users\PAM\AppData\Local\Temp\sqlite3.dll
C:\Users\PAM\AppData\Local\Temp\supoptsetup.exe
C:\Users\PAM\AppData\Local\Temp\uninstall.exe
C:\Users\PAM\AppData\Local\Temp\UninstallModule.exe
C:\Users\PAM\AppData\Local\Temp\Zzoooomit_uninstall.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2015-05-11 12:48] - [2015-09-08 20:54] - 0657920 ____A (Microsoft Corporation) C906F0C2BB37E3F210984B30854089F4
C:\Windows\SysWOW64\dnsapi.dll
[2015-05-11 12:47] - [2015-09-08 20:54] - 0498688 ____A (Microsoft Corporation) 46C697A082C0C27AC9400D1A9D4B97FE
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-10 23:19
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by Brandon (2015-09-13 23:25:25)
Running from C:\Users\PAM\Documents\FixIts
Windows 8.1 (X64) (2014-04-05 17:10:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-56948544-175400317-1807394744-500 - Administrator - Disabled)
Brandon (S-1-5-21-56948544-175400317-1807394744-1001 - Administrator - Enabled) => C:\Users\PAM
Guest (S-1-5-21-56948544-175400317-1807394744-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-56948544-175400317-1807394744-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
BitTorrent (HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
Breaking Point (x32 Version: 5.0.2.9 - The Zombie Infection) Hidden
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Consumer Input Update Helper (x32 Version: 1.3.25.309 - Compete Inc.) Hidden <==== ATTENTION
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{713A4123-9417-4FF7-AC14-F000D6C0C7AD}) (Version: 0.9.1115.0 - Dell Inc.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
Driver Restore (HKLM\...\Driver Restore) (Version: 2.3.0.0 - 383 Media, Inc.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version: - Sports Interactive)
GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1342.1) (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6882ac6d-e97d-4e25-b3ea-5f3f21055dfe}) (Version: 16.6.0 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Kodi (HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Policies (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{537203CB-708E-43A3-BA16-3D5C14A587BB}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.021 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{3C578F10-F74F-4655-B2A6-9F88A6C415E8}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Spotify (HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
SQL Server 2014 Client Tools (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Documentation Components (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Reporting Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts)
The Sims 4 Luxury Party Stuff DLC (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
29-08-2015 17:50:31 Scheduled Checkpoint
07-09-2015 12:26:50 Installed RollerCoaster Tycoon 3 Platinum
08-09-2015 16:15:27 Installed Breaking Point
09-09-2015 17:51:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-09-2015 17:52:03 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2015-09-09 20:40 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {095021C1-E590-473C-AE00-FA9D37E91CE1} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {16E8D4F6-6829-446E-8E90-9D5D9F40CF49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {16FF8528-ACED-4ECA-BEA0-008AA7FDE77B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-06] (Synaptics Incorporated)
Task: {232B4B1F-209A-4A92-9DB7-D85E04C5E823} - System32\Tasks\CIMT_daily_S-1-5-21-56948544-175400317-1807394744-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: {50C56041-C617-4549-9335-F30686641862} - System32\Tasks\ZIYBY => C:\ProgramData\Service0561\Service0561.exe [2015-09-08] () <==== ATTENTION
Task: {50EEC17B-B283-4377-A325-112C4C095C2B} - System32\Tasks\Cienaueo => C:\ProgramData\Cienaueo\1.0.5.1\fnenniuu.exe [2015-09-10] ()
Task: {5A5E0AC9-E5CE-4B5B-9689-C9BE18882E5A} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {5D244E9F-DEE5-42A8-B526-173EF21F151F} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {65CAEA6C-F566-4EE2-A082-D7F58AE02249} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {6AFD5D1A-5465-4DA4-A976-58578A6F49F4} - System32\Tasks\{6EF88B6F-86EC-4364-A649-F593C7987E1B} => pcalua.exe -a "C:\Program Files (x86)\Image-Line\FL Studio 11\uninstall.exe"
Task: {7A6C0134-866F-465A-B209-21098276399A} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-11-29] ()
Task: {7A8FAAA5-3898-4E9F-B1F0-9ACBD814E4BD} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {7DE00294-E6C5-4A85-B703-A907087CB2D1} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-11-29] ()
Task: {A9107929-3C43-4350-8692-1126F46213F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {BD585BED-7ED7-4C54-8DCE-751F4DE8DAED} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {C6FB1B92-6CD9-4AB4-9523-90FC8E1BE5D8} - System32\Tasks\AXCINCXHMDOCGGXC => C:\ProgramData\Service1291\Service1291.exe [2015-09-09] () <==== ATTENTION
Task: {D43047BF-53B2-4B49-9377-A240FDC80240} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {F6D79D7A-4736-4038-8DC0-1EA797DE8912} - System32\Tasks\CIMT_S-1-5-21-56948544-175400317-1807394744-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AXCINCXHMDOCGGXC.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\CIMT_daily_S-1-5-21-56948544-175400317-1807394744-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\Windows\Tasks\CIMT_S-1-5-21-56948544-175400317-1807394744-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-08-06 12:18 - 2015-08-06 12:18 - 00077824 _____ () C:\Program Files (x86)\dataup\dataup.exe
2015-04-07 07:12 - 2015-04-07 07:12 - 00404480 _____ () C:\ProgramData\1441770685\s9.exe
2013-08-22 12:40 - 2013-08-22 12:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 12:40 - 2013-08-22 12:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 12:40 - 2013-08-22 12:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2015-09-10 19:17 - 2015-09-10 19:17 - 00158208 _____ () C:\ProgramData\Cienaueo\1.0.5.1\fnenniuu.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-08-06 16:05 - 2015-08-06 16:05 - 01221120 _____ () C:\Program Files (x86)\msrtn32\msrtn32.exe
2014-09-18 11:37 - 2014-07-02 19:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-07-03 11:27 - 2015-07-03 11:27 - 01172992 _____ () C:\Program Files (x86)\cpx\cpx.exe
2015-07-02 23:47 - 2015-07-02 23:47 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-11-29 03:24 - 2014-11-29 03:24 - 00734840 _____ () C:\Program Files (x86)\DriverRestore\DriverRestore.exe
2015-08-06 16:06 - 2015-08-06 16:06 - 00825856 _____ () C:\Program Files (x86)\msrtn32\cdhtr.exe
2015-08-27 12:30 - 2015-08-27 12:30 - 00399872 _____ () C:\Program Files (x86)\msrtn32\rthdcpd.exe
2014-03-03 16:26 - 2013-08-28 03:02 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-10-12 00:26 - 2014-10-12 00:26 - 02299904 _____ () C:\Program Files (x86)\msrtn32\QxOrm.dll
2013-09-24 12:38 - 2013-09-24 12:38 - 00243200 _____ () C:\Program Files (x86)\msrtn32\boost_serialization-vc100-mt-1_54.dll
2014-10-13 19:34 - 2014-10-13 19:34 - 00879104 _____ () C:\Program Files (x86)\msrtn32\platforms\qwindows.dll
2014-10-13 19:31 - 2014-10-13 19:31 - 00635392 _____ () C:\Program Files (x86)\msrtn32\sqldrivers\qsqlite.dll
2014-03-03 16:32 - 2013-03-04 20:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 12:41 - 2013-03-05 12:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-05-14 19:00 - 2015-07-03 09:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-14 19:00 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-14 19:00 - 2015-08-19 13:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-14 19:00 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-14 19:00 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-14 19:00 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-14 19:00 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-14 19:00 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-14 19:00 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-14 19:00 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-14 19:00 - 2015-08-19 13:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-08-10 14:01 - 2015-07-26 18:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-05-14 19:00 - 2015-07-03 09:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-25 21:58 - 2015-06-25 21:58 - 40524800 _____ () C:\Program Files (x86)\cpx\libcef.dll
2015-03-31 17:47 - 2015-03-31 17:47 - 01359360 _____ () C:\Program Files (x86)\cpx\libglesv2.dll
2015-03-31 17:47 - 2015-03-31 17:47 - 00212992 _____ () C:\Program Files (x86)\cpx\libegl.dll
2015-04-19 09:18 - 2015-04-19 09:18 - 16825520 _____ () C:\Program Files (x86)\cpx\plugins\NPSWF32_15_0_0_152.dll
2014-11-29 03:22 - 2014-11-29 03:22 - 00085504 _____ () C:\Program Files (x86)\DriverRestore\DriversScanner.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-10-14 00:31 - 2014-10-14 00:31 - 00032256 _____ () C:\Program Files (x86)\msrtn32\imageformats\qdds.dll
2014-10-13 19:32 - 2014-10-13 19:32 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qgif.dll
2014-10-14 00:31 - 2014-10-14 00:31 - 00027648 _____ () C:\Program Files (x86)\msrtn32\imageformats\qicns.dll
2014-10-13 19:32 - 2014-10-13 19:32 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qico.dll
2014-10-14 00:31 - 2014-10-14 00:31 - 00381952 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjp2.dll
2014-10-13 19:31 - 2014-10-13 19:31 - 00204800 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjpeg.dll
2014-10-14 00:31 - 2014-10-14 00:31 - 00218112 _____ () C:\Program Files (x86)\msrtn32\imageformats\qmng.dll
2014-10-14 00:31 - 2014-10-14 00:31 - 00015360 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtga.dll
2014-10-14 00:32 - 2014-10-14 00:32 - 00307712 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtiff.dll
2014-10-14 00:32 - 2014-10-14 00:32 - 00014848 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwbmp.dll
2014-10-14 00:32 - 2014-10-14 00:32 - 00252928 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwebp.dll
2014-06-28 11:54 - 2014-06-28 11:54 - 14586808 _____ () C:\Program Files (x86)\msrtn32\Plugins\NPSWF32_11_5_502_110.dll
2015-03-31 17:46 - 2015-03-31 17:46 - 00984576 _____ () C:\Program Files (x86)\cpx\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\PAM\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\PAM\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\PAM\SkyDrive.old:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-56948544-175400317-1807394744-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PAM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "prtstart"
HKLM\...\StartupApproved\Run: => "SpaceSoundPro"
HKLM\...\StartupApproved\Run32: => "cpx"
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\StartupApproved\Run: => "DV"
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-56948544-175400317-1807394744-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5F22F6F2-4937-495C-9D60-B7C223557EE5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{33F3F2A7-2AA6-4D7D-874B-1D20E8206B15}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{281FCCF7-855D-4C45-94AA-E8A8D9B18B32}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\AetherWindowsService.exe
FirewallRules: [{EF196F89-EA15-4C16-A131-0E3057ED3311}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
FirewallRules: [{DBEA895E-A940-4C7D-B7F3-0C1156359ECA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{C1B27DF3-E056-4832-B60F-17D6AA3FB47E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{566EF349-2C72-405A-9E02-A0B295E445E8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A85067CD-46E1-47A6-A07B-F7941DD7F79E}] => (Allow) LPort=2869
FirewallRules: [{00763C18-02A2-496A-AED4-4FC82E8ACAE9}] => (Allow) LPort=1900
FirewallRules: [{F42BDAFF-C83C-4B5A-A543-637142373D28}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{2F97C8AE-9CD4-478B-AB8E-B78A10D7C8A8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{75D33CAD-A637-441E-904F-1FE9A3D5E033}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7B3B7FA0-96F0-4D6B-B4BB-E068E71BC46F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ED19AAE9-5443-47A8-933D-EBDFB98C0775}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{134A87F5-46CF-4F8F-9494-95F1FAFD6B3F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{95EBBCD9-8DD2-49DE-80F5-DEDECD56648E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2015\fm.exe
FirewallRules: [{E9F55CDD-E4FC-4811-872D-DC5F65700D83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2015\fm.exe
FirewallRules: [{D76B88E9-C037-4C23-86A5-839C4424A356}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDFFE906-042C-41B6-A2C7-3E8173B64992}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79B4813A-6D62-4098-B4F3-0131A2A8A6F3}] => (Allow) C:\Users\PAM\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{88A89A5A-6266-445F-8B9F-9811EBB8D073}] => (Allow) C:\Users\PAM\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5B9F4E43-4430-453D-A1DF-616E30C3DAB5}] => (Allow) C:\Users\PAM\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{11E08BEC-53CA-453D-9969-2AFF4C5DA91D}] => (Allow) C:\Users\PAM\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A4AEAAE2-ED40-4F9F-8E93-935891CF5A80}] => (Allow) C:\Users\PAM\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{011033AD-292C-4EDD-A487-D546813BF22C}] => (Allow) C:\Users\PAM\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6768C145-A81F-4D64-A59C-32428AE86FDB}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜瑩扥潲敫屲楳整牢歯牥攮數
FirewallRules: [{6DEDF643-C034-4842-BCC5-B10A7BD49C28}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜瑩扥潲敫屲敲瑳楳整牢歯牥攮數
FirewallRules: [{9CB76E26-4374-43AA-9F8F-CBB21B0426E1}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜瑩扥潲敫屲楳整牢歯牥硥e
FirewallRules: [{630960C3-3696-464A-AC9D-13A2D2FDB71D}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜瑩扥潲敫屲敲瑳楳整牢歯牥硥e
FirewallRules: [{D520BA22-9221-465D-8A7E-2212C8484CF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{4865F576-5262-4EDB-8B15-EAD7D7E5A198}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{5B23AE1C-3393-4F36-968D-2647073B09B0}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{0FECF01B-EC7C-444C-87AA-51D8A03CEE58}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{8CFBFEA7-11E6-400B-B7DE-263BC6AC50F6}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{4C34435D-B480-4AEE-BED4-8C879A87203B}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{BBDEA156-5F74-4ADC-B174-AFDC5BB6D746}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [{4F4B680C-8967-463E-ABD0-E29BD867BB7C}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/13/2015 11:06:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"1".
Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/13/2015 11:06:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"1".
Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/13/2015 11:06:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"1".
Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/13/2015 11:06:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOASTER.EXE, version: 1.0.1.229, time stamp: 0x538dde51
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0xe0434352
Fault offset: 0x00014598
Faulting process id: 0x1d0c
Faulting application start time: 0xTOASTER.EXE0
Faulting application path: TOASTER.EXE1
Faulting module path: TOASTER.EXE2
Report Id: TOASTER.EXE3
Faulting package full name: TOASTER.EXE4
Faulting package-relative application ID: TOASTER.EXE5
Error: (09/13/2015 11:06:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TOASTER.EXE
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
Stack:
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at Toaster.App.Main()
Error: (09/13/2015 11:06:23 PM) (Source: TOASTER.EXE) (EventID: 0) (User: )
Description: An Unhandled Exception occured.
Width and Height must be non-negative.
at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow)
at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
Error: (09/13/2015 10:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cpx.exe, version: 1.1.0.1, time stamp: 0x5596010a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0xe2c
Faulting application start time: 0xcpx.exe0
Faulting application path: cpx.exe1
Faulting module path: cpx.exe2
Report Id: cpx.exe3
Faulting package full name: cpx.exe4
Faulting package-relative application ID: cpx.exe5
Error: (09/13/2015 10:38:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cpx.exe, version: 1.1.0.1, time stamp: 0x5596010a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x10bc
Faulting application start time: 0xcpx.exe0
Faulting application path: cpx.exe1
Faulting module path: cpx.exe2
Report Id: cpx.exe3
Faulting package full name: cpx.exe4
Faulting package-relative application ID: cpx.exe5
Error: (09/13/2015 01:04:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cpx.exe, version: 1.1.0.1, time stamp: 0x5596010a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x2654
Faulting application start time: 0xcpx.exe0
Faulting application path: cpx.exe1
Faulting module path: cpx.exe2
Report Id: cpx.exe3
Faulting package full name: cpx.exe4
Faulting package-relative application ID: cpx.exe5
Error: (09/13/2015 12:44:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: cpx.exe, version: 1.1.0.1, time stamp: 0x5596010a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x27ac
Faulting application start time: 0xcpx.exe0
Faulting application path: cpx.exe1
Faulting module path: cpx.exe2
Report Id: cpx.exe3
Faulting package full name: cpx.exe4
Faulting package-relative application ID: cpx.exe5
System errors:
=============
Error: (09/13/2015 10:30:29 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.5 did not allow the name to be claimed by
this computer.
Error: (09/13/2015 09:39:03 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.5 did not allow the name to be claimed by
this computer.
Error: (09/10/2015 07:48:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (09/10/2015 07:48:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (09/10/2015 07:48:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (09/10/2015 07:35:42 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Error: (09/10/2015 07:35:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/10/2015 07:35:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Management Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/10/2015 07:35:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/10/2015 07:35:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office:
=========================
Error: (09/13/2015 11:06:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
Error: (09/13/2015 11:06:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
Error: (09/13/2015 11:06:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
Error: (09/13/2015 11:06:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TOASTER.EXE1.0.1.229538dde51KERNELBASE.dll6.3.9600.1741554504adee0434352000145981d0c01d0ede17fce09c7C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXEC:\Windows\SYSTEM32\KERNELBASE.dllb9907323-5aa6-11e5-827c-ac7ba13343a1
Error: (09/13/2015 11:06:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TOASTER.EXE
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
Stack:
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at Toaster.App.Main()
Error: (09/13/2015 11:06:23 PM) (Source: TOASTER.EXE) (EventID: 0) (User: )
Description: An Unhandled Exception occured.
Width and Height must be non-negative.
at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow)
at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
Error: (09/13/2015 10:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: cpx.exe1.1.0.15596010aunknown0.0.0.000000000c000000500000000e2c01d0eeb0bc58b8d7C:\Program Files (x86)\cpx\cpx.exeunknown216da175-5aa4-11e5-827c-ac7ba13343a1
Error: (09/13/2015 10:38:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: cpx.exe1.1.0.15596010aunknown0.0.0.000000000c00000050000000010bc01d0eeaf56b57fd2C:\Program Files (x86)\cpx\cpx.exeunknowne03061f8-5aa2-11e5-827c-ac7ba13343a1
Error: (09/13/2015 01:04:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: cpx.exe1.1.0.15596010aunknown0.0.0.000000000c000000500000000265401d0edfa9bf90ef4C:\Program Files (x86)\cpx\cpx.exeunknownfd869884-59ed-11e5-827c-ac7ba13343a1
Error: (09/13/2015 12:44:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: cpx.exe1.1.0.15596010aunknown0.0.0.000000000c00000050000000027ac01d0edf7d0b86925C:\Program Files (x86)\cpx\cpx.exeunknown391e23ca-59eb-11e5-827c-ac7ba13343a1
CodeIntegrity:
===================================
Date: 2015-09-10 23:21:28.630
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-18 13:08:55.445
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:55.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:55.161
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:55.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:54.917
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:54.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:54.669
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:54.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-05-18 13:08:54.389
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 50%
Total physical RAM: 8072.96 MB
Available physical RAM: 3990.77 MB
Total Virtual: 11155.62 MB
Available Virtual: 6469.25 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:922.48 GB) (Free:730.11 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.9 GB) (Free:0.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FD8B5488)
Partition: GPT.
==================== End of Addition.txt ============================