I initially could not open any windows office files one day for some reason (work, exel, etc.) I uninstalled the program and attempted to reinstall. The installation would not complete, and kept giving me error messages. I checked the FAQ page and could not find the errors that I was receiving. I've ran the fix it tool, chkdsk, tweakign windows tool, ran a McAfee scan for corrupt files, with nothing significant and still am unable to open any office documents (I finally got it to download fully). I uninstalled office again, only for it not to reinstall fully once more, after the 10th time. I tried to repair the microsoft run file and that didn't work either. I am at a loss as to why this program isn't working. Here are my results from FRST64:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by A-TEAM (administrator) on ATEAM (22-09-2015 17:26:52)
Running from C:\Users\A-TEAM\Desktop
Loaded Profiles: A-TEAM (Available Profiles: A-TEAM)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(DoD PKE Engineering) C:\Program Files\DoD-PKE\InstallRoot\InstallRootService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Spotify Ltd) C:\Users\A-TEAM\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\A-TEAM\AppData\Roaming\Spotify\Spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Spotify Ltd) C:\Users\A-TEAM\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\A-TEAM\AppData\Roaming\Spotify\Spotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3249384 2015-05-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-03] (ActivIdentity)
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-03] (ActivIdentity)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\...\Run: [Spotify Web Helper] => C:\Users\A-TEAM\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-15] (Spotify Ltd)
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\...\Run: [Facebook Update] => C:\Users\A-TEAM\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-03] (Facebook Inc.)
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\...\Run: [Spotify] => C:\Users\A-TEAM\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-15] (Spotify Ltd)
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{027CF7D7-4952-4D79-9497-304660F3B912}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7A38CE4B-9F90-4E52-9B27-8BAF8CE03453}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.toshiba.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-952693156-1331711187-3647457651-1001 -> DefaultScope {3DA23C33-6C63-4AD1-9995-65AD8B3D92F9} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US550D20150912&p={searchTerms}
SearchScopes: HKU\S-1-5-21-952693156-1331711187-3647457651-1001 -> {3DA23C33-6C63-4AD1-9995-65AD8B3D92F9} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US550D20150912&p={searchTerms}
SearchScopes: HKU\S-1-5-21-952693156-1331711187-3647457651-1001 -> {95E77644-C85D-4E84-AA35-1EAEAF7E753A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-22] (Microsoft Corporation)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL [2013-10-20] (Symantec Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-22] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll [2013-02-03] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-08-21] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\A-TEAM\AppData\Roaming\Mozilla\Firefox\Profiles\fq7i3ocx.default
FF DefaultSearchEngine.US: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-952693156-1331711187-3647457651-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\A-TEAM\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF user.js: detected! => C:\Users\A-TEAM\AppData\Roaming\Mozilla\Firefox\Profiles\fq7i3ocx.default\user.js [2014-01-11]
FF SearchPlugin: C:\Users\A-TEAM\AppData\Roaming\Mozilla\Firefox\Profiles\fq7i3ocx.default\searchplugins\McSiteAdvisor.xml [2015-09-12]
FF Extension: MediaPlayer - C:\Users\A-TEAM\AppData\Roaming\Mozilla\Firefox\Profiles\fq7i3ocx.default\Extensions\[email protected] [2015-06-27]
FF Extension: Pin It Button - C:\Users\A-TEAM\AppData\Roaming\Mozilla\Firefox\Profiles\fq7i3ocx.default\Extensions\[email protected] [2014-12-28]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: No Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-09-12]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-20]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows ® Win 7 DDK provider) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-29] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InstallRoot; C:\Program Files\DoD-PKE\InstallRoot\InstallRootService.exe [755320 2015-02-13] (DoD PKE Engineering)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-09-15] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-15] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2013-10-20] (Symantec Corporation)
S3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2377984 2013-10-20] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe [334736 2013-10-20] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4226560 2014-10-27] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE}; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [169048 2013-10-20] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-29] (Symantec Corporation)
S3 EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (USB Smart Card Reader)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-29] (Symantec Corporation)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
S1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS [797272 2013-10-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS [36952 2013-10-20] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [34800 2013-10-20] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS [493656 2013-10-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS [1147480 2013-10-20] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SymELAM.sys [23568 2013-10-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-18] (Symantec Corporation)
S1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS [224856 2013-10-20] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS [437336 2013-10-20] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [155352 2014-01-18] (Symantec Corporation)
R1 Teefer2; C:\Windows\system32\DRIVERS\Teefer.sys [92456 2013-10-20] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 BHDrvx64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20150806.012\BHDrvx64.sys [X]
S1 IDSVia64; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20150818.011\IDSvia64.sys [X]
S3 NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20150818.025\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20150818.025\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 17:26 - 2015-09-22 17:27 - 00023743 _____ C:\Users\A-TEAM\Desktop\FRST.txt
2015-09-22 17:24 - 2015-09-22 17:27 - 00000000 ____D C:\FRST
2015-09-22 17:23 - 2015-09-22 17:23 - 02191360 _____ (Farbar) C:\Users\A-TEAM\Desktop\FRST64.exe
2015-09-22 17:19 - 2015-09-22 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-22 17:06 - 2015-09-22 17:06 - 00197679 _____ C:\Users\A-TEAM\Downloads\ListChkdskResult(1).exe
2015-09-22 16:58 - 2015-09-22 17:07 - 00088304 _____ C:\Users\A-TEAM\Desktop\ListChkdskResult.txt
2015-09-22 16:58 - 2015-09-22 16:58 - 00197679 _____ C:\Users\A-TEAM\Downloads\ListChkdskResult.exe
2015-09-22 16:51 - 2015-09-22 16:51 - 02023693 _____ C:\Users\A-TEAM\Downloads\tweaking.com_registry_backup_portable(1).zip
2015-09-22 16:50 - 2015-09-22 16:51 - 02023693 _____ C:\Users\A-TEAM\Downloads\tweaking.com_registry_backup_portable.zip
2015-09-22 14:45 - 2015-09-22 14:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-22 14:40 - 2015-09-22 16:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-22 14:30 - 2015-09-22 14:30 - 00003220 _____ C:\Windows\System32\Tasks\{B407D934-4D63-456D-A5E1-AF92D245D7B9}
2015-09-21 13:56 - 2015-09-21 13:56 - 00000000 ____D C:\Users\A-TEAM\Downloads\GT-RockBackingTracks
2015-09-21 13:53 - 2015-09-21 13:55 - 222396474 _____ C:\Users\A-TEAM\Downloads\GT-RockBackingTracks.zip
2015-09-17 18:17 - 2015-09-17 18:17 - 00000000 ____D C:\Users\A-TEAM\Downloads\unclass-installroot_v3-16a
2015-09-17 18:16 - 2015-09-17 18:16 - 01845266 _____ C:\Users\A-TEAM\Downloads\unclass-installroot_v3-16a.zip
2015-09-17 18:12 - 2015-09-17 18:12 - 00003182 _____ C:\Windows\System32\Tasks\{81E004C5-FDE7-44CE-94D1-44533865B703}
2015-09-17 18:11 - 2015-09-17 18:12 - 00958037 _____ C:\Users\A-TEAM\Downloads\HomeUserCertTool_V03 (1).zip
2015-09-17 18:10 - 2015-09-17 18:10 - 00958037 _____ C:\Users\A-TEAM\Downloads\HomeUserCertTool_V03.zip
2015-09-17 18:08 - 2015-09-17 18:08 - 00003170 _____ C:\Windows\System32\Tasks\{8254F302-F0C1-4A0F-BA80-BBD7E62B70C3}
2015-09-17 18:01 - 2015-09-17 18:01 - 00000000 ____D C:\Users\A-TEAM\AppData\Local\DoD-PKE
2015-09-17 18:00 - 2015-09-17 18:00 - 00001174 _____ C:\Users\Public\Desktop\InstallRoot 4.1.lnk
2015-09-17 18:00 - 2015-09-17 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DoD-PKE
2015-09-17 18:00 - 2015-09-17 18:00 - 00000000 ____D C:\Program Files\DoD-PKE
2015-09-17 17:26 - 2015-09-17 17:28 - 20487592 _____ C:\Users\A-TEAM\Downloads\OMPF documents.zip
2015-09-17 08:46 - 2015-09-17 08:46 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0e3a811a26d39
2015-09-16 09:56 - 2015-09-22 16:59 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-09-16 09:42 - 2015-09-22 12:59 - 00000000 ____D C:\Users\A-TEAM\AppData\Roaming\Skype
2015-09-16 09:42 - 2015-09-16 09:42 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-16 09:42 - 2015-09-16 09:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-16 09:42 - 2015-09-16 09:42 - 00000000 ____D C:\Users\A-TEAM\AppData\Local\Skype
2015-09-16 09:42 - 2015-09-16 09:42 - 00000000 ____D C:\ProgramData\Skype
2015-09-16 09:42 - 2015-09-16 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-16 09:40 - 2015-09-16 09:40 - 00000000 ____D C:\Program Files\AMD
2015-09-16 09:38 - 2015-01-05 22:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-09-16 09:38 - 2015-01-05 21:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-09-16 09:38 - 2015-01-05 20:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-09-16 09:38 - 2015-01-05 20:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-09-16 09:33 - 2015-08-06 14:15 - 01658544 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-16 09:33 - 2015-08-06 14:15 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-09-16 09:33 - 2015-08-06 14:15 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-16 09:33 - 2015-08-06 14:15 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-09-16 09:33 - 2015-08-06 11:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-09-16 09:33 - 2015-08-06 11:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-09-16 09:33 - 2014-11-15 14:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-09-16 09:33 - 2014-11-15 01:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-09-16 09:33 - 2014-11-14 01:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-09-16 09:33 - 2014-11-14 00:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-09-16 09:33 - 2014-11-10 13:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-09-16 09:33 - 2014-11-09 20:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-09-16 09:33 - 2014-11-07 22:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-09-16 09:33 - 2014-11-07 21:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-09-16 09:33 - 2014-11-07 20:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-09-16 09:33 - 2014-11-07 20:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-09-16 09:33 - 2014-11-06 22:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-09-16 09:33 - 2014-11-06 22:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-09-16 09:33 - 2014-11-04 21:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-09-16 09:33 - 2014-11-04 20:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-09-16 09:33 - 2014-11-04 20:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-09-16 09:33 - 2014-11-04 20:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-09-16 09:33 - 2014-11-04 20:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-09-16 09:33 - 2014-11-04 20:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-09-16 09:33 - 2014-11-04 20:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-09-16 09:33 - 2014-11-04 14:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-09-16 09:33 - 2014-11-04 00:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-09-16 09:33 - 2014-10-28 22:05 - 00551232 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-09-16 09:33 - 2014-10-28 20:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-09-16 09:32 - 2015-08-10 13:15 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-09-16 09:32 - 2015-08-10 13:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-09-16 09:32 - 2015-08-10 13:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-09-16 09:32 - 2015-08-10 12:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-09-16 09:32 - 2015-08-10 11:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-09-16 09:32 - 2015-08-10 11:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-09-16 09:32 - 2015-08-07 16:41 - 07460168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-16 09:32 - 2015-08-07 16:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-16 09:32 - 2015-08-07 16:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-16 09:32 - 2015-08-07 16:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-16 09:32 - 2015-08-07 16:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-16 09:32 - 2015-08-07 16:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-16 09:32 - 2015-08-07 09:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-16 09:32 - 2015-08-06 12:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-09-16 09:32 - 2015-08-06 11:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-09-16 09:32 - 2015-04-30 20:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-09-16 09:32 - 2015-04-30 20:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-09-16 09:32 - 2015-04-30 20:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-09-16 09:32 - 2014-11-17 15:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-09-16 09:32 - 2014-11-17 15:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-09-16 09:32 - 2014-11-14 01:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-09-16 09:32 - 2014-11-14 01:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-09-16 09:32 - 2014-11-10 13:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-09-16 09:32 - 2014-11-09 21:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-09-16 09:32 - 2014-11-09 20:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-09-16 09:32 - 2014-11-09 19:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-09-16 09:32 - 2014-11-07 23:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-09-16 09:32 - 2014-11-07 22:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-09-16 09:32 - 2014-11-07 22:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-09-16 09:32 - 2014-11-07 22:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-09-16 09:32 - 2014-11-07 22:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-09-16 09:32 - 2014-11-07 22:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-09-16 09:32 - 2014-11-07 22:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-09-16 09:32 - 2014-11-07 22:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-09-16 09:32 - 2014-11-07 21:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-09-16 09:32 - 2014-11-07 21:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-09-16 09:32 - 2014-11-07 21:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-09-16 09:32 - 2014-11-04 21:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-09-16 09:32 - 2014-11-04 21:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-09-16 09:32 - 2014-11-04 20:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-09-16 09:32 - 2014-11-04 20:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-09-16 09:32 - 2014-11-04 20:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-09-16 09:32 - 2014-11-04 20:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-09-16 09:32 - 2014-11-04 20:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-09-16 09:32 - 2014-11-04 01:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-09-16 09:32 - 2014-10-28 20:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-09-16 09:32 - 2014-10-20 20:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-09-16 09:32 - 2014-10-20 20:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-09-16 09:32 - 2014-10-20 19:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-09-16 09:32 - 2014-10-20 19:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-09-16 09:32 - 2014-10-20 19:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-09-16 09:32 - 2014-10-20 19:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-09-16 09:32 - 2014-10-20 19:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-09-16 09:32 - 2014-10-16 23:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-09-16 09:32 - 2014-10-16 22:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-09-16 09:29 - 2015-08-22 08:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-09-16 09:29 - 2015-08-22 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-09-16 09:29 - 2015-07-16 13:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-09-16 09:29 - 2015-06-09 17:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-09-16 09:29 - 2015-06-09 17:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-09-16 09:29 - 2015-06-09 17:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-09-15 16:40 - 2015-09-15 16:40 - 00891392 _____ (Farbar) C:\Users\A-TEAM\Downloads\MiniToolBox.exe
2015-09-15 14:50 - 2015-09-15 14:50 - 00000000 ____D C:\Users\A-TEAM\Downloads\tweaking.com_windows_repair_aio(2)
2015-09-15 14:48 - 2015-09-15 14:49 - 18071383 _____ C:\Users\A-TEAM\Downloads\tweaking.com_windows_repair_aio(2).zip
2015-09-12 08:33 - 2015-09-12 08:33 - 00003220 _____ C:\Windows\System32\Tasks\{3CBB94DB-A898-4F7E-A223-A73C7B84A1AD}
2015-09-12 06:48 - 2015-09-12 06:48 - 00001943 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2015-09-12 06:48 - 2015-09-12 06:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-09-12 06:47 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-09-12 06:46 - 2015-09-12 06:47 - 00003080 _____ C:\Windows\System32\Tasks\McAfeeLogon
2015-09-12 06:46 - 2015-09-12 06:46 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-09-12 06:46 - 2015-09-12 06:46 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2015-09-12 06:43 - 2015-09-22 11:37 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-09-12 06:37 - 2015-06-29 10:03 - 00254792 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2015-09-11 09:53 - 2015-09-11 09:53 - 00000000 ____D C:\Users\A-TEAM\Downloads\tweaking.com_windows_repair_aio(1)
2015-09-11 09:52 - 2015-09-11 09:53 - 18073209 _____ C:\Users\A-TEAM\Downloads\tweaking.com_windows_repair_aio(1).zip
2015-09-10 13:39 - 2015-09-02 21:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 13:39 - 2015-09-02 21:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 13:39 - 2015-09-02 13:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 13:39 - 2015-09-02 12:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 13:39 - 2015-07-22 09:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 13:39 - 2015-07-22 08:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 13:39 - 2015-07-17 09:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 13:39 - 2015-07-17 09:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 13:39 - 2015-07-13 14:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-10 13:39 - 2015-07-10 14:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-10 13:39 - 2015-07-09 11:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-10 13:39 - 2015-07-03 16:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-10 13:39 - 2015-07-03 09:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-10 13:39 - 2015-06-27 06:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 13:39 - 2015-06-19 12:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-10 13:21 - 2015-08-26 21:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 13:21 - 2015-08-26 13:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-10 13:21 - 2015-08-26 13:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-10 13:21 - 2015-08-26 13:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-10 13:21 - 2015-08-26 13:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-10 13:21 - 2015-08-26 09:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 13:21 - 2015-08-26 09:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 13:21 - 2015-08-26 09:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 13:21 - 2015-08-26 09:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-10 13:21 - 2015-08-26 09:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 13:21 - 2015-08-26 09:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 13:21 - 2015-08-26 09:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 13:21 - 2015-08-22 13:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 13:21 - 2015-08-22 12:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 13:21 - 2015-08-22 12:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 13:21 - 2015-08-22 12:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 13:21 - 2015-08-22 12:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 13:21 - 2015-08-22 12:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 13:21 - 2015-08-22 11:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 13:21 - 2015-08-22 11:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 13:21 - 2015-08-22 11:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-10 13:21 - 2015-08-22 11:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 13:21 - 2015-08-22 11:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-10 13:21 - 2015-08-22 11:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 13:21 - 2015-08-22 11:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 13:21 - 2015-08-22 11:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 13:21 - 2015-08-22 11:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 13:21 - 2015-08-22 11:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 13:21 - 2015-08-22 11:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 13:21 - 2015-08-22 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 13:21 - 2015-08-22 11:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-10 13:21 - 2015-08-22 11:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 13:21 - 2015-08-22 11:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-10 13:21 - 2015-08-22 11:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 13:21 - 2015-08-22 11:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 13:21 - 2015-08-22 11:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 13:21 - 2015-08-22 11:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 13:21 - 2015-08-22 11:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 13:21 - 2015-08-22 11:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 13:21 - 2015-08-22 10:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 13:21 - 2015-08-22 10:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 13:21 - 2015-07-30 12:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 13:21 - 2015-07-30 11:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 13:20 - 2015-09-01 21:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 13:20 - 2015-09-01 21:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 13:20 - 2015-09-01 21:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 13:20 - 2015-09-01 21:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 13:20 - 2015-09-01 21:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 13:20 - 2015-08-03 16:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 13:20 - 2015-08-03 16:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 13:20 - 2015-08-01 09:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 13:20 - 2015-07-31 22:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-10 13:20 - 2015-07-31 22:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-10 13:20 - 2015-07-31 22:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 13:20 - 2015-07-31 22:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-10 13:20 - 2015-07-31 22:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-10 13:20 - 2015-07-22 09:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-10 13:20 - 2015-07-22 09:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-10 13:20 - 2015-07-22 09:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-10 13:20 - 2015-07-22 09:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 13:20 - 2015-07-18 13:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-10 13:20 - 2015-07-18 13:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-10 13:20 - 2015-07-18 13:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-10 13:20 - 2015-07-18 13:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-10 13:20 - 2015-07-13 22:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-07 14:42 - 2015-09-14 11:27 - 00000000 ____D C:\ProgramData\McAfee
2015-09-06 01:16 - 2015-09-15 13:29 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-952693156-1331711187-3647457651-1001
2015-09-06 01:16 - 2015-09-06 01:16 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-05 23:21 - 2015-09-05 23:21 - 00000000 ____D C:\ProgramData\Adobe
2015-09-05 23:16 - 2015-09-05 23:16 - 00000000 ____D C:\ProgramData\ATI
2015-09-05 23:13 - 2015-09-05 23:13 - 00000000 ____D C:\ProgramData\Toshiba
2015-09-05 23:12 - 2015-09-05 23:12 - 00000000 ____D C:\ProgramData\WildTangent
2015-09-05 23:09 - 2015-09-05 23:09 - 00000000 ____D C:\ProgramData\Apple
2015-09-05 23:06 - 2015-09-22 17:00 - 00016514 _____ C:\Windows\PFRO.log
2015-09-05 21:56 - 2015-09-05 21:56 - 00863592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-09-05 21:22 - 2015-09-05 21:22 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2015-09-05 21:22 - 2015-09-05 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-05 21:22 - 2015-09-05 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-05 21:22 - 2015-09-05 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-05 21:02 - 2015-09-05 21:02 - 00000000 ____D C:\ProgramData\Symantec
2015-09-05 20:49 - 2015-09-16 16:30 - 00000000 __SHD C:\found.000
2015-09-05 20:36 - 2015-09-05 20:36 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ATEAM-Windows-8.1-(64-bit).dat
2015-09-05 20:36 - 2015-09-05 20:36 - 00000000 ____D C:\RegBackup
2015-09-05 20:06 - 2015-09-05 20:06 - 00000000 ____D C:\Users\A-TEAM\Downloads\tweaking.com_windows_repair_aio
2015-09-05 20:04 - 2015-09-05 20:04 - 18024840 _____ C:\Users\A-TEAM\Downloads\tweaking.com_windows_repair_aio.zip
2015-09-05 17:34 - 2015-09-05 17:34 - 00586096 _____ (McAfee, Inc.) C:\Users\A-TEAM\Downloads\MVTInstaller(1).exe
2015-09-05 17:33 - 2015-09-05 17:33 - 00586096 _____ (McAfee, Inc.) C:\Users\A-TEAM\Downloads\MVTInstaller.exe
2015-09-05 17:31 - 2015-09-12 06:47 - 00000000 ____D C:\Program Files\McAfee
2015-09-05 17:31 - 2015-09-12 06:47 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-09-05 17:31 - 2015-09-05 17:31 - 00003344 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2015-09-05 17:31 - 2015-09-05 17:31 - 00000000 ____D C:\Program Files\McAfee.com
2015-09-05 17:31 - 2015-09-05 17:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-05 17:31 - 2015-09-05 17:31 - 00000000 ____D C:\McAfee
2015-09-05 16:11 - 2015-09-05 16:11 - 00000000 ____D C:\McAfee Security Scan
2015-09-05 14:39 - 2015-09-22 17:00 - 00003364 _____ C:\Windows\setupact.log
2015-09-05 14:39 - 2015-09-05 14:39 - 00000000 _____ C:\Windows\setuperr.log
2015-09-04 14:31 - 2015-09-22 13:26 - 01954221 _____ C:\Windows\WindowsUpdate.log
2015-08-30 23:46 - 2015-09-22 17:01 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3a811a26d39.job
2015-08-28 21:26 - 2015-09-01 12:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-22 17:24 - 2013-12-15 11:35 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-952693156-1331711187-3647457651-1001
2015-09-22 17:23 - 2013-12-19 20:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-22 17:22 - 2014-04-03 20:17 - 00000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952693156-1331711187-3647457651-1001UA.job
2015-09-22 17:09 - 2013-12-27 00:47 - 00000000 ____D C:\Users\A-TEAM\AppData\Roaming\Spotify
2015-09-22 17:05 - 2015-01-01 13:09 - 00000000 ____D C:\Users\A-TEAM\OneDrive
2015-09-22 17:04 - 2013-12-27 00:48 - 00000000 ____D C:\Users\A-TEAM\AppData\Local\Spotify
2015-09-22 17:02 - 2013-10-09 02:20 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-22 17:00 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-22 16:59 - 2013-10-09 02:17 - 31356696 _____ C:\Users\Public\CAFADEBUG.log
2015-09-22 16:51 - 2013-10-09 02:20 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-22 16:46 - 2013-12-23 11:59 - 00000000 ____D C:\Users\A-TEAM\AppData\Local\CrashDumps
2015-09-22 16:45 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-22 12:11 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-22 11:44 - 2013-09-12 00:37 - 00765714 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-22 11:36 - 2013-08-22 08:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-09-22 10:35 - 2013-12-26 23:27 - 00000000 ____D C:\Users\A-TEAM\Documents\Anthony
2015-09-22 10:23 - 2013-12-19 20:45 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-20 05:59 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-18 16:58 - 2013-12-16 12:42 - 03585024 ___SH C:\Users\A-TEAM\Desktop\Thumbs.db
2015-09-17 20:22 - 2014-04-03 20:17 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952693156-1331711187-3647457651-1001Core.job
2015-09-17 17:11 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-17 16:10 - 2013-12-19 20:43 - 01620992 ___SH C:\Users\A-TEAM\Downloads\Thumbs.db
2015-09-17 12:34 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache
2015-09-17 08:46 - 2013-10-09 02:20 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 12:28 - 2015-04-02 22:13 - 00013831 _____ C:\Users\A-TEAM\Desktop\INFO v2.xlsx
2015-09-16 09:55 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-09-16 09:55 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\setup
2015-09-14 20:18 - 2015-04-17 19:06 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-14 20:18 - 2015-04-17 19:06 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 08:48 - 2013-08-22 09:44 - 00391352 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 08:42 - 2013-08-22 14:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-12 08:42 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-12 08:31 - 2013-12-23 10:57 - 00000000 ____D C:\Windows\system32\MRT
2015-09-12 06:46 - 2013-08-22 10:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-09-10 23:15 - 2013-12-15 11:29 - 00000000 ____D C:\Users\A-TEAM
2015-09-10 13:21 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
2015-09-10 13:02 - 2013-09-12 16:58 - 00000000 ____D C:\Windows\Panther
2015-09-05 22:03 - 2013-08-22 08:25 - 00000128 _____ C:\Windows\win.ini
2015-09-05 17:23 - 2013-08-22 08:25 - 00000851 _____ C:\Windows\system32\Drivers\etc\hosts_bak_214
2015-09-05 16:05 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\Recovery
2015-09-01 12:06 - 2013-12-15 18:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37 - 2013-12-23 10:56 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some files in TEMP:
====================
C:\Users\A-TEAM\AppData\Local\Temp\McCSPInstall.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-17 11:59
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by A-TEAM (2015-09-22 17:28:58)
Running from C:\Users\A-TEAM\Desktop
Windows 8.1 (X64) (2013-12-15 16:29:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
A-TEAM (S-1-5-21-952693156-1331711187-3647457651-1001 - Administrator - Enabled) => C:\Users\A-TEAM
Administrator (S-1-5-21-952693156-1331711187-3647457651-500 - Administrator - Disabled)
Guest (S-1-5-21-952693156-1331711187-3647457651-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-952693156-1331711187-3647457651-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: Symantec Endpoint Protection (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActivClient CAC x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.0.12510 - Adobe Systems Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{D71FAC89-D061-7BDB-C3C2-A5BAAEA26CBC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
ELAN Touchpad 11.8.43.1_X64_WHQL (HKLM\...\Elantech) (Version: 11.8.43.1 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
InstallRoot (HKLM\...\{A765EB7C-8360-49B8-804D-E2FB6D613C1D}) (Version: 4.1 - DoD PKE)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.161 - McAfee, Inc.)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-952693156-1331711187-3647457651-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft S/MIME (HKLM-x32\...\{D932D6AE-786B-4ECD-B6FE-B9C0EB059B3C}) (Version: 14.3.123.2 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MULTIFIT visualization tool (HKLM-x32\...\14AF7854-4BCC-4E9C-927A-849E36B82DDF) (Version: 1.7 - Multi Fit)
Multifit_Elearning (HKLM-x32\...\com.MultifitElearning) (Version: 1.9 - UNKNOWN)
Multifit_Elearning (x32 Version: 1.9 - UNKNOWN) Hidden
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-952693156-1331711187-3647457651-1001\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Symantec Endpoint Protection (HKLM\...\{B53661DC-CD94-4B14-B15F-D9DDCFF72558}) (Version: 12.1.4013.4013 - Symantec Corporation)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
16-09-2015 09:35:09 Windows Update
17-09-2015 17:59:55 Installed InstallRoot
22-09-2015 10:54:51 Tweaking.com - Windows Repair
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2015-09-07 14:46 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05531ED2-A647-476A-B8FC-87F15216EE28} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-07-21] (McAfee, Inc.)
Task: {0C4A0EE1-B66D-47D2-9612-AB0054F74DC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {1667B438-F0FC-4036-B2C9-F983DDA4CF7A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {1A910B0A-A630-4172-92A2-1159F7494578} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-952693156-1331711187-3647457651-1001
Task: {24873477-0089-43BF-BFD7-16BFD797228B} - System32\Tasks\{3CBB94DB-A898-4F7E-A223-A73C7B84A1AD} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=Repair platform=x86 culture=en-us
Task: {2E320278-B359-45D6-9FEA-277638C4A6A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {388703F3-FEB1-400C-875E-27E509E9D385} - System32\Tasks\{81E004C5-FDE7-44CE-94D1-44533865B703} => pcalua.exe -a "C:\Users\A-TEAM\AppData\Local\Temp\Temp1_HomeUserCertTool_V03 (1).zip\HomeUserCertTool_V03.exe"
Task: {49BE9D04-9C1D-40B5-98C6-6A038B81876C} - System32\Tasks\{B407D934-4D63-456D-A5E1-AF92D245D7B9} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=Repair platform=x86 culture=en-us
Task: {57BD9BB6-9CE8-41A1-ABF3-D7FE7FDA8850} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-28] ()
Task: {59B7B84D-4002-467C-8383-255BE9DEF924} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {61A02317-A4A3-46E9-B831-0C5C68CDAE3A} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {65BDF8DD-A245-4243-91D6-EB685ADA5850} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-952693156-1331711187-3647457651-1001UA => C:\Users\A-TEAM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-03] (Facebook Inc.)
Task: {74DCC224-7062-45E6-AE8C-572E92D41E3A} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {7EF8CA0C-7F3E-4BDE-8626-14B326399866} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {871A3DF0-BB59-4996-A043-4B7AEDE3FB39} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-952693156-1331711187-3647457651-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {8809BDAB-4180-4D22-96D6-C429E13A7357} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e3a811a26d39 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8A14202A-1702-4EC7-BB1E-685560681A6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8A920365-EA94-47E6-957A-8952E6D6084A} - System32\Tasks\{8254F302-F0C1-4A0F-BA80-BBD7E62B70C3} => pcalua.exe -a C:\Users\A-TEAM\AppData\Local\Temp\Temp1_HomeUserCertTool_V03.zip\HomeUserCertTool_V03.exe
Task: {93613264-BCE1-4BC5-8B7B-7BCF3C3052E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {9F7B112B-4D8E-4DA3-97DF-30469224A55C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {9FF1C2D1-BE4A-4619-89F3-1FE047FC01DD} - System32\Tasks\{D12B76AB-E78A-49B4-9B4A-D46588A6DF13} => pcalua.exe -a "C:\Users\A-TEAM\Downloads\MULTIFIT visualization tool-1.7-Setup.exe" -d C:\Users\A-TEAM\Downloads
Task: {A0173AEC-CBCE-4813-BA42-65D2ECFA2E4B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A16B98DC-70DB-4165-8B9F-8BDD67AFBCC7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-952693156-1331711187-3647457651-1001Core => C:\Users\A-TEAM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-03] (Facebook Inc.)
Task: {A7D13113-9E1C-476F-BFB1-907E8691940D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B34C7142-BAE7-4ED1-9DB0-9FB6095BE2A9} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
Task: {B8283746-7A6D-4A3F-8CC4-331B16DF1F29} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952693156-1331711187-3647457651-1001Core.job => C:\Users\A-TEAM\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-952693156-1331711187-3647457651-1001UA.job => C:\Users\A-TEAM\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3a811a26d39.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-22 14:40 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-10 14:54 - 2013-09-10 14:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-09-22 14:47 - 2015-09-22 14:47 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-13 13:53 - 2015-02-13 13:53 - 00077432 _____ () C:\Program Files\DoD-PKE\InstallRoot\IrTampLib_SWIG_sc.dll
2015-02-13 13:45 - 2015-02-13 13:45 - 03716728 _____ () C:\Program Files\DoD-PKE\InstallRoot\IrTampLib_SWIG_vc.DLL
2013-10-09 02:09 - 2013-08-28 19:08 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-01 15:24 - 2013-08-01 15:24 - 00438112 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2013-08-22 02:19 - 2013-08-22 01:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 02:19 - 2013-08-22 01:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2015-08-02 19:30 - 2015-08-02 19:30 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\b3972424579e18e6699549ecb948c4ef\Windows.Foundation.ni.dll
2015-03-11 20:12 - 2015-09-15 17:12 - 45067320 _____ () C:\Users\A-TEAM\AppData\Roaming\Spotify\libcef.dll
2015-03-11 20:12 - 2015-09-15 17:12 - 01649208 _____ () C:\Users\A-TEAM\AppData\Roaming\Spotify\libglesv2.dll
2015-03-11 20:12 - 2015-09-15 17:11 - 00080952 _____ () C:\Users\A-TEAM\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\A-TEAM\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-952693156-1331711187-3647457651-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\A-TEAM\Desktop\10494674_10152290541721523_808374366938200630_n.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "FastMediaConverter.lnk"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{F84C435C-C90F-4760-A596-176E8827D5B2}C:\users\a-team\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\a-team\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C9E5FAC-B5F7-4D51-983D-FB7CE8283036}C:\users\a-team\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\a-team\appdata\roaming\spotify\spotify.exe
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3D9BCA5A-702D-4688-8A5F-603450D65043}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/22/2015 05:21:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4753.1003, time stamp: 0x55f34d8b
Faulting module name: msvcrt.dll, version: 7.0.9600.17415, time stamp: 0x54504b2e
Exception code: 0xc0000005
Fault offset: 0x0000b46c
Faulting process id: 0x1008
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Faulting package full name: WINWORD.EXE4
Faulting package-relative application ID: WINWORD.EXE5
Error: (09/22/2015 05:21:22 PM) (Source: Microsoft Office 15) (EventID: 2000) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word couldn't start last time. Safe mode could help you troubleshoot the problem, but some features might not be available in this mode.
Do you want to start in safe mode?.
Accepted Safe Mode action : Microsoft Word.
Error: (09/22/2015 05:20:03 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry info for WSearchIdxPi for instance due to the following error: The operation completed successfully. 0x0.
Error: (09/22/2015 05:20:03 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Context: Application, SystemIndex Catalog
Error: (09/22/2015 05:20:03 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Error: (09/22/2015 05:19:06 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: ATEAM)
Description: Application or service 'Microsoft Office Document Cache Sync Client Interface' could not be shut down.
Error: (09/22/2015 05:06:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McUpdate.exe, version: 14.0.4121.0, time stamp: 0x55d7828e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x68c
Faulting application start time: 0xMcUpdate.exe0
Faulting application path: McUpdate.exe1
Faulting module path: McUpdate.exe2
Report Id: McUpdate.exe3
Faulting package full name: McUpdate.exe4
Faulting package-relative application ID: McUpdate.exe5
Error: (09/22/2015 05:05:16 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (09/22/2015 05:02:54 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Could not get performance counter registry info for WSearchIdxPi for instance due to the following error: The operation completed successfully. 0x0.
Error: (09/22/2015 05:02:53 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
Context: Application, SystemIndex Catalog
System errors:
=============
Error: (09/22/2015 05:03:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (09/22/2015 05:02:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577
Error: (09/22/2015 05:00:58 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (09/22/2015 05:00:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WWAN AutoConfig service terminated with the following error:
%%5
Error: (09/22/2015 05:00:15 PM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.
Error: (09/22/2015 11:39:59 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (09/22/2015 11:39:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577
Error: (09/22/2015 11:37:50 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (09/22/2015 11:37:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WWAN AutoConfig service terminated with the following error:
%%5
Error: (09/22/2015 11:37:03 AM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.
CodeIntegrity:
===================================
Date: 2015-09-22 17:02:50.556
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 11:39:58.129
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-16 09:57:59.653
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-15 17:10:34.513
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-15 14:33:18.043
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-12 08:48:29.814
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-10 23:17:16.676
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-07 15:34:13.537
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-07 14:52:22.299
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-05 23:24:40.248
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD A10-5750M APU with Radeon HD Graphics
Percentage of memory in use: 31%
Total physical RAM: 7374.26 MB
Available physical RAM: 5068.97 MB
Total Virtual: 8526.26 MB
Available Virtual: 5909.04 MB
==================== Drives ================================
Drive c: (TI10675800F) (Fixed) (Total:922.19 GB) (Free:854.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================