Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Black Screen with mouse cursor!

Started by SamCIT , Mar 23 2016 04:21 AM

  • Please log in to reply

#1
SamCIT
Posted 23 March 2016 - 04:21 AM

SamCIT

    New Member

  • Member
  • Pip
  • 1 posts

Unable to boot to Safe Mode/Low Res/LKG etc.

 

Can boot to recovery mode though, see below frst log, please assist with fix :)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by SYSTEM on MININT-I75RK1K (23-03-2016 10:17:51)
Running from E:\
Platform: Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [DagentUI] => C:\Program Files\Altiris\Dagent\dagentui.exe [554320 2009-08-11] (Altiris, Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [12288 2012-04-19] ()
HKLM\...\Run: [SMART Board Service] => C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
HKLM\...\Run: [SMART SNMP Agent] => C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e
HKLM\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files\Sophos\AutoUpdate\almon.exe [929272 2014-04-08] (Sophos Limited)
HKLM\...\Run: [tvncontrol] => "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
Winlogon\Notify\PCANotify: C:\Windows\system32\PCANotify.dll [2011-01-06] (Symantec Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION
HKU\r\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\r\...\Policies\system: [EnableProfileQuota] 1
HKU\r\...\Policies\system: [ProfileQuotaMessage] You have exceeded your profile storage space. Before you can log off, you need to move some items from your profile to network or local storage.
HKU\r\...\Policies\system: [MaxProfileSize] 250000
HKU\r\...\Policies\system: [WarnUserTimeout] 15
HKU\r\...\Policies\Explorer: [HideSCAHealth] 1
HKU\r\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\r\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\r\...\Policies\Explorer: [NoMovingBands] 1
HKU\r\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\r\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\r\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\r\...\Policies\Explorer: [LockTaskbar] 1
HKU\r\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\r\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\r\...\Policies\Explorer: [NoDFSTab] 1
HKU\r\...\Policies\Explorer: [Intellimenus] 1
HKU\r\...\Policies\Explorer: [NoInstrumentation] 1
HKU\r\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\r\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\r\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\r\...\Policies\Explorer: [NoNetHood] 1
HKU\r\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\r\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\r\...\Policies\Explorer: [NoResolveSearch] 1
HKU\r\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\r\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\r\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\r\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\r\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\r\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\r\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\r\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\r\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\r\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\r\...\Policies\Explorer: [RestrictCpl] 1
HKU\r\...\Policies\Explorer: [NoFind] 0
HKU\r\...\Policies\Explorer: [NoToolbarCustomize] 0
HKU\r\...\Policies\Explorer: [NoBandCustomize] 1
HKU\r\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\r\...\Policies\Explorer: [PromptRunasInstallNetPath] 1
HKU\r\...\Policies\Explorer: [NoUserFolderInStartMenu] 1
HKU\r\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\r\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\r\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 1
HKU\r\...\Policies\Explorer: [NoSearchCommInStartMenu] 1
HKU\r\...\Policies\Explorer: [NoSearchFilesInStartMenu] 1
HKU\r\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 1
HKU\r\...\Policies\Explorer: [HideSCANetwork] 1
HKU\r\...\Policies\Explorer: [SpecifyDefaultButtons] 1
HKU\r\...\Policies\Explorer: [Btn_Back] 2
HKU\r\...\Policies\Explorer: [Btn_Forward] 2
HKU\r\...\Policies\Explorer: [Btn_Stop] 2
HKU\r\...\Policies\Explorer: [Btn_Refresh] 2
HKU\r\...\Policies\Explorer: [Btn_Home] 1
HKU\r\...\Policies\Explorer: [Btn_Search] 2
HKU\r\...\Policies\Explorer: [Btn_Favorites] 1
HKU\r\...\Policies\Explorer: [Btn_History] 2
HKU\r\...\Policies\Explorer: [Btn_Folders] 1
HKU\r\...\Policies\Explorer: [Btn_Fullscreen] 1
HKU\r\...\Policies\Explorer: [Btn_Tools] 1
HKU\r\...\Policies\Explorer: [Btn_MailNews] 1
HKU\r\...\Policies\Explorer: [Btn_Size] 2
HKU\r\...\Policies\Explorer: [Btn_Print] 2
HKU\r\...\Policies\Explorer: [Btn_Edit] 1
HKU\r\...\Policies\Explorer: [Btn_Discussions] 1
HKU\r\...\Policies\Explorer: [Btn_Cut] 1
HKU\r\...\Policies\Explorer: [Btn_Copy] 1
HKU\r\...\Policies\Explorer: [Btn_Paste] 1
HKU\r\...\Policies\Explorer: [Btn_Encoding] 1
HKU\r\...\Policies\Explorer: [NoDrives] 65540
HKU\s77bwainwright\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77bwainwright\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77bwainwright\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77bwainwright\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77bwainwright\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77bwainwright\...\Policies\Explorer: [Intellimenus] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77bwainwright\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77bwainwright\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoNetHood] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77bwainwright\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77bwainwright\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77bwainwright\...\Policies\Explorer: [NoDrives] 98304
HKU\s77cwright\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77cwright\...\Policies\Explorer: [NoDrives] 98304
HKU\s77cwright\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77cwright\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77cwright\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77cwright\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77cwright\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77cwright\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77cwright\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77cwright\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77cwright\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77cwright\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77cwright\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77cwright\...\Policies\Explorer: [Intellimenus] 1
HKU\s77cwright\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77cwright\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77cwright\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77cwright\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77cwright\...\Policies\Explorer: [NoNetHood] 1
HKU\s77cwright\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77cwright\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77cwright\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77cwright\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77cwright\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77cwright\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77cwright\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77cwright\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77cwright\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77cwright\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77cwright\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77cwright\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77cwright\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77cwright\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77cwright\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77eryan\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77eryan\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77eryan\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77eryan\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77eryan\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77eryan\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77eryan\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77eryan\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77eryan\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77eryan\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77eryan\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77eryan\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77eryan\...\Policies\Explorer: [Intellimenus] 1
HKU\s77eryan\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77eryan\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77eryan\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77eryan\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77eryan\...\Policies\Explorer: [NoNetHood] 1
HKU\s77eryan\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77eryan\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77eryan\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77eryan\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77eryan\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77eryan\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77eryan\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77eryan\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77eryan\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77eryan\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77eryan\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77eryan\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77eryan\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77eryan\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77eryan\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77eryan\...\Policies\Explorer: [NoDrives] 98304
HKU\s77jdorney\...\Run: [Chromium] => "c:\users\s77jdorney\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\s77jdorney\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77jdorney\...\Policies\Explorer: [NoDrives] 98304
HKU\s77jdorney\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77jdorney\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77jdorney\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77jdorney\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77jdorney\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77jdorney\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77jdorney\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77jdorney\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77jdorney\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77jdorney\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77jdorney\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77jdorney\...\Policies\Explorer: [Intellimenus] 1
HKU\s77jdorney\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77jdorney\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77jdorney\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77jdorney\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77jdorney\...\Policies\Explorer: [NoNetHood] 1
HKU\s77jdorney\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77jdorney\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77jdorney\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77jdorney\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77jdorney\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77jdorney\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77jdorney\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77jdorney\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77jdorney\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77jdorney\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77jdorney\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77jdorney\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77jdorney\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77jdorney\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77jdorney\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77kwalker\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77kwalker\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77kwalker\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77kwalker\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77kwalker\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77kwalker\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77kwalker\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77kwalker\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77kwalker\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77kwalker\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77kwalker\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77kwalker\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77kwalker\...\Policies\Explorer: [Intellimenus] 1
HKU\s77kwalker\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77kwalker\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77kwalker\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77kwalker\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77kwalker\...\Policies\Explorer: [NoNetHood] 1
HKU\s77kwalker\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77kwalker\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77kwalker\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77kwalker\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77kwalker\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77kwalker\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77kwalker\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77kwalker\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77kwalker\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77kwalker\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77kwalker\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77kwalker\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77kwalker\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77kwalker\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77kwalker\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77kwalker\...\Policies\Explorer: [NoDrives] 98304
HKU\s77localadmin\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77localadmin\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77localadmin\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77localadmin\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\s77localadmin\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77localadmin\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77localadmin\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77localadmin\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77localadmin\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77localadmin\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77localadmin\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77localadmin\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77localadmin\...\Policies\Explorer: [Intellimenus] 1
HKU\s77localadmin\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77localadmin\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77localadmin\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoDrives] 98304
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [Intellimenus] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoNetHood] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77lratcliffe.SOLGRID\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77sbeamond\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77sbeamond\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77sbeamond\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77sbeamond\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77sbeamond\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77sbeamond\...\Policies\Explorer: [Intellimenus] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77sbeamond\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77sbeamond\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoNetHood] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77sbeamond\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77sbeamond\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77sbeamond\...\Policies\Explorer: [NoDrives] 98304
HKU\s77sfrankish\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoDrives] 98304
HKU\s77sfrankish\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77sfrankish\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77sfrankish\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77sfrankish\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77sfrankish\...\Policies\Explorer: [Intellimenus] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77sfrankish\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77sfrankish\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoNetHood] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77sfrankish\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77sfrankish\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77sfrankish\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77sparker.SOLGRID\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoDrives] 98304
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [Intellimenus] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoNetHood] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77sparker.SOLGRID\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77vknight.SOLGRID\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [Intellimenus] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoNetHood] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77vknight.SOLGRID\...\Policies\Explorer: [NoDrives] 98304
HKU\s77vsmith\...\Policies\system: [HideLegacyLogonScripts] 1
HKU\s77vsmith\...\Policies\Explorer: [HideSCAHealth] 1
HKU\s77vsmith\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\s77vsmith\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\s77vsmith\...\Policies\Explorer: [NoMovingBands] 1
HKU\s77vsmith\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\s77vsmith\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\s77vsmith\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\s77vsmith\...\Policies\Explorer: [LockTaskbar] 1
HKU\s77vsmith\...\Policies\Explorer: [NoStartMenuEjectPC] 1
HKU\s77vsmith\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\s77vsmith\...\Policies\Explorer: [NoDFSTab] 1
HKU\s77vsmith\...\Policies\Explorer: [Intellimenus] 1
HKU\s77vsmith\...\Policies\Explorer: [NoInstrumentation] 1
HKU\s77vsmith\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\s77vsmith\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\s77vsmith\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\s77vsmith\...\Policies\Explorer: [NoNetHood] 1
HKU\s77vsmith\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\s77vsmith\...\Policies\Explorer: [NoPropertiesMyDocuments] 1
HKU\s77vsmith\...\Policies\Explorer: [NoResolveSearch] 1
HKU\s77vsmith\...\Policies\Explorer: [NoManageMyComputerVerb] 1
HKU\s77vsmith\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\s77vsmith\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKU\s77vsmith\...\Policies\Explorer: [NoRunasInstallPrompt] 1
HKU\s77vsmith\...\Policies\Explorer: [NoSetTaskbar] 1
HKU\s77vsmith\...\Policies\Explorer: [NoNetworkConnections] 1
HKU\s77vsmith\...\Policies\Explorer: [NoSMMyDocs] 1
HKU\s77vsmith\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\s77vsmith\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\s77vsmith\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\s77vsmith\...\Policies\Explorer: [NoShellSearchButton] 1
HKU\s77vsmith\...\Policies\Explorer: [DisallowCpl] 1
HKU\s77vsmith\...\Policies\Explorer: [NoDrives] 98304
AppInit_DLLs: ,C:\PROGRA~1\SOPHOS\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-04-08] (Sophos Limited)
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Altiris Deployment Agent; C:\Program Files\Altiris\Dagent\dagent.exe [1246544 2009-08-11] (Altiris, Inc.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-05-04] (Advanced Micro Devices, Inc.)
S2 awhost32; C:\Program Files\Symantec\pcAnywhere\awhost32.exe [142224 2011-01-06] (Symantec Corporation)
S2 SAVAdminService; C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [290296 2014-04-08] (Sophos Limited)
S2 SAVService; C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [206328 2014-04-08] (Sophos Limited)
S2 Sophos Agent; C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2014-04-08] (Sophos Limited)
S2 Sophos AutoUpdate Service; C:\Program Files\Sophos\AutoUpdate\ALsvc.exe [237048 2014-04-08] (Sophos Limited)
S3 Sophos Device Control Service; C:\Program Files\Sophos\Sophos Anti-Virus\sdcservice.exe [651768 2014-04-08] (Sophos Limited)
S2 Sophos Message Router; C:\Program Files\Sophos\Remote Management System\RouterNT.exe [818240 2014-04-08] (Sophos Limited)
S2 Sophos Web Control Service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2014-04-08] (Sophos Limited)
S2 swi_service; C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3109880 2014-04-08] (Sophos Limited)
S2 swi_update; C:\ProgramData\Sophos\Web Intelligence\swi_update.exe [1471992 2014-04-08] (Sophos Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 CcmExec; C:\Windows\CCM\CcmExec.exe [X]
S2 CLPSLauncher; "C:\Program Files\Common Files\COMODO\launcher_service.exe" [X]
S2 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [X]
S3 ConfigService; "C:\Program Files\Altiris\Altiris Agent\Agents\Deployment\ConfigService.exe" [X]
S2 GeekBuddyRSP; "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -service [X]
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 IEEtwCollectorService; %SystemRoot%\system32\IEEtwCollector.exe /V [X]
S3 lpasvc; "C:\Program Files\Microsoft Policy Platform\policyHost.exe" /service [X]
S3 lppsvc; "C:\Program Files\Microsoft Policy Platform\policyHost.exe" /service [X]
S2 MiniService; "C:\Users\s77jdorney\AppData\Local\MiniService\MiniService.exe" -r [X]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [X]
S2 NS; "C:\Program Files\Norton Security\Engine\22.5.4.24\NS.exe" /s "NS" /m "C:\Program Files\Norton Security\Engine\22.5.4.24\diMaster.dll" /prefetch:1
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [X]
S2 SAService; %SystemRoot%\system32\SAsrv.exe [X]
S3 smstsmgr; C:\Windows\CCM\TSManager.exe /service [X]
S2 Solus3Agent; "C:\Program Files\Solus3\AgentService\Sims.Solus3.Agent.AgentService.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70784 2011-12-12] (Advanced Micro Devices)
S0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34944 2011-12-12] (Advanced Micro Devices)
S1 awecho; C:\Windows\System32\drivers\awechomd.sys [13616 2009-12-02] (Symantec Corporation)
S1 awlegacy; C:\Windows\System32\Drivers\awlegacy.sys [17848 2007-03-30] (Symantec Corporation)
S1 AW_HOST; C:\Windows\System32\drivers\aw_host5.sys [18232 2007-03-30] (Symantec Corporation)
S1 Gernuwa; C:\Windows\System32\Drivers\Gernuwa.sys [20536 2007-03-30] (Symantec Corporation)
S3 MEI; C:\Windows\system32\drivers\HECI.sys [41088 2010-10-19] (Intel Corporation)
S1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [132424 2014-04-08] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [33696 2014-04-08] (Sophos Limited)
S1 SKMScan; C:\Windows\System32\DRIVERS\skmscan.sys [33096 2014-04-08] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [22536 2014-04-08] (Sophos Plc)
S1 BHDrvx86; \??\C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160213.003\BHDrvx86.sys [X]
S1 ccSet_NS; \SystemRoot\system32\drivers\NS\1605040.018\ccSetx86.sys [X]
S1 CFRMD; system32\DRIVERS\CFRMD.sys [X]
S1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [X]
S3 EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [X]
S1 IDSVix86; \??\C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160224.001\IDSvix86.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160224.037\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160224.037\NAVEX15.SYS [X]
S3 prepdrvr; system32\DRIVERS\prepdrv.sys [X]
S3 SMARTMouseFilterx86; system32\DRIVERS\SMARTMouseFilterx86.sys [X]
S3 SMARTVHidMini2000x86; system32\DRIVERS\SMARTVHidMini2000x86.sys [X]
S3 SMARTVTabletPCx86; system32\DRIVERS\SMARTVTabletPCx86.sys [X]
S3 SRTSP; \SystemRoot\system32\drivers\NS\1605040.018\SRTSP.SYS [X]
S1 SRTSPX; \SystemRoot\system32\drivers\NS\1605040.018\SRTSPX.SYS [X]
S3 STI2303X; System32\Drivers\STI2303X.sys [X]
S0 SymEFASI; system32\drivers\NS\1605040.018\SYMEFASI.SYS [X]
S3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [X]
S1 SymIRON; \SystemRoot\system32\drivers\NS\1605040.018\Ironx86.SYS [X]
S1 SymNetS; \SystemRoot\system32\drivers\NS\1605040.018\SYMNETS.SYS [X]
S3 usbvideo; System32\Drivers\usbvideo.sys [X]
S3 WinUsb; system32\DRIVERS\WinUsb.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdiox86.sys FF258424F0B2EF25EB98F04EE386E6E3
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 3C4BD906CCAE29F737F9B04210A88E05
C:\Windows\System32\DRIVERS\atikmpag.sys C4573AE73076F4C0D53B7646B648E176
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\System32\DRIVERS\amd_sata.sys E91675D350F5FCD98005F5B2C97F6B61
C:\Windows\System32\DRIVERS\amd_xata.sys 5B43A272F8233A743533992248ECBC73
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW73.sys 6ADC42CF4A6AB84975CA63DCCFAAF5D8
C:\Windows\System32\drivers\awechomd.sys 6CF7A77DEA4AF43FD1907E9CDFD65F24
C:\Windows\System32\Drivers\awlegacy.sys FCD631B75D01FECB673D52BFE87774AC
C:\Windows\System32\drivers\aw_host5.sys BE23B51D1AF7AB948F883F864454393D
C:\Windows\system32\drivers\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 6427525D76F61D0C519B008D3680E8E7
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 2A958EF85DB1B61FFCA65044FA4BCE9E
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\drivers\evbdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Gernuwa.sys B390BC5AA09F333C5D95BE651C073564
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\igdkmd32.sys 721A8D48B2DC8C1C58C61CB948491EA8
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys 5576AD2F0039D2BCCCA3567FC0BF981C
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys F4647BB23DB9038A7536CF6B68F4207F
C:\Windows\System32\Drivers\ksecpkg.sys E73CAE53BBB72BA26918492C6B4C229D
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\system32\drivers\HECI.sys D86AC00883B9C98B570E7643AAF8E554
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 81189C3D7763838E55C397759D49007A
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt86win7.sys 64CA613324D8BD0B278420ED4959AFD9
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\savonaccess.sys 3932A1A0F46728CC00E3D9B389C096B0
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdcfilter.sys 4F21774E1259A546B992D9EAACDFD778
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\skmscan.sys DA8F2F3BB2B58B0125F9C62412DDC4D9
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SophosBootDriver.sys F2B7BD04146B3E6A895A1919E1F5DA89
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 65D10B191C59C5501A1263FC33F6894B
C:\Windows\System32\DRIVERS\tcpip.sys 65D10B191C59C5501A1263FC33F6894B
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 01246F0BAAD7B68EC0F472AA41E33282
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbfilter.sys 04322AECFC8718883EE3A0FE21FB5B70
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\System32\DRIVERS\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\system32\drivers\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Three Months Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-23 10:10 - 2016-03-23 10:10 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2016-03-23 09:42 - 2016-03-23 10:17 - 00000000 ____D C:\FRST
2016-03-22 00:28 - 2016-03-22 07:40 - 00389428 _____ C:\Windows\ntbtlog.txt
2016-03-21 01:26 - 2016-03-21 01:26 - 00033520 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0.bak
2016-03-21 01:26 - 2016-03-21 01:26 - 00033520 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0.bak
2016-03-15 08:33 - 2016-03-15 08:33 - 00000000 ____D C:\Users\s77localadmin\AppData\Local\HP
2016-03-15 08:32 - 2016-03-15 08:32 - 00000000 ____D C:\Users\s77localadmin\AppData\Local\Google
2016-03-09 04:39 - 2016-03-09 04:39 - 00000000 ____D C:\Users\s77sfrankish\AppData\Local\HP
2016-03-09 02:58 - 2016-03-21 09:20 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-03-09 02:58 - 2016-03-09 02:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-04 06:09 - 2016-03-04 06:09 - 00000000 ____D C:\Users\s77sparker.SOLGRID\AppData\Local\MiniService
2016-03-04 06:00 - 2016-03-04 06:38 - 00000000 ____D C:\Users\s77sparker.SOLGRID\AppData\Local\Google
2016-02-29 06:04 - 2016-02-29 06:04 - 00000000 ____D C:\Users\s77cwright\AppData\Local\MiniService
2016-02-23 06:36 - 2016-03-06 23:48 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\CrashDumps
2016-02-23 00:26 - 2016-02-23 00:26 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-22 09:01 - 2016-02-22 09:01 - 00000000 ____D C:\Users\s77sfrankish\AppData\Local\MiniService
2016-02-22 04:43 - 2016-03-21 09:20 - 00000000 ____D C:\ProgramData\Norton
2016-02-22 04:43 - 2016-03-09 02:59 - 00000000 ____D C:\Program Files\NortonInstaller
2016-02-22 04:43 - 2016-02-22 04:43 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-02-22 04:42 - 2016-03-09 02:56 - 00000000 ____D C:\Program Files\COMODO
2016-02-22 04:42 - 2016-02-22 04:43 - 00000000 ____D C:\ProgramData\COMODO
2016-02-22 04:42 - 2016-02-22 04:42 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\Chromium
2016-02-22 04:39 - 2016-03-21 09:19 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\MiniService
2016-02-22 04:39 - 2016-03-21 09:19 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\{F352C50E-D7FA-A9B6-BA62-8C5E9E0A70C6}
2016-02-22 04:39 - 2016-02-22 04:39 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-02-22 04:39 - 2016-02-22 04:39 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-02-22 02:48 - 2016-02-22 02:48 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\Sophos
2016-02-11 06:45 - 2016-02-11 06:45 - 00000000 ____D C:\Users\s77sfrankish\AppData\LocalLow\Adobe
2016-02-11 06:45 - 2016-02-11 06:45 - 00000000 ____D C:\Users\s77sfrankish\AppData\Local\CEF
2016-02-11 04:29 - 2016-02-11 04:29 - 00000000 ____D C:\Users\s77cwright\AppData\Local\CEF
2016-02-11 04:28 - 2016-02-11 04:28 - 00000000 ____D C:\Users\s77cwright\AppData\LocalLow\Adobe
2016-02-11 04:27 - 2016-02-11 04:27 - 00000000 ____D C:\Users\s77cwright\AppData\Local\Google
2016-02-10 06:34 - 2016-03-18 06:35 - 00000000 ____D C:\Users\s77sfrankish\AppData\Local\Google
2016-02-10 02:00 - 2016-02-10 02:37 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\Google
2016-02-10 01:58 - 2016-03-21 09:19 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\Apps\2.0
2016-02-10 01:58 - 2016-02-10 01:59 - 00000000 ____D C:\Program Files\Google
2016-02-10 01:58 - 2016-02-10 01:58 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\Deployment
2016-02-10 01:54 - 2016-02-10 01:54 - 00000000 ____D C:\Users\s77jdorney\AppData\LocalLow\Adobe
2016-02-10 01:54 - 2016-02-10 01:54 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\CEF
2016-02-10 01:53 - 2016-03-21 09:20 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-02-10 01:53 - 2016-02-10 01:53 - 00000000 ____D C:\Program Files\Adobe
2016-01-27 05:53 - 2016-01-27 05:55 - 89033218 _____ C:\Users\s77jdorney\Downloads\T-T-18196-Chinese-New-Year-Pencil-Control-and-Scissor-Skills-Pack.zip
2016-01-20 04:14 - 2016-03-21 09:20 - 00000000 ____D C:\Program Files\Sassoon Joiner fonts
 
==================== Three Months Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-23 09:42 - 2011-12-02 03:36 - 00000000 ____D C:\users\7test
2016-03-23 01:29 - 2010-11-20 13:01 - 00805592 _____ C:\Windows\System32\PerfStringBackup.INI
2016-03-23 01:29 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-03-22 04:21 - 2011-11-29 08:54 - 00000128 _____ C:\Windows\System32\config\netlogon.ftl
2016-03-21 23:12 - 2009-07-13 20:34 - 00001184 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-21 23:12 - 2009-07-13 20:34 - 00001184 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-21 09:21 - 2011-11-29 08:59 - 00000000 ___HD C:\Windows\SophosCheck
2016-03-21 09:21 - 2011-04-11 18:21 - 00000000 ____D C:\Windows\ShellNew
2016-03-21 09:21 - 2011-04-11 18:21 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-21 09:21 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\Offline Web Pages
2016-03-21 09:21 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-03-21 09:21 - 2009-07-13 20:52 - 00000000 ____D C:\Program Files\Windows Defender
2016-03-21 09:21 - 2009-07-13 18:37 - 00000000 __RSD C:\Windows\Media
2016-03-21 09:21 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\servicing
2016-03-21 09:21 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
2016-03-21 09:21 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-03-21 09:20 - 2015-07-07 15:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-21 09:20 - 2015-07-07 15:11 - 00000000 ____D C:\Program Files\Microsoft Policy Platform
2016-03-21 09:20 - 2015-04-29 04:31 - 00000000 ____D C:\users\r
2016-03-21 09:20 - 2015-01-16 07:04 - 00000000 ____D C:\users\s77bwainwright
2016-03-21 09:20 - 2014-05-23 05:30 - 00000000 ____D C:\Program Files\Microsoft CAPICOM 2.1.0.2
2016-03-21 09:20 - 2014-04-30 01:37 - 00000000 ____D C:\Program Files\Common Files\SMART Technologies
2016-03-21 09:20 - 2014-04-30 01:20 - 00000000 ____D C:\rescue
2016-03-21 09:20 - 2014-04-30 00:00 - 00000000 ____D C:\Program Files\Lame For Audacity
2016-03-21 09:20 - 2014-04-30 00:00 - 00000000 ____D C:\Program Files\Ffmpeg For Audacity
2016-03-21 09:20 - 2014-04-17 01:47 - 00000000 ____D C:\Program Files\Movie Maker 2.6
2016-03-21 09:20 - 2014-04-08 00:59 - 00000000 ____D C:\Program Files\Common Files\Sophos
2016-03-21 09:20 - 2011-12-02 03:21 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-03-21 09:20 - 2011-12-02 02:40 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-03-21 09:20 - 2011-12-02 02:28 - 00000000 ____D C:\Program Files\Common Files\Altiris
2016-03-21 09:20 - 2009-07-13 18:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-21 09:20 - 2009-07-13 18:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-21 09:19 - 2015-11-25 07:10 - 00000000 ____D C:\users\s77kwalker
2016-03-21 09:19 - 2015-10-08 04:43 - 00000000 ____D C:\users\s77eryan
2016-03-21 09:19 - 2015-07-07 15:12 - 00000000 ____D C:\Windows\ccmcache
2016-03-21 09:19 - 2015-07-07 15:12 - 00000000 ____D C:\Windows\CCM
2016-03-21 09:19 - 2015-06-29 04:57 - 00000000 ____D C:\users\s77sfrankish
2016-03-21 09:19 - 2015-05-15 03:20 - 00000000 ____D C:\users\s77cwright
2016-03-21 09:19 - 2015-04-22 04:11 - 00000000 ____D C:\users\s77sparker.SOLGRID
2016-03-21 09:19 - 2015-01-30 08:10 - 00000000 ____D C:\users\s77sbeamond
2016-03-21 09:19 - 2015-01-14 02:01 - 00000000 ____D C:\users\s77lratcliffe.SOLGRID
2016-03-21 09:19 - 2015-01-06 05:54 - 00000000 ____D C:\users\s77vknight.SOLGRID
2016-03-21 09:19 - 2015-01-06 00:36 - 00000000 ____D C:\users\s77vsmith
2016-03-21 09:19 - 2014-11-26 02:14 - 00000000 ____D C:\Users\s77jdorney\AppData\Roaming\Juniper Networks
2016-03-21 09:19 - 2014-11-26 02:14 - 00000000 ____D C:\users\s77jdorney
2016-03-21 09:19 - 2014-09-11 07:21 - 00000000 ____D C:\Users\s77localadmin\AppData\Local\Apps\2.0
2016-03-21 09:19 - 2014-04-30 23:29 - 00000000 ____D C:\Windows\Minidump
2016-03-21 09:19 - 2014-04-17 00:59 - 00000000 ____D C:\users\s77localadmin
2016-03-21 09:18 - 2014-04-17 01:39 - 00000000 ____D C:\Windows\System32\Macromed
2016-03-21 09:18 - 2009-07-13 18:37 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2016-03-21 09:17 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\spool
2016-03-21 09:17 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
2016-03-21 09:14 - 2011-12-02 02:40 - 00000000 ____D C:\ProgramData\Symantec
2016-03-21 09:14 - 2011-12-02 02:40 - 00000000 ____D C:\Program Files\Symantec
2016-03-21 09:14 - 2011-12-01 03:35 - 00000000 ____D C:\ProgramData\Sophos
2016-03-21 09:13 - 2014-04-08 00:58 - 00000000 ____D C:\Program Files\Common Files\Cisco Systems
2016-03-21 09:13 - 2011-12-01 03:35 - 00000000 ____D C:\Program Files\Sophos
2016-03-21 08:48 - 2011-11-29 08:56 - 00028227 __RSH C:\ProgramData\ntuser.pol
2016-03-21 01:23 - 2009-07-13 20:33 - 00409800 _____ C:\Windows\System32\FNTCACHE.DAT
2016-03-04 06:05 - 2015-04-22 04:17 - 00115000 _____ C:\Users\s77sparker.SOLGRID\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-22 04:39 - 2014-11-26 02:14 - 00000000 ____D C:\Users\s77jdorney\AppData\Local\Adobe
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
Restore point date: 2016-03-23 01:08
Restore point date: 2016-03-23 01:08
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {673e4d26-0cbd-11e1-bf50-d8faece55459}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {673e4d26-0cbd-11e1-bf50-d8faece55459}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\673e4d2a-0cbd-11e1-bf50-d8faece55459\Winre.wim,{673e4d2b-0cbd-11e1-bf50-d8faece55459}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\673e4d2a-0cbd-11e1-bf50-d8faece55459\Winre.wim,{673e4d2b-0cbd-11e1-bf50-d8faece55459}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {673e4d26-0cbd-11e1-bf50-d8faece55459}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {673e4d2b-0cbd-11e1-bf50-d8faece55459}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\673e4d2a-0cbd-11e1-bf50-d8faece55459\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 13%
Total physical RAM: 3281.81 MB
Available physical RAM: 2833.96 MB
Total Virtual: 3280.1 MB
Available Virtual: 2834.45 MB
 
==================== Drives ================================
 
Drive c: (System) (Fixed) (Total:465.72 GB) (Free:429.54 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:7.62 GB) (Free:7.58 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E5454221)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
 
LastRegBack: 2016-03-21 01:50
 
==================== End of FRST.txt ============================

  • 0

Advertisements

Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP