hello please help me
my pc doesn't go after login
stay with black screen even on safe mode
windows 7 ultimate
it does have a bar with windows host script
thanks
black screen windows 7 [Solved]
Started by
pcme
, Apr 02 2016 05:16 PM
-
This topic is locked
#2
Posted 02 April 2016 - 06:24 PM
pcme
- Topic Starter
-
- Member
-
- 32 posts
Member
i run the farbar recovery scan tool
here is the log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by SYSTEM on MININT-ONIV4LN (02-04-2016 17:15:51)
Running from g:\
Platform: Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-11-07] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [360448 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] wscript,
HKU\ADMIN'\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\ADMIN'\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\ADMIN'\...\Run: [Pritc] => C:\Users\ADMIN'\AppData\Local\Temp\is-06EDJ.tmp\print.exe <===== ATTENTION
HKU\ADMIN'\...\Run: [Snail Translator] => C:\Windows\Snail Translator\Snail Translator\Snail Translator.exe [454656 2016-03-23] ()
HKU\ADMIN'\...\Policies\system: [LogonHoursAction] 2
HKU\ADMIN'\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\ADMIN'\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\ADMIN'\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-13] (Microsoft Corporation)
HKU\Bryan\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-02] (Google Inc.)
HKU\Bryan\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Bryan\...\Run: ["E:\Program Files\Steam\steam.exe" -silent] => "E:\Program Files\Steam\steam.exe" -silent
HKU\Bryan\...\Run: [ooVoo.exe] => C:\Program Files\ooVoo\oovoo.exe /minimized
HKU\Bryan\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\Bryan\...\Policies\system: [LogonHoursAction] 2
HKU\Bryan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Exist\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\Exist\...\Policies\system: [LogonHoursAction] 2
HKU\Exist\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\jackie\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Walter\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-02] (Google Inc.)
HKU\Walter\...\Policies\system: [LogonHoursAction] 2
HKU\Walter\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
BootExecute: autocheck autochk * BootDefrag.exe
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S4 AxiomAudioDevMon; C:\Program Files\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)
S2 BackupService; C:\Users\ADMIN'\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-28] (www.BitComet.com)
S4 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe [69016 2016-02-05] (Google Inc.)
S4 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S4 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
S4 Fitbit; C:\Program Files\Fitbit\fitbit.exe [773152 2012-06-22] (Fitbit, Inc.)
S2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
S3 GFI LanGuard Patch Agent; C:\Windows\Patches\PatchAgent.exe [427376 2014-11-15] ()
S4 Hauppauge WinTV Extender; C:\Program Files\WinTV\Extend\wintvextender.exe [67584 2014-11-15] (Hauppauge Computer Works, Inc)
S4 HauppaugeTVServer; C:\Program Files\WinTV\TVServer\hauppaugetvserver.exe [602624 2014-11-15] (Hauppauge Computer Works)
S2 HFGService; C:\Windows\System32\HFGService.dll [413696 2009-12-21] (CSR, plc)
S2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S4 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [1415032 2013-08-04] (Raxco Software, Inc.)
S4 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2166648 2013-08-04] (Raxco Software, Inc.)
S2 proXPN VPN; C:\Program Files\proXPN\bin\proXPNService.exe [102264 2015-06-11] ()
S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S2 FFPCAutoSave; J:\PCAutoSaveSv.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [12728 2011-12-26] ()
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2016-01-28] (Broadcom Corporation.)
S0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16064 2014-06-30] (Glarysoft Ltd)
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-08] (BlueStack Systems)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [43008 2009-12-21] (CSR, plc)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
S3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [35560 2013-10-28] (CyberLink Corporation)
S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [26856 2014-02-17] (CPUID)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [61952 2009-12-21] (CSR, plc)
S2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [104088 2013-08-04] (Raxco Software, Inc.)
S2 DLABMFSM; C:\Windows\System32\Drivers\DLABMFSM.SYS [37360 2007-07-23] (Roxio)
S2 DLABOIOM; C:\Windows\System32\Drivers\DLABOIOM.SYS [32848 2007-07-23] (Roxio)
S2 DLADResM; C:\Windows\System32\Drivers\DLADResM.SYS [9104 2007-07-23] (Roxio)
S2 DLAIFS_M; C:\Windows\System32\Drivers\DLAIFS_M.SYS [108752 2007-07-23] (Roxio)
S2 DLAOPIOM; C:\Windows\System32\Drivers\DLAOPIOM.SYS [27216 2007-07-23] (Roxio)
S2 DLAPoolM; C:\Windows\System32\Drivers\DLAPoolM.SYS [16304 2007-07-23] (Roxio)
S2 DLAUDFAM; C:\Windows\System32\Drivers\DLAUDFAM.SYS [93552 2007-07-23] (Roxio)
S2 DLAUDF_M; C:\Windows\System32\Drivers\DLAUDF_M.SYS [98448 2007-07-23] (Roxio)
S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-12-03] (EldoS Corporation)
S0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-07-18] (Glarysoft Ltd)
S3 hcw72ADFilter; C:\Windows\System32\DRIVERS\hcw72ADFilter.sys [28928 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 hcw72ATV; C:\Windows\System32\DRIVERS\hcw72ATV.sys [1217920 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 hcw72DTV; C:\Windows\System32\DRIVERS\hcw72DTV.sys [1220224 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 ISODrive; C:\Users\ADMIN'\Desktop\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 MADFULEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard_DFU.sys [23304 2010-02-09] (M-Audio)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [34432 2012-10-10] (ManyCam LLC)
S3 MAUSBLEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard.sys [167304 2010-02-09] (M-Audio)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-27] (Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22656 2013-01-31] (ManyCam LLC)
S2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-12-03] (Raxco Software, Inc.)
S0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-03-20] (Duplex Secure Ltd.)
S3 SynTP_1; C:\Windows\System32\DRIVERS\SynTP_1.sys [355440 2013-02-14] (Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2015-02-05] (The OpenVPN Project)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 AtiDCM; \??\C:\AMD\Support\13-9-legacy_vista_win7_32_dd_ccc\Bin\atidcmxx.sys [X]
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\Users\ADMIN'\AppData\Local\Temp\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [X]
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S0 Partizan; system32\drivers\Partizan.sys [X]
S0 rqqahwf; System32\drivers\ntsw.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Soobzo\GDUpdate\smw.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 17:15 - 2016-04-02 17:15 - 00000000 ____D C:\FRST
2016-03-28 19:49 - 2016-03-28 19:49 - 00140488 _____ C:\Windows\Minidump\032816-29296-01.dmp
2016-03-27 21:26 - 2016-03-27 22:05 - 00002102 _____ C:\Users\ADMIN'\Desktop\Snail Translator.lnk
2016-03-27 21:26 - 2016-03-27 21:26 - 00000000 ____D C:\Windows\Snail Translator
2016-03-27 21:20 - 2016-03-27 22:05 - 00001958 _____ C:\Users\ADMIN'\Desktop\Gmail.lnk
2016-03-27 21:19 - 2016-03-27 21:19 - 00000000 ____D C:\Program Files\Common Files\Soobzo
2016-03-27 21:15 - 2016-03-27 22:04 - 00000000 ____D C:\Program Files\msrtn32
2016-03-27 21:14 - 2016-03-27 21:14 - 00000000 ____D C:\Program Files\basicData
2016-03-27 21:13 - 2016-03-27 22:04 - 00000000 ____D C:\Program Files\S5
2016-03-27 21:13 - 2016-03-27 21:13 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\c
2016-03-27 21:04 - 2016-03-28 19:49 - 210154689 ____N C:\Windows\MEMORY.DMP
2016-03-27 20:52 - 2016-03-27 22:05 - 00001032 _____ C:\Users\Public\Desktop\KNCTR.lnk
2016-03-27 20:52 - 2016-03-27 21:12 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\app
2016-03-27 20:52 - 2016-03-27 20:52 - 00000000 ____D C:\Program Files\Itibiti Soft Phone
2016-03-27 20:50 - 2016-03-30 14:41 - 00000000 ____D C:\Program Files\ContentPush
2016-03-27 20:50 - 2016-03-27 22:05 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\Store
2016-03-27 20:50 - 2016-03-27 20:50 - 06000640 _____ C:\Program Files\GUTC958.tmp
2016-03-27 20:50 - 2016-03-27 20:50 - 00631808 _____ C:\Windows\clb.dat
2016-03-27 20:50 - 2016-03-27 20:50 - 00000000 ____D C:\Program Files\GUMC919.tmp
2016-03-27 20:49 - 2016-03-27 21:25 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Setup Wizard
2016-03-27 20:41 - 2016-03-27 20:41 - 00000192 _____ C:\Windows\wininit.ini
2016-03-26 20:58 - 2016-03-26 20:58 - 00026485 _____ C:\Users\ADMIN'\Desktop\the-revenant-2015-dvdscr-xvid-ac3-etrg-english-74863.zip
2016-03-26 20:58 - 2015-12-26 08:32 - 00068720 _____ C:\Users\ADMIN'\Desktop\The.Revenant.2015.DVDScr.XviD.AC3-ETRG.srt
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Apple Computer
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\Bryan\AppData\Local\Apple Computer
2016-03-21 11:28 - 2016-03-21 11:28 - 50545909 _____ C:\Users\Bryan\Downloads\Hotline Bling.flp
2016-03-18 15:38 - 2016-03-18 15:38 - 00000000 ____D C:\Users\Exist\AppData\Local\Paint.NET
2016-03-15 20:24 - 2016-03-15 20:24 - 00068259 _____ C:\Users\Bryan\Downloads\Untitled document.pdf
2016-03-15 19:58 - 2016-03-15 19:58 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Macromedia
2016-03-15 19:58 - 2016-03-15 19:58 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Adobe
2016-03-15 19:09 - 2016-03-15 19:09 - 00000000 ____D C:\Users\Bryan\AppData\Local\GWX
2016-03-14 19:39 - 2016-03-14 19:40 - 00000000 ____D C:\Windows\rescache
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\LocalLow\Adobe
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Local\CEF
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Local\Adobe
2016-03-14 18:31 - 2016-03-14 18:31 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Apple Computer
2016-03-14 18:31 - 2016-03-14 18:31 - 00000000 ____D C:\Users\Walter\AppData\Local\Apple Computer
2016-03-14 18:22 - 2016-03-14 18:59 - 00000000 ____D C:\Users\Walter\Desktop\1
2016-03-14 17:58 - 2016-03-14 17:58 - 00000000 ____D C:\Program Files\New folder
2016-03-14 17:51 - 2016-03-14 17:51 - 00000000 ____D C:\Users\Walter\AppData\Roaming\iolo
2016-03-14 17:46 - 2016-03-14 17:46 - 00000000 ____D C:\Users\Walter\AppData\Roaming\WinRAR
2016-03-14 17:45 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Adobe
2016-03-14 17:45 - 2016-03-14 17:55 - 00000000 ____D C:\Users\Walter\AppData\Local\CrashDumps
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Sun
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\AppData\LocalLow\Sun
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\.oracle_jre_usage
2016-03-14 17:33 - 2016-03-14 18:16 - 00163712 _____ C:\Users\Walter\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-14 17:33 - 2016-03-14 17:33 - 00000000 ____D C:\Users\Walter\AppData\Local\Wondershare
2016-03-14 17:32 - 2016-03-14 17:34 - 00000000 ____D C:\Users\Walter\AppData\Local\Google
2016-03-14 17:32 - 2016-03-14 17:32 - 00000632 __RSH C:\Users\Walter\ntuser.pol
2016-03-10 16:59 - 2016-03-10 17:00 - 278483620 _____ C:\Users\Exist\Downloads\[99Sounds] Project Exodus.rar
2016-03-09 17:02 - 2016-02-09 01:50 - 00021504 _____ (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2016-03-09 17:02 - 2016-02-04 09:46 - 02387456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2016-03-09 17:01 - 2016-02-11 10:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2016-03-09 17:01 - 2016-02-11 10:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-03-09 17:01 - 2016-02-11 10:44 - 00138176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2016-03-09 17:01 - 2016-02-11 10:44 - 00067520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-03-09 17:01 - 2016-02-11 10:41 - 01310232 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-03-09 17:01 - 2016-02-11 10:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2016-03-09 17:01 - 2016-02-11 10:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00654336 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00400896 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2016-03-09 17:01 - 2016-02-11 10:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2016-03-09 17:01 - 2016-02-11 10:33 - 01060864 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2016-03-09 17:01 - 2016-02-11 10:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2016-03-09 17:01 - 2016-02-11 10:31 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-03-09 17:01 - 2016-02-11 10:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-03-09 17:01 - 2016-02-11 09:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2016-03-09 17:01 - 2016-02-11 09:37 - 00262656 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-03-09 17:01 - 2016-02-11 09:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-03-09 17:01 - 2016-02-11 09:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-03-09 17:01 - 2016-02-11 09:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2016-03-09 17:01 - 2016-02-11 09:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2016-03-09 17:01 - 2016-02-11 09:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-03-09 17:01 - 2016-02-11 09:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2016-03-09 17:01 - 2016-02-11 09:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2016-03-09 17:00 - 2016-02-08 22:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2016-03-09 17:00 - 2016-02-08 13:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2016-03-09 17:00 - 2016-02-08 12:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2016-03-09 17:00 - 2016-02-08 12:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2016-03-09 17:00 - 2016-02-08 12:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2016-03-09 17:00 - 2016-02-08 12:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2016-03-09 17:00 - 2016-02-08 12:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2016-03-09 17:00 - 2016-02-08 12:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2016-03-09 17:00 - 2016-02-08 12:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2016-03-09 17:00 - 2016-02-08 12:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2016-03-09 17:00 - 2016-02-08 12:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2016-03-09 17:00 - 2016-02-08 12:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2016-03-09 17:00 - 2016-02-08 12:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2016-03-09 17:00 - 2016-02-08 12:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2016-03-09 17:00 - 2016-02-08 12:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2016-03-09 17:00 - 2016-02-08 12:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2016-03-09 17:00 - 2016-02-08 12:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-03-09 17:00 - 2016-02-08 12:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2016-03-09 17:00 - 2016-02-08 12:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2016-03-09 17:00 - 2016-02-08 12:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2016-03-09 17:00 - 2016-02-08 12:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2016-03-09 17:00 - 2016-02-08 12:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2016-03-09 17:00 - 2016-02-08 12:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2016-03-09 17:00 - 2016-02-08 12:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 00684032 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2016-03-09 17:00 - 2016-02-08 12:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2016-03-09 17:00 - 2016-02-08 12:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2016-03-09 17:00 - 2016-02-08 11:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2016-03-09 17:00 - 2016-02-08 11:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2016-03-09 17:00 - 2016-02-08 11:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2016-03-08 16:01 - 2016-03-23 20:17 - 00000000 ____D C:\Users\Exist\AppData\Local\CrashDumps
2016-03-08 12:43 - 2016-02-19 10:50 - 00034240 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2016-03-08 12:43 - 2016-02-19 10:41 - 00958464 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2016-03-08 12:43 - 2016-02-19 06:07 - 01206784 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2016-03-08 12:43 - 2016-02-12 10:39 - 02956288 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2016-03-08 12:43 - 2016-02-12 10:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2016-03-08 12:43 - 2016-02-12 10:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2016-03-08 12:43 - 2016-02-12 10:07 - 02062848 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2016-03-08 12:43 - 2016-02-12 10:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2016-03-08 12:43 - 2016-02-12 10:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2016-03-08 12:43 - 2016-02-12 10:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2016-03-08 12:43 - 2016-02-11 06:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2016-03-08 12:43 - 2016-02-09 01:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2016-03-08 12:43 - 2016-02-09 01:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2016-03-08 12:43 - 2016-02-09 01:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2016-03-08 12:43 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2016-03-08 12:43 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2016-03-08 12:43 - 2016-02-05 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2016-03-08 12:43 - 2016-02-05 10:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2016-03-08 12:43 - 2016-02-05 10:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2016-03-08 12:43 - 2016-02-05 09:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2016-03-08 12:43 - 2016-02-05 09:43 - 00034304 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00591872 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2016-03-08 12:43 - 2016-02-04 10:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2016-03-08 12:43 - 2016-02-03 10:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2016-03-08 12:43 - 2016-02-03 10:49 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\olepro32.dll
2016-03-08 12:43 - 2016-02-03 10:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2016-03-08 12:43 - 2016-02-03 09:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2016-03-08 12:43 - 2016-01-11 10:54 - 01212352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2016-03-08 12:43 - 2015-11-19 06:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 16:08 - 2009-07-13 20:34 - 00026768 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-02 16:08 - 2009-07-13 20:34 - 00026768 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-02 16:07 - 2010-11-20 13:01 - 00689024 _____ C:\Windows\System32\PerfStringBackup.INI
2016-04-02 16:07 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-04-02 14:18 - 2015-11-07 12:19 - 01150906 _____ C:\Windows\ntbtlog.txt
2016-03-31 18:06 - 2013-06-09 10:16 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\DiskDefrag
2016-03-28 19:49 - 2013-06-17 14:17 - 00000000 ____D C:\Windows\Minidump
2016-03-27 22:07 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\L2Schemas
2016-03-27 22:05 - 2016-01-28 19:12 - 00002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-27 22:05 - 2016-01-28 19:12 - 00001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-27 22:05 - 2016-01-28 19:12 - 00001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-27 22:05 - 2016-01-05 20:13 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-03-27 22:05 - 2015-10-28 20:26 - 00000969 _____ C:\Users\Public\Desktop\BitComet.lnk
2016-03-27 22:05 - 2015-10-10 18:38 - 00001036 _____ C:\Users\Public\Desktop\4Card Recovery.lnk
2016-03-27 22:05 - 2015-07-25 11:05 - 00001410 _____ C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2016-03-27 22:05 - 2015-07-25 11:05 - 00001388 _____ C:\Users\Public\Desktop\Wondershare Media Server.lnk
2016-03-27 22:05 - 2015-07-23 19:38 - 00001292 _____ C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk
2016-03-27 22:05 - 2015-07-03 13:54 - 00001023 _____ C:\Users\ADMIN'\Desktop\proXPN.lnk
2016-03-27 22:05 - 2015-07-03 12:27 - 00002290 _____ C:\Users\ADMIN'\Desktop\Chrome App Launcher.lnk
2016-03-27 22:05 - 2015-07-03 10:18 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-03-27 22:05 - 2015-06-06 09:43 - 00001137 _____ C:\Users\ADMIN'\Desktop\System Checkup.lnk
2016-03-27 22:05 - 2015-05-10 17:47 - 00001248 _____ C:\Users\ADMIN'\Desktop\Adobe Photoshop CC 2014 (32 Bit).lnk
2016-03-27 22:05 - 2015-05-10 17:10 - 00001354 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-03-27 22:05 - 2015-05-03 17:22 - 00001122 _____ C:\Users\ADMIN'\Desktop\PC Wizard 2013.lnk
2016-03-27 22:05 - 2015-04-11 10:37 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-27 22:05 - 2015-03-11 21:52 - 00000418 _____ C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
2016-03-27 22:05 - 2015-02-07 14:35 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-27 22:05 - 2015-01-19 15:26 - 00000969 _____ C:\Users\Public\Desktop\Cool Edit Pro 2.1.lnk
2016-03-27 22:05 - 2014-12-20 13:46 - 00001765 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-03-27 22:05 - 2014-12-20 13:45 - 00001806 _____ C:\Users\Public\Desktop\Apps.lnk
2016-03-27 22:05 - 2014-12-06 20:30 - 00002028 _____ C:\Users\Public\Desktop\FoneLab.lnk
2016-03-27 22:05 - 2014-11-19 22:31 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-27 22:05 - 2014-06-22 15:03 - 00002563 _____ C:\Users\Public\Desktop\MIDI-OX.lnk
2016-03-27 22:05 - 2014-05-17 13:15 - 00001990 _____ C:\Users\Public\Desktop\FL Studio 11.lnk
2016-03-27 22:05 - 2014-05-14 20:49 - 00001042 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-03-27 22:05 - 2014-05-03 12:49 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-27 22:05 - 2014-05-03 12:49 - 00001020 _____ C:\Users\Public\Desktop\Google Drive.lnk
2016-03-27 22:05 - 2014-05-03 12:47 - 00001068 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-03-27 22:05 - 2014-05-03 12:41 - 00001131 _____ C:\Users\ADMIN'\Desktop\Auslogics DiskDefrag.lnk
2016-03-27 22:05 - 2014-05-03 11:59 - 00000606 _____ C:\Users\ADMIN'\Desktop\LiberKey.lnk
2016-03-27 22:05 - 2014-05-03 11:38 - 00002145 _____ C:\Users\ADMIN'\Desktop\System Mechanic.lnk
2016-03-27 22:05 - 2014-04-20 17:55 - 00000934 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-03-27 22:05 - 2014-03-08 11:03 - 00001211 _____ C:\Users\ADMIN'\Desktop\Product Key Explorer.lnk
2016-03-27 22:05 - 2014-02-15 13:00 - 00002105 _____ C:\Users\Public\Desktop\CyberLink YouCam 6.lnk
2016-03-27 22:05 - 2014-02-09 19:18 - 00002501 _____ C:\Users\Public\Desktop\TurboTax 2013.lnk
2016-03-27 22:05 - 2014-02-06 20:35 - 00000951 _____ C:\Users\Public\Desktop\Registry First Aid.lnk
2016-03-27 22:05 - 2014-02-02 10:22 - 00000677 _____ C:\Users\Public\Desktop\Keyboarding Pro™ 5 - Single.lnk
2016-03-27 22:05 - 2013-12-21 09:59 - 00001115 _____ C:\Users\Public\Desktop\Wise PC 1stAid.lnk
2016-03-27 22:05 - 2013-12-21 09:57 - 00001178 _____ C:\Users\Public\Desktop\Wise Data Recovery.lnk
2016-03-27 22:05 - 2013-12-09 22:00 - 00001321 _____ C:\Users\Public\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1.lnk
2016-03-27 22:05 - 2013-11-04 20:55 - 00001028 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-27 22:05 - 2013-10-27 09:03 - 00001071 _____ C:\Users\ADMIN'\Desktop\Songr.lnk
2016-03-27 22:05 - 2013-10-26 18:37 - 00001176 _____ C:\Users\Public\Desktop\Paint.NET.lnk
2016-03-27 22:05 - 2013-10-20 08:31 - 00001131 _____ C:\Users\ADMIN'\Desktop\Auslogics BoostSpeed.lnk
2016-03-27 22:05 - 2013-09-21 11:01 - 00000969 _____ C:\Users\ADMIN'\Desktop\SpeedFan.lnk
2016-03-27 22:05 - 2013-09-08 09:00 - 00001149 _____ C:\Users\ADMIN'\Desktop\Nero Express.lnk
2016-03-27 22:05 - 2013-09-02 14:48 - 00000993 _____ C:\Users\ADMIN'\Desktop\WhoCrashed.lnk
2016-03-27 22:05 - 2013-08-25 09:43 - 00001688 _____ C:\Users\ADMIN'\Desktop\Google Drive.lnk
2016-03-27 22:05 - 2013-08-04 10:55 - 00002031 _____ C:\Users\Public\Desktop\PerfectDisk 12.5.lnk
2016-03-27 22:05 - 2013-07-28 10:10 - 00001212 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Pro Edition 5.2.lnk
2016-03-27 22:05 - 2013-07-13 12:51 - 00001582 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2016-03-27 22:05 - 2013-07-13 12:23 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-27 22:05 - 2013-07-06 08:23 - 00001065 _____ C:\Users\Public\Desktop\RapidTyping.lnk
2016-03-27 22:05 - 2013-07-04 11:48 - 00001226 _____ C:\Users\ADMIN'\Desktop\Revo Uninstaller.lnk
2016-03-27 22:05 - 2013-06-15 11:42 - 00001049 _____ C:\Users\Public\Desktop\WinTV 7.lnk
2016-03-27 22:05 - 2013-06-15 09:39 - 00001963 _____ C:\Users\Public\Desktop\TotalMedia 3.5.lnk
2016-03-27 22:05 - 2013-04-20 10:38 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-03-27 22:05 - 2013-04-16 20:07 - 00002785 _____ C:\Users\Public\Desktop\Nero Video 12.lnk
2016-03-27 22:05 - 2013-04-16 20:05 - 00002055 _____ C:\Users\Public\Desktop\Nero Kwik Media.lnk
2016-03-27 22:05 - 2013-04-16 20:03 - 00002857 _____ C:\Users\Public\Desktop\Nero 12.lnk
2016-03-27 22:05 - 2013-04-16 20:02 - 00002831 _____ C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
2016-03-27 22:05 - 2013-04-13 14:26 - 00001292 _____ C:\Users\ADMIN'\Desktop\Auslogics Internet Optimizer.lnk
2016-03-27 22:05 - 2013-03-24 12:35 - 00001186 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 5.8.5 .lnk
2016-03-27 22:05 - 2013-03-20 18:13 - 00001142 _____ C:\Users\Public\Desktop\Alcohol 120%.lnk
2016-03-27 22:05 - 2013-03-05 22:00 - 00001212 _____ C:\Users\ADMIN'\Desktop\Calculator.lnk
2016-03-27 22:05 - 2013-03-03 14:35 - 00001111 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2016-03-27 22:05 - 2013-03-03 14:05 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-27 22:05 - 2013-03-02 16:08 - 00002182 _____ C:\Users\Public\Desktop\Roxio Creator Home.lnk
2016-03-27 22:05 - 2013-03-02 16:05 - 00001993 _____ C:\Users\Public\Desktop\CyberLink PowerDVD.lnk
2016-03-27 21:36 - 2014-07-12 09:56 - 00170200 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2016-03-27 21:29 - 2014-07-28 20:25 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\CrashDumps
2016-03-27 21:28 - 2013-03-03 13:20 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\BitComet
2016-03-27 21:07 - 2015-03-28 19:47 - 00000000 ____D C:\Program Files\McAfee
2016-03-27 21:07 - 2015-03-28 16:07 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-03-27 20:52 - 2015-03-28 19:51 - 00000000 ____D C:\Users\ADMIN'\AppData\LocalLow\SafeKey
2016-03-27 20:50 - 2013-03-02 16:48 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Google
2016-03-27 19:38 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\system
2016-03-27 19:09 - 2014-05-03 12:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-03-27 19:02 - 2013-03-02 16:03 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Adobe
2016-03-26 23:32 - 2013-03-03 15:10 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\vlc
2016-03-24 16:44 - 2014-06-13 15:35 - 00000000 ____D C:\Users\Exist\Desktop\flp's
2016-03-23 21:54 - 2015-04-04 00:40 - 00000000 ___SD C:\Windows\System32\GWX
2016-03-21 11:05 - 2016-01-21 19:27 - 00000000 ____D C:\Users\Bryan\AppData\Local\CrashDumps
2016-03-18 15:16 - 2014-08-15 14:47 - 00000000 ____D C:\Users\Exist\Desktop\beats
2016-03-18 14:11 - 2009-07-13 18:04 - 00000630 _____ C:\Windows\win.ini
2016-03-18 14:11 - 2009-07-13 18:04 - 00000241 _____ C:\Windows\system.ini
2016-03-15 19:38 - 2016-02-15 15:12 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\iolo
2016-03-14 17:38 - 2013-06-08 13:48 - 00000000 ____D C:\users\Walter
2016-03-12 19:19 - 2013-03-03 14:35 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2016-03-12 19:19 - 2013-03-03 14:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2016-03-12 08:44 - 2016-02-14 11:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-10 13:09 - 2014-05-03 12:49 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2016-03-10 13:08 - 2014-05-03 12:49 - 00126336 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamchameleon.sys
2016-03-10 13:08 - 2014-05-03 12:49 - 00024448 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2016-03-09 21:32 - 2014-09-21 20:49 - 00543560 _____ C:\Windows\System32\FNTCACHE.DAT
2016-03-09 17:11 - 2016-02-25 15:10 - 07613334 _____ C:\Users\Exist\Downloads\FENIX X OHGEESY - CRAZY.m4a
2016-03-09 14:00 - 2013-03-03 14:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-08 18:29 - 2014-12-10 12:59 - 00000000 ____D C:\Windows\System32\appraiser
2016-03-08 17:18 - 2013-08-14 22:12 - 00000000 ____D C:\Windows\System32\MRT
2016-03-08 17:03 - 2013-03-03 14:45 - 141270216 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
Some files in TEMP:
====================
C:\Users\ADMIN'\AppData\Local\Temp\7za.exe
C:\Users\ADMIN'\AppData\Local\Temp\catchme.dll
C:\Users\ADMIN'\AppData\Local\Temp\dxdiag.exe
C:\Users\ADMIN'\AppData\Local\Temp\IadHide5.dll
C:\Users\ADMIN'\AppData\Local\Temp\io1.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\kts16.0.0.614en-gb.exe
C:\Users\ADMIN'\AppData\Local\Temp\LPPlugin.dll
C:\Users\ADMIN'\AppData\Local\Temp\McCSPInstall.dll
C:\Users\ADMIN'\AppData\Local\Temp\mccspuninstall.exe
C:\Users\ADMIN'\AppData\Local\Temp\namebench.exe
C:\Users\ADMIN'\AppData\Local\Temp\python27.dll
C:\Users\ADMIN'\AppData\Local\Temp\s5mark_setup_aid91tid336_20160318.exe
C:\Users\ADMIN'\AppData\Local\Temp\tcl85.dll
C:\Users\ADMIN'\AppData\Local\Temp\tk85.dll
C:\Users\ADMIN'\AppData\Local\Temp\Uninstall.exe
C:\Users\Exist\AppData\Local\Temp\IadHide5.dll
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe
[2016-02-09 14:33] - [2016-01-21 21:12] - 2973184 ____A (Microsoft Corporation) 2A156D5EBF221EF2A6AE7CE452324DAC
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2015-05-12 13:12] - [2015-04-12 19:19] - 0259072 ____A (Microsoft Corporation) 0780A42DBD7D9969F9BF4A19AA4285B5
C:\Windows\System32\User32.dll
[2015-12-08 13:56] - [2015-11-10 10:39] - 0811520 ____A (Microsoft Corporation) 4C5A23AE4F5157F579C89736EA5D42CE
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (Whitelisted) =============
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 19%
Total physical RAM: 2557.61 MB
Available physical RAM: 2059.82 MB
Total Virtual: 2555.9 MB
Available Virtual: 2063.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.41 GB) (Free:2.89 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:33.02 GB) NTFS
Drive g: (MULTIBOOT) (Removable) (Total:15.11 GB) (Free:3.14 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: AB4C7F5F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 54194EBA)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 15.1 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=15.1 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=659 MB) - (Type=00)
LastRegBack: 2016-03-23 16:29
==================== End of FRST.txt ============================
#3
Posted 03 April 2016 - 04:11 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Hello pcme,
Welcome to Geekstogo.
Firstly
Did you install Teamviewer at some stage? Tell me when you come back.
For now
Download the attached fixlist.txt file and save it on the flashdrive as fixlist.txt
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
Please enter System Recovery Options, as we've done previously.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
After that
Assuming you can now boot up normally please transfer FRST to your computers desktop and run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt
So when you come back please post
- Fixlog.txt
- FRST.txt
- Addition.txt
- and tell me about Teamviewer
Attached Files
-
fixlist.txt 1.06KB
594 downloads
#4
Posted 03 April 2016 - 04:42 PM
pcme
- Topic Starter
-
- Member
-
- 32 posts
Member
hi emeraldnzl,
thank you for your help
yes i did install teamviewer
i followed your instructions but still i can't boot up normally
here is the fixlog.txt
Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by SYSTEM (2016-04-03 15:31:53) Run:1
Running from g:\
Boot Mode: Recovery
==============================================
fixlist content:
*****************
HKU\ADMIN'\...\Run: [Pritc] => C:\Users\ADMIN'\AppData\Local\Temp\is-06EDJ.tmp\print.exe <===== ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
C:\Users\ADMIN'\AppData\Local\Temp\7za.exe
C:\Users\ADMIN'\AppData\Local\Temp\catchme.dll
C:\Users\ADMIN'\AppData\Local\Temp\dxdiag.exe
C:\Users\ADMIN'\AppData\Local\Temp\IadHide5.dll
C:\Users\ADMIN'\AppData\Local\Temp\io1.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\kts16.0.0.614en-gb.exe
C:\Users\ADMIN'\AppData\Local\Temp\LPPlugin.dll
C:\Users\ADMIN'\AppData\Local\Temp\McCSPInstall.dll
C:\Users\ADMIN'\AppData\Local\Temp\mccspuninstall.exe
C:\Users\ADMIN'\AppData\Local\Temp\namebench.exe
C:\Users\ADMIN'\AppData\Local\Temp\python27.dll
C:\Users\ADMIN'\AppData\Local\Temp\s5mark_setup_aid91tid336_20160318.exe
C:\Users\ADMIN'\AppData\Local\Temp\tcl85.dll
C:\Users\ADMIN'\AppData\Local\Temp\tk85.dll
C:\Users\ADMIN'\AppData\Local\Temp\Uninstall.exe
C:\Users\Exist\AppData\Local\Temp\IadHide5.dll
*****************
HKU\ADMIN'\Software\Microsoft\Windows\CurrentVersion\Run\\Pritc => value not found.
C:\Windows\System32\GroupPolicy\Machine => moved successfully
C:\Windows\System32\GroupPolicy\GPT.ini => moved successfully
"C:\Users\ADMIN'\AppData\Local\Temp\7za.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\catchme.dll" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\dxdiag.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\IadHide5.dll" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\io1.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\jre-8u66-windows-au.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\jre-8u71-windows-au.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\kts16.0.0.614en-gb.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\LPPlugin.dll" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\McCSPInstall.dll" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\mccspuninstall.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\namebench.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\python27.dll" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\s5mark_setup_aid91tid336_20160318.exe" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\tcl85.dll" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\tk85.dll" => not found.
"C:\Users\ADMIN'\AppData\Local\Temp\Uninstall.exe" => not found.
"C:\Users\Exist\AppData\Local\Temp\IadHide5.dll" => not found.
==== End of Fixlog 15:31:54 ====
#5
Posted 03 April 2016 - 05:57 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
yes i did install teamviewer
That's fine. It's a legitimate program but it is sometimes used by people of criminal intent for malicious purposes.
Moving on
Did you try booting to Safe Mode?
If not please try.
Boot into Safe Mode:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, tap F8 continually.
3) If you are asked what mode to bootup in press Esc to boot in the default settings
4) Instead of Windows loading as normal, a menu should appear
5) Select the option to run Windows in Safe Mode.
If that works please proceed with the instruction to transfer FRST to the desktop and run the scans.
If it doesn't work please run another FRST scan from the flash drive as you did before and post back the log it generates.
#6
Posted 03 April 2016 - 06:14 PM
pcme
- Topic Starter
-
- Member
-
- 32 posts
Member
hi,
booting on safe mode didn't work
here is the new log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by SYSTEM on MININT-A7BMTM9 (03-04-2016 17:12:00)
Running from g:\
Platform: Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [APSDaemon] => "F:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\...\Winlogon: [Userinit] F:\Windows\system32\userinit.exe,
HKU\castillo\...\RunOnce: [mctadmin] => F:\Windows\System32\mctadmin.exe
HKU\castillo.poderosa\...\RunOnce: [mctadmin] => F:\Windows\System32\mctadmin.exe
HKU\castillo.poderosa.000\...\Run: [LightScribe Control Panel] => F:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\castillo.poderosa.000\...\Run: [swg] => "F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\castillo.poderosa.000\...\Run: [Facebook Update] => "F:\Users\castillo.poderosa.000\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\castillo.poderosa.000\...\Policies\system: [LogonHoursAction] 2
HKU\castillo.poderosa.000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\RunOnce: [mctadmin] => F:\Windows\System32\mctadmin.exe
HKU\Jackie\...\Run: [LightScribe Control Panel] => F:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\Jackie\...\Run: [swg] => "F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Jackie\...\RunOnce: [FlashPlayerUpdate] => F:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe -update activex
HKU\Jackie\...\Policies\system: [LogonHoursAction] 2
HKU\Jackie\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\mario\...\Run: [Sidebar] => F:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\mario\...\RunOnce: [FlashPlayerUpdate] => F:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -update plugin
HKU\mario\...\Policies\system: [LogonHoursAction] 2
HKU\mario\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\mario\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\mario\...\Policies\Explorer: [link] 0x00000000
HKU\mario\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\Mario G\...\RunOnce: [FlashPlayerUpdate] => F:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe -update activex
HKU\Mario G\...\Policies\system: [LogonHoursAction] 2
HKU\Mario G\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\NeroMediaHomeUser.4.poderosa\...\RunOnce: [mctadmin] => F:\Windows\System32\mctadmin.exe
HKU\NeroMediaHomeUser.4.poderosa.000\...\Run: [DAEMON Tools Pro Agent] => "F:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
HKU\NeroMediaHomeUser.4.poderosa.000\...\RunOnce: [mctadmin] => "F:\Windows\System32\mctadmin.exe"
HKU\NeroMediaHomeUser.4.poderosa.000\...\Policies\system: [LogonHoursAction] 2
HKU\NeroMediaHomeUser.4.poderosa.000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Predator\...\Run: [LightScribe Control Panel] => F:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\Predator\...\Run: [Aim] => "F:\Program Files\AIM\aim.exe" /d locale=en-US
HKU\Predator\...\Run: [DAEMON Tools Pro Agent] => "F:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
HKU\Predator\...\Run: [Sidebar] => F:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\Predator\...\Policies\system: [LogonHoursAction] 2
HKU\Predator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\vilma\...\Run: [LightScribe Control Panel] => F:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\vilma\...\Run: [swg] => "F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\vilma\...\Policies\system: [LogonHoursAction] 2
HKU\vilma\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Walter\...\Run: [LightScribe Control Panel] => F:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\Walter\...\Run: [Aim] => "F:\Program Files\AIM\aim.exe" /d locale=en-US
HKU\Walter\...\Run: [IDMan] => F:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKU\Walter\...\Run: [AdobeBridge] => [X]
HKU\Walter\...\Run: [DAEMON Tools Pro Agent] => "F:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
HKU\Walter\...\Policies\system: [LogonHoursAction] 2
HKU\Walter\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltimateZip Quick Start.lnk [2013-06-23]
ShortcutTarget: UltimateZip Quick Start.lnk -> E:\Program Files\UltimateZip\uzqkst.exe (No File)
BootExecute: autocheck autochk * bddel.exesasnative32
GroupPolicyUsers\S-1-5-21-2011498354-3618458672-2158645030-1005\User: Restriction <======= ATTENTION
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; F:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe [X]
S3 ACDaemon; no ImagePath
S2 ADExchange; F:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
S4 AdobeActiveFileMonitor10.0; K:\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [X]
S4 AdobeARMservice; "F:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S4 AdobeFlashPlayerUpdateSvc; F:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 Akamai; f:\program files\common files\akamai/netsession_win_ce5ba24.dll [X]
S2 Amsp; "F:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]
S2 Apple Mobile Device; "F:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 ASO3DiskOptimizer; F:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe [X]
S4 AVerRemote; F:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [X]
S4 AVerScheduleService; F:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [X]
S4 BackupService; F:\Users\mario\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [X]
S4 bgsvcgen; "F:\Windows\System32\bgsvcgen.exe" [X]
S3 BITCOMET_HELPER_SERVICE; F:\Program Files\BitComet\tools\BitCometService.exe -service [X]
S4 Bonjour Service; "F:\Program Files\Bonjour\mDNSResponder.exe" [X]
S4 BOT4Service; "F:\Program Files\Roxio\BackOnTrack\App\BService.exe" [X]
S4 BOTService; "F:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe" [X]
S4 CDScheduler; "F:\Program Files\CyberDefender\SchedulerService\SchedulerService.exe" [X]
S4 CLHNServiceForPowerDVD; F:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [X]
S2 clr_optimization_v4.0.30319_32; F:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S4 CyberLink PowerDVD 11.0 Monitor Service; "F:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe" [X]
S4 CyberLink PowerDVD 11.0 Service; "F:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe" [X]
S2 Fabs; F:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI [X]
S3 FirebirdServerMAGIXInstance; "F:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe" [X]
S4 FLEXnet Licensing Service; "F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S2 gupdate; "F:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "F:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 gusvc; "F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S2 HauppaugeTVServer; F:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe [X]
S3 hpqcxs08; F:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [X]
S2 hpqddsvc; F:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [X]
S2 HPSLPSVC; F:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [X]
S4 IDriverT; "F:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" [X]
S3 iPod Service; "F:\Program Files\iPod\bin\iPodService.exe" [X]
S2 iReboot; "F:\Program Files\NeoSmart Technologies\iReboot\iRebootd.exe" [X]
S2 KSS; "F:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" -r [X]
S4 LightScribeService; "F:\Program Files\Common Files\LightScribe\LSSrvc.exe" [X]
S4 LMIGuardianSvc; "F:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe" [X]
S4 LMIMaint; "F:\Program Files\LogMeIn\x86\RaMaint.exe" [X]
S4 LogMeIn; "F:\Program Files\LogMeIn\x86\LogMeIn.exe" [X]
S2 MAGIX StartUp Analyze Service; F:\Program Files\MAGIX\PC_Check_Tuning_2012_Download_Version\MXSAS.exe [X]
S3 Microsoft SharePoint Workspace Audit Service; "F:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice [X]
S3 MozillaMaintenance; "F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [X]
S2 MsMpSvc; "f:\Program Files\Microsoft Security Client\MsMpEng.exe" [X]
S2 MSSQL$SQLEXPRESS; "F:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [X]
S4 MSSQLServerADHelper; "F:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe" [X]
S4 MySQL; F:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe --defaults-file="F:\Program Files\MySQL\MySQL Server 5.1\my.ini" MySQL
S2 NAUpdate; "F:\Program Files\Nero\Update\NASvc.exe" [X]
S4 NeroMediaHomeService.4; "F:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe" [X]
S3 Net Driver HPZ12; F:\Windows\system32\HPZinw12.dll [X]
S4 NetMsmqActivator; "F:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X]
S4 NetPipeActivator; F:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S2 NetTalkUsrLaunchService; F:\Program Files\netTALK\nettalkl.exe --service [X]
S3 NetTalkUsrService; F:\Program Files\netTALK\nettalkd.exe --service [X]
S4 NetTcpActivator; F:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpPortSharing; F:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S2 nlsX86cc; F:\Windows\system32\nlssrv32.exe [X]
S3 ose; "F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S3 osppsvc; "F:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X]
S3 Pml Driver HPZ12; F:\Windows\system32\HPZipm12.dll [X]
S4 PS3 Media Server; "F:\Program Files\PS3 Media Server\win32\service\wrapper.exe" -s "F:\Program Files\PS3 Media Server\win32\service\wrapper.conf"
S4 PSI_SVC_2; "f:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [X]
S4 RichVideo; "F:\Program Files\CyberLink\Shared files\RichVideo.exe" [X]
S4 RoxMediaDB13; "F:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe" [X]
S4 RoxWatch12; "F:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe" [X]
S2 SkypeUpdate; "F:\Program Files\Skype\Updater\Updater.exe" [X]
S2 SlingAgentService; F:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe [X]
S2 SQLBrowser; "F:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [X]
S2 SQLWriter; "F:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [X]
S4 StarWindServiceAE; F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [X]
S3 Steam Client Service; F:\Program Files\Common Files\Steam\SteamService.exe /RunAsService [X]
S4 SwitchBoard; "F:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
S2 TuneUp.UtilitiesSvc; "F:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe" [X]
S4 UMVPFSrv; F:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [X]
S4 wlcrasvc; "F:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
S2 wlidsvc; "F:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S2 wuauserv; F:\Windows\system32\wuaueng.dll [X]
S2 wwEngineSvc; F:\Program Files\Webroot\Washer\WasherSvc.exe [X]
S2 YahooAUService; "F:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2010-09-25] (Realtek Semiconductor Corp.)
S1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [192504 2010-09-21] ()
S3 ATIAVPCI; C:\Windows\System32\DRIVERS\atinavrr.sys [1086080 2011-01-26] (ATI Technologies Inc.)
S3 AtiIrRcvr; C:\Windows\System32\DRIVERS\aticir.sys [19584 2011-01-26] (ATI Technologies Inc.)
S2 BT848; C:\Windows\System32\drivers\Bt848.sys [163840 2004-07-06] (AVerMedia Technologies, Inc.)
S1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation)
S3 hcw72ADFilter; C:\Windows\System32\DRIVERS\hcw72ADFilter.sys [28928 2010-04-23] (Hauppauge Computer Works, Inc.)
S3 hcw72ATV; C:\Windows\System32\DRIVERS\hcw72ATV.sys [1217920 2010-04-23] (Hauppauge Computer Works, Inc.)
S3 hcw72DTV; C:\Windows\System32\DRIVERS\hcw72DTV.sys [1220224 2010-04-23] (Hauppauge Computer Works, Inc.)
S3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [13952 2010-02-04] (Windows ® Win 7 DDK provider)
S0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135984 2011-10-20] (Kaspersky Lab ZAO)
S1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [13104 2011-10-20] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [588080 2012-09-14] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [23856 2011-03-10] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [19984 2009-11-02] (Kaspersky Lab)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42648 2011-09-01] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12184 2011-09-01] (Logitech, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35392 2011-09-22] (hxxp://libusb-win32.sourceforge.net)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [30360 2011-09-01] (Logitech, Inc.)
S3 MobileAdapter; C:\Windows\System32\DRIVERS\qscnusb.sys [103552 2009-09-24] (QUALCOMM Incorporated)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [193552 2012-08-30] (Microsoft Corporation)
S3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [23920 2010-04-29] (MediaMall Technologies, Inc.)
S1 nettalkd; C:\Windows\System32\DRIVERS\nettalkd.sys [26336 2012-04-29] (NetTalk Inc.)
S0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45744 2011-05-24] (Rovi Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [328552 2011-07-06] (Realtek Semiconductor Corp.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-05-21] (Duplex Secure Ltd.)
S0 SysCow; C:\Windows\System32\drivers\syscow32v.sys [81904 2010-05-23] (Sonic Solutions)
S1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [94200 2012-07-12] (Trend Micro Inc.)
S0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [257928 2012-07-12] (Trend Micro Inc.)
S0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC32.sys [38328 2012-08-24] (Trend Micro Inc.)
S3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [85816 2012-08-25] (Trend Micro Inc.)
S1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [75624 2012-07-12] (Trend Micro Inc.)
S3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [171064 2012-07-05] (Trend Micro Inc.)
S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [92304 2012-05-02] (Trend Micro Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-13] (Microsoft Corporation)
S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [186592 2010-08-28] (Jungo)
S3 Afc; no ImagePath
S3 cpudrv; \??\F:\Program Files\SystemRequirementsLab\cpudrv.sys [X]
S3 DrvAgent32; \??\F:\Windows\system32\Drivers\DrvAgent32.sys [X]
S5 HCWBT8XX; C:\Windows\System32\Drivers\HCWBT8XX.sys [280644 2002-02-28] (Hauppauge Computer Works)
S3 hitmanpro35; \??\F:\Windows\system32\drivers\hitmanpro35.sys [X]
S1 ISODrive; \??\F:\Program Files\UltraISO\drivers\ISODrive.sys [X]
S2 LMIInfo; \??\F:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; no ImagePath
S2 LMIRfsDriver; \??\F:\Windows\system32\drivers\LMIRfsDriver.sys [X]
S2 ntk_PowerDVD; \??\F:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [X]
S3 pwdrvio; \??\F:\Windows\system32\pwdrvio.sys [X]
S3 pwdspio; \??\F:\Windows\system32\pwdspio.sys [X]
S2 supersafer; no ImagePath
S3 Synth3dVsc; no ImagePath
S0 TfFsMon; no ImagePath
S3 TfNetMon; no ImagePath
S0 TFSysMon; no ImagePath
S2 TMAgent; no ImagePath
S3 tsusbhub; no ImagePath
S3 TuneUpUtilitiesDrv; \??\F:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [X]
S3 VBoxNetFlt; no ImagePath
S3 VGPU; no ImagePath
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; \??\F:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 15:25 - 2016-04-03 17:12 - 00000000 ____D C:\FRST
2016-03-31 13:48 - 2016-04-02 10:04 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2016-03-30 13:26 - 2016-03-31 06:21 - 00000000 ____D C:\RescueCD Logs
2016-03-27 20:51 - 2016-03-27 21:34 - 00000000 ____D C:\Program Files\MPC Cleaner
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-03 15:31 - 2009-07-13 18:37 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2016-03-29 13:31 - 2012-11-22 13:57 - 00000000 ____D C:\Program Files\Coupons
2016-03-18 18:32 - 2014-06-25 13:42 - 00000000 ____D C:\Temp
2016-03-17 14:08 - 2011-10-30 17:49 - 00000000 ____D C:\Users\Mario G\Desktop\New folder
2016-03-17 13:12 - 2011-12-26 00:14 - 00000000 ____D C:\Users\Mario G\Desktop\iuok
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (Whitelisted) =============
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 19%
Total physical RAM: 2557.61 MB
Available physical RAM: 2047.52 MB
Total Virtual: 2555.9 MB
Available Virtual: 2053.27 MB
==================== Drives ================================
Drive c: (New Volume) (Fixed) (Total:232.88 GB) (Free:33.02 GB) NTFS
Drive e: () (Fixed) (Total:74.41 GB) (Free:3.08 GB) NTFS
Drive g: (MULTIBOOT) (Removable) (Total:15.11 GB) (Free:3.14 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: AB4C7F5F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 54194EBA)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 15.1 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=15.1 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=659 MB) - (Type=00)
LastRegBack: 2013-02-23 00:43
==================== End of FRST.txt ============================
#7
Posted 03 April 2016 - 07:03 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Hello again pcme,
Let's see if you can do this:
Please download the tool to your flash drive.
Download Windows Repair (All In One) from here. Make sure you download the Portable Version.
It will probably come as a Zip file and you will need to right click on the Zip file and click Extract. The contents will then be extracted to a separate folder.
Double click the folder (Tweaking dot.com - Windows Repair) and a list will appear. Plug the flash drive into your sick computer.
Please enter System Recovery Options, as we've done previously.
From the Windows Repair List that shows double click the file (about the 5th one down the list) Repair_Windows.exe to run the program.
When the program opens click on the tab Start Repairs and the button Start
At the list that presents put a check (tick) in the following:
• Reset Registry Permissions
• Reset File Permissions
• Register System Files
• Repair WMI
• Repair Windows Firewall
• Repair Internet Explorer
• Repair MDAC & MS Jet
• Repair Hosts File
• Remove Policies Set By Infections
• Repair Icons
• Remove Temp Files
• Repair Proxy Settings
• Unhide Non System Files
Also put a check in the Restart/Shutdown System When Finished (lower right) box.
and in Restart System
Then click on the Start button if it doesn't do it automatically
If it asks you to back up your system please do so and continue
When it is finished come back and tell me how it went.
#8
Posted 03 April 2016 - 09:19 PM
pcme
- Topic Starter
-
- Member
-
- 32 posts
Member
hello again
Repair_Windows.exe doesn't show on the windows repair list
iam doing something wrong
please guide me
#9
Posted 03 April 2016 - 09:29 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Did you download the Portable Version?
#11
Posted 03 April 2016 - 09:32 PM
pcme
- Topic Starter
-
- Member
-
- 32 posts
Member
do i do go to command prompt?
#12
Posted 03 April 2016 - 09:34 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Just wait a bit. I am downloading it myself and testing to see why it won't work.
At first look it seems to have changed the way it works.
#14
Posted 03 April 2016 - 09:44 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
When I download it and unzip I find a folder Tweaking.com - Windows Repair
I double click on that and see a list. The 13th item on the list that presents is Windows Repair.exe or Repair Windows.exe. Try that one.
I have Windows 10 so it might be different on yours but have a look and tell me what you see.
#15
Posted 03 April 2016 - 09:52 PM
pcme
- Topic Starter
-
- Member
-
- 32 posts
Member
the 13th item on the list is is a windows repair application not ,exe
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
