Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

black screen windows 7 [Solved]


  • This topic is locked This topic is locked

#16
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Okay I have tested some more.

Go to the downloaded zip item and double click.

Right click on the Tweaking.com - Windows Repair folder and click extract.

A new folder should be extracted called tweaking.com etc. Double click and then click the folder inside - Tweaking.com - Windows Repair. A list should appear. Click on Repair_Windows and follow the prompts.


  • 0

Advertisements


#17
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

at what point do i have to plug the flash drive into the sick computer


  • 0

#18
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Once you have extracted the zip file on your flash drive and have the list with the Repair_Windows on it plug that into the compromised machine. Then do as you have done before to access the flash drive on that machine and double click Repair_Windows.

 

Windows Repair All in One should start. You should then be able to follow the instructions at post #7.


  • 0

#19
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

 access the flash drive from a command prompt or as boot option?


  • 0

#20
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

I don't know how you did it the first time but you need to get to the Command Prompt. Here is one way:

 

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

 

 

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\tweaking.com_windows_repair_aio\Tweaking.com - Windows Repair press Enter. Hopefully that will get you there.
    Note: Replace letter e with the drive letter of your flash drive.

 

 


  • 0

#21
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

hello emeraldnzl,

 

i don't know if iam doing something wrong

but after i type the command tweaking,com etc,,is telling me "is not recognized as internal or external command,operable program or batch file"

thank you for your patience 


  • 0

#22
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

also sometimes is tellling me the system cannot the specified path


  • 0

#23
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

No you are not doing anything wrong it's my mistake. I was hoping for a shortcut way to access your desktop. Unfortunately I was wrong, my apologies.

Back to using FRST.

Let's try this fix. If that doesn't work we will try a regback.

Download the attached fixlist.txt file and save it on the flashdrive as fixlist.txt

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Please enter System Recovery Options, as we've done previously.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Attached File  fixlist.txt   100bytes   114 downloads


  • 0

#24
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
hello emeraldnzl,
 
no worries
i really appreciate your help
still no luck
here is the new log
Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by SYSTEM (2016-04-04 19:33:05) Run:3
Running from g:\
Boot Mode: Recovery
 
==============================================
 
fixlist content:
*****************
GroupPolicyUsers\S-1-5-21-2011498354-3618458672-2158645030-1005\User: Restriction <======= ATTENTION
*****************
 
C:\Windows\System32\GroupPolicyUsers\S-1-5-21-2011498354-3618458672-2158645030-1005\User => moved successfully
 
==== End of Fixlog 19:33:06 ====

  • 0

#25
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Okay, let's try a RegBack.

Download the attached fixlist.txt file and save it on the flashdrive as fixlist.txt

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Please enter System Recovery Options, as we've done previously.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

When you come back to post the Fixlog.txt tell me if there has been a change.

Attached Files


  • 0

Advertisements


#26
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

still no luck

new log

Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by SYSTEM (2016-04-04 20:50:43) Run:4
Running from g:\
Boot Mode: Recovery
 
==============================================
 
fixlist content:
*****************
LastRegBack: 2013-02-23 00:43
*****************
 
DEFAULT => copied successfully to System32\config\HiveBackup
DEFAULT => restored successfully from registry back up
SAM => copied successfully to System32\config\HiveBackup
SAM => restored successfully from registry back up
SECURITY => copied successfully to System32\config\HiveBackup
SECURITY => restored successfully from registry back up
SOFTWARE => copied successfully to System32\config\HiveBackup
SOFTWARE => restored successfully from registry back up
SYSTEM => copied successfully to System32\config\HiveBackup
SYSTEM => restored successfully from registry back up
 
==== End of Fixlog 20:50:55 ====

  • 0

#27
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Hmm... let's run another FRST scan and see if it shows any change.


  • 0

#28
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

here it is

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by SYSTEM on MININT-QS5VPB8 (04-04-2016 21:11:45)
Running from g:\
Platform: Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-11-07] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [360448 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] wscript,
HKU\ADMIN'\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\ADMIN'\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\ADMIN'\...\Run: [Pritc] => C:\Users\ADMIN'\AppData\Local\Temp\is-06EDJ.tmp\print.exe <===== ATTENTION
HKU\ADMIN'\...\Run: [Snail Translator] => C:\Windows\Snail Translator\Snail Translator\Snail Translator.exe [454656 2016-03-23] ()
HKU\ADMIN'\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\ADMIN'\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-13] (Microsoft Corporation)
HKU\Bryan\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-02] (Google Inc.)
HKU\Bryan\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Bryan\...\Run: ["E:\Program Files\Steam\steam.exe" -silent] => "E:\Program Files\Steam\steam.exe" -silent
HKU\Bryan\...\Run: [ooVoo.exe] => C:\Program Files\ooVoo\oovoo.exe /minimized
HKU\Bryan\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\Bryan\...\Policies\system: [LogonHoursAction] 2
HKU\Bryan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Exist\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\Exist\...\Policies\system: [LogonHoursAction] 2
HKU\Exist\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\jackie\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Walter\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-02] (Google Inc.)
HKU\Walter\...\Policies\system: [LogonHoursAction] 2
HKU\Walter\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
BootExecute: autocheck autochk *  BootDefrag.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S4 AxiomAudioDevMon; C:\Program Files\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)
S2 BackupService; C:\Users\ADMIN'\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-28] (www.BitComet.com)
S4 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe [69016 2016-02-05] (Google Inc.)
S4 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S4 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
S4 Fitbit; C:\Program Files\Fitbit\fitbit.exe [773152 2012-06-22] (Fitbit, Inc.)
S2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
S3 GFI LanGuard Patch Agent; C:\Windows\Patches\PatchAgent.exe [427376 2014-11-15] ()
S4 Hauppauge WinTV Extender; C:\Program Files\WinTV\Extend\wintvextender.exe [67584 2014-11-15] (Hauppauge Computer Works, Inc)
S4 HauppaugeTVServer; C:\Program Files\WinTV\TVServer\hauppaugetvserver.exe [602624 2014-11-15] (Hauppauge Computer Works)
S2 HFGService; C:\Windows\System32\HFGService.dll [413696 2009-12-21] (CSR, plc)
S2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S4 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [1415032 2013-08-04] (Raxco Software, Inc.)
S4 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2166648 2013-08-04] (Raxco Software, Inc.)
S2 proXPN VPN; C:\Program Files\proXPN\bin\proXPNService.exe [102264 2015-06-11] ()
S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S2 FFPCAutoSave; J:\PCAutoSaveSv.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [12728 2011-12-26] ()
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2016-01-28] (Broadcom Corporation.)
S0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16064 2014-06-30] (Glarysoft Ltd)
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-08] (BlueStack Systems)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [43008 2009-12-21] (CSR, plc)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
S3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [35560 2013-10-28] (CyberLink Corporation)
S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [26856 2014-02-17] (CPUID)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [61952 2009-12-21] (CSR, plc)
S2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [104088 2013-08-04] (Raxco Software, Inc.)
S2 DLABMFSM; C:\Windows\System32\Drivers\DLABMFSM.SYS [37360 2007-07-23] (Roxio)
S2 DLABOIOM; C:\Windows\System32\Drivers\DLABOIOM.SYS [32848 2007-07-23] (Roxio)
S2 DLADResM; C:\Windows\System32\Drivers\DLADResM.SYS [9104 2007-07-23] (Roxio)
S2 DLAIFS_M; C:\Windows\System32\Drivers\DLAIFS_M.SYS [108752 2007-07-23] (Roxio)
S2 DLAOPIOM; C:\Windows\System32\Drivers\DLAOPIOM.SYS [27216 2007-07-23] (Roxio)
S2 DLAPoolM; C:\Windows\System32\Drivers\DLAPoolM.SYS [16304 2007-07-23] (Roxio)
S2 DLAUDFAM; C:\Windows\System32\Drivers\DLAUDFAM.SYS [93552 2007-07-23] (Roxio)
S2 DLAUDF_M; C:\Windows\System32\Drivers\DLAUDF_M.SYS [98448 2007-07-23] (Roxio)
S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-12-03] (EldoS Corporation)
S0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-07-18] (Glarysoft Ltd)
S3 hcw72ADFilter; C:\Windows\System32\DRIVERS\hcw72ADFilter.sys [28928 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 hcw72ATV; C:\Windows\System32\DRIVERS\hcw72ATV.sys [1217920 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 hcw72DTV; C:\Windows\System32\DRIVERS\hcw72DTV.sys [1220224 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 ISODrive; C:\Users\ADMIN'\Desktop\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 MADFULEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard_DFU.sys [23304 2010-02-09] (M-Audio)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [34432 2012-10-10] (ManyCam LLC)
S3 MAUSBLEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard.sys [167304 2010-02-09] (M-Audio)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-27] (Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22656 2013-01-31] (ManyCam LLC)
S2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-12-03] (Raxco Software, Inc.)
S0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-03-20] (Duplex Secure Ltd.)
S3 SynTP_1; C:\Windows\System32\DRIVERS\SynTP_1.sys [355440 2013-02-14] (Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2015-02-05] (The OpenVPN Project)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 AtiDCM; \??\C:\AMD\Support\13-9-legacy_vista_win7_32_dd_ccc\Bin\atidcmxx.sys [X]
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\Users\ADMIN'\AppData\Local\Temp\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [X]
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S0 Partizan; system32\drivers\Partizan.sys [X]
S0 rqqahwf; System32\drivers\ntsw.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Soobzo\GDUpdate\smw.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-02 17:15 - 2016-04-04 21:11 - 00000000 ____D C:\FRST
2016-03-28 19:49 - 2016-03-28 19:49 - 00140488 _____ C:\Windows\Minidump\032816-29296-01.dmp
2016-03-27 21:26 - 2016-03-27 22:05 - 00002102 _____ C:\Users\ADMIN'\Desktop\Snail Translator.lnk
2016-03-27 21:26 - 2016-03-27 21:26 - 00000000 ____D C:\Windows\Snail Translator
2016-03-27 21:20 - 2016-03-27 22:05 - 00001958 _____ C:\Users\ADMIN'\Desktop\Gmail.lnk
2016-03-27 21:19 - 2016-03-27 21:19 - 00000000 ____D C:\Program Files\Common Files\Soobzo
2016-03-27 21:15 - 2016-03-27 22:04 - 00000000 ____D C:\Program Files\msrtn32
2016-03-27 21:14 - 2016-03-27 21:14 - 00000000 ____D C:\Program Files\basicData
2016-03-27 21:13 - 2016-03-27 22:04 - 00000000 ____D C:\Program Files\S5
2016-03-27 21:13 - 2016-03-27 21:13 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\c
2016-03-27 21:04 - 2016-03-28 19:49 - 210154689 ____N C:\Windows\MEMORY.DMP
2016-03-27 20:52 - 2016-03-27 22:05 - 00001032 _____ C:\Users\Public\Desktop\KNCTR.lnk
2016-03-27 20:52 - 2016-03-27 21:12 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\app
2016-03-27 20:52 - 2016-03-27 20:52 - 00000000 ____D C:\Program Files\Itibiti Soft Phone
2016-03-27 20:50 - 2016-03-30 14:41 - 00000000 ____D C:\Program Files\ContentPush
2016-03-27 20:50 - 2016-03-27 22:05 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\Store
2016-03-27 20:50 - 2016-03-27 20:50 - 06000640 _____ C:\Program Files\GUTC958.tmp
2016-03-27 20:50 - 2016-03-27 20:50 - 00631808 _____ C:\Windows\clb.dat
2016-03-27 20:50 - 2016-03-27 20:50 - 00000000 ____D C:\Program Files\GUMC919.tmp
2016-03-27 20:49 - 2016-03-27 21:25 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Setup Wizard
2016-03-27 20:41 - 2016-03-27 20:41 - 00000192 _____ C:\Windows\wininit.ini
2016-03-26 20:58 - 2016-03-26 20:58 - 00026485 _____ C:\Users\ADMIN'\Desktop\the-revenant-2015-dvdscr-xvid-ac3-etrg-english-74863.zip
2016-03-26 20:58 - 2015-12-26 08:32 - 00068720 _____ C:\Users\ADMIN'\Desktop\The.Revenant.2015.DVDScr.XviD.AC3-ETRG.srt
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Apple Computer
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\Bryan\AppData\Local\Apple Computer
2016-03-21 11:28 - 2016-03-21 11:28 - 50545909 _____ C:\Users\Bryan\Downloads\Hotline Bling.flp
2016-03-18 15:38 - 2016-03-18 15:38 - 00000000 ____D C:\Users\Exist\AppData\Local\Paint.NET
2016-03-15 20:24 - 2016-03-15 20:24 - 00068259 _____ C:\Users\Bryan\Downloads\Untitled document.pdf
2016-03-15 19:58 - 2016-03-15 19:58 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Macromedia
2016-03-15 19:58 - 2016-03-15 19:58 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Adobe
2016-03-15 19:09 - 2016-03-15 19:09 - 00000000 ____D C:\Users\Bryan\AppData\Local\GWX
2016-03-14 19:39 - 2016-03-14 19:40 - 00000000 ____D C:\Windows\rescache
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\LocalLow\Adobe
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Local\CEF
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Local\Adobe
2016-03-14 18:31 - 2016-03-14 18:31 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Apple Computer
2016-03-14 18:31 - 2016-03-14 18:31 - 00000000 ____D C:\Users\Walter\AppData\Local\Apple Computer
2016-03-14 18:22 - 2016-03-14 18:59 - 00000000 ____D C:\Users\Walter\Desktop\1
2016-03-14 17:58 - 2016-03-14 17:58 - 00000000 ____D C:\Program Files\New folder
2016-03-14 17:51 - 2016-03-14 17:51 - 00000000 ____D C:\Users\Walter\AppData\Roaming\iolo
2016-03-14 17:46 - 2016-03-14 17:46 - 00000000 ____D C:\Users\Walter\AppData\Roaming\WinRAR
2016-03-14 17:45 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Adobe
2016-03-14 17:45 - 2016-03-14 17:55 - 00000000 ____D C:\Users\Walter\AppData\Local\CrashDumps
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Sun
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\AppData\LocalLow\Sun
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\.oracle_jre_usage
2016-03-14 17:33 - 2016-03-14 18:16 - 00163712 _____ C:\Users\Walter\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-14 17:33 - 2016-03-14 17:33 - 00000000 ____D C:\Users\Walter\AppData\Local\Wondershare
2016-03-14 17:32 - 2016-03-14 17:34 - 00000000 ____D C:\Users\Walter\AppData\Local\Google
2016-03-14 17:32 - 2016-03-14 17:32 - 00000632 __RSH C:\Users\Walter\ntuser.pol
2016-03-10 16:59 - 2016-03-10 17:00 - 278483620 _____ C:\Users\Exist\Downloads\[99Sounds] Project Exodus.rar
2016-03-09 17:02 - 2016-02-09 01:50 - 00021504 _____ (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2016-03-09 17:02 - 2016-02-04 09:46 - 02387456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2016-03-09 17:01 - 2016-02-11 10:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2016-03-09 17:01 - 2016-02-11 10:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-03-09 17:01 - 2016-02-11 10:44 - 00138176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2016-03-09 17:01 - 2016-02-11 10:44 - 00067520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-03-09 17:01 - 2016-02-11 10:41 - 01310232 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-03-09 17:01 - 2016-02-11 10:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2016-03-09 17:01 - 2016-02-11 10:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00654336 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00400896 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2016-03-09 17:01 - 2016-02-11 10:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2016-03-09 17:01 - 2016-02-11 10:33 - 01060864 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2016-03-09 17:01 - 2016-02-11 10:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2016-03-09 17:01 - 2016-02-11 10:31 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-03-09 17:01 - 2016-02-11 10:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-03-09 17:01 - 2016-02-11 09:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2016-03-09 17:01 - 2016-02-11 09:37 - 00262656 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-03-09 17:01 - 2016-02-11 09:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-03-09 17:01 - 2016-02-11 09:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-03-09 17:01 - 2016-02-11 09:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2016-03-09 17:01 - 2016-02-11 09:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2016-03-09 17:01 - 2016-02-11 09:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-03-09 17:01 - 2016-02-11 09:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2016-03-09 17:01 - 2016-02-11 09:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2016-03-09 17:00 - 2016-02-08 22:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2016-03-09 17:00 - 2016-02-08 13:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2016-03-09 17:00 - 2016-02-08 12:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2016-03-09 17:00 - 2016-02-08 12:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2016-03-09 17:00 - 2016-02-08 12:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2016-03-09 17:00 - 2016-02-08 12:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2016-03-09 17:00 - 2016-02-08 12:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2016-03-09 17:00 - 2016-02-08 12:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2016-03-09 17:00 - 2016-02-08 12:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2016-03-09 17:00 - 2016-02-08 12:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2016-03-09 17:00 - 2016-02-08 12:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2016-03-09 17:00 - 2016-02-08 12:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2016-03-09 17:00 - 2016-02-08 12:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2016-03-09 17:00 - 2016-02-08 12:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2016-03-09 17:00 - 2016-02-08 12:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2016-03-09 17:00 - 2016-02-08 12:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2016-03-09 17:00 - 2016-02-08 12:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-03-09 17:00 - 2016-02-08 12:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2016-03-09 17:00 - 2016-02-08 12:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2016-03-09 17:00 - 2016-02-08 12:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2016-03-09 17:00 - 2016-02-08 12:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2016-03-09 17:00 - 2016-02-08 12:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2016-03-09 17:00 - 2016-02-08 12:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2016-03-09 17:00 - 2016-02-08 12:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 00684032 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2016-03-09 17:00 - 2016-02-08 12:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2016-03-09 17:00 - 2016-02-08 12:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2016-03-09 17:00 - 2016-02-08 11:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2016-03-09 17:00 - 2016-02-08 11:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2016-03-09 17:00 - 2016-02-08 11:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2016-03-08 16:01 - 2016-03-23 20:17 - 00000000 ____D C:\Users\Exist\AppData\Local\CrashDumps
2016-03-08 12:43 - 2016-02-19 10:50 - 00034240 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2016-03-08 12:43 - 2016-02-19 10:41 - 00958464 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2016-03-08 12:43 - 2016-02-19 06:07 - 01206784 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2016-03-08 12:43 - 2016-02-12 10:39 - 02956288 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2016-03-08 12:43 - 2016-02-12 10:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2016-03-08 12:43 - 2016-02-12 10:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2016-03-08 12:43 - 2016-02-12 10:07 - 02062848 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2016-03-08 12:43 - 2016-02-12 10:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2016-03-08 12:43 - 2016-02-12 10:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2016-03-08 12:43 - 2016-02-12 10:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2016-03-08 12:43 - 2016-02-11 06:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2016-03-08 12:43 - 2016-02-09 01:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2016-03-08 12:43 - 2016-02-09 01:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2016-03-08 12:43 - 2016-02-09 01:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2016-03-08 12:43 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2016-03-08 12:43 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2016-03-08 12:43 - 2016-02-05 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2016-03-08 12:43 - 2016-02-05 10:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2016-03-08 12:43 - 2016-02-05 10:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2016-03-08 12:43 - 2016-02-05 09:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2016-03-08 12:43 - 2016-02-05 09:43 - 00034304 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00591872 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2016-03-08 12:43 - 2016-02-04 10:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2016-03-08 12:43 - 2016-02-03 10:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2016-03-08 12:43 - 2016-02-03 10:49 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\olepro32.dll
2016-03-08 12:43 - 2016-02-03 10:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2016-03-08 12:43 - 2016-02-03 09:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2016-03-08 12:43 - 2016-01-11 10:54 - 01212352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2016-03-08 12:43 - 2015-11-19 06:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-04 20:00 - 2009-07-13 20:34 - 00026768 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-04 20:00 - 2009-07-13 20:34 - 00026768 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-04 19:56 - 2010-11-20 13:01 - 00689024 _____ C:\Windows\System32\PerfStringBackup.INI
2016-04-04 19:56 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-04-04 19:23 - 2009-07-13 18:37 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2016-04-04 18:24 - 2016-01-21 20:45 - 00000008 __RSH C:\Users\ADMIN'\ntuser.pol
2016-04-04 18:24 - 2013-03-02 15:52 - 00000000 ____D C:\users\ADMIN'
2016-04-03 20:28 - 2015-11-07 12:19 - 01396876 _____ C:\Windows\ntbtlog.txt
2016-03-31 18:06 - 2013-06-09 10:16 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\DiskDefrag
2016-03-28 19:49 - 2013-06-17 14:17 - 00000000 ____D C:\Windows\Minidump
2016-03-27 22:07 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\L2Schemas
2016-03-27 22:05 - 2016-01-28 19:12 - 00002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-27 22:05 - 2016-01-28 19:12 - 00001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-27 22:05 - 2016-01-28 19:12 - 00001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-27 22:05 - 2016-01-05 20:13 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-03-27 22:05 - 2015-10-28 20:26 - 00000969 _____ C:\Users\Public\Desktop\BitComet.lnk
2016-03-27 22:05 - 2015-10-10 18:38 - 00001036 _____ C:\Users\Public\Desktop\4Card Recovery.lnk
2016-03-27 22:05 - 2015-07-25 11:05 - 00001410 _____ C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2016-03-27 22:05 - 2015-07-25 11:05 - 00001388 _____ C:\Users\Public\Desktop\Wondershare Media Server.lnk
2016-03-27 22:05 - 2015-07-23 19:38 - 00001292 _____ C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk
2016-03-27 22:05 - 2015-07-03 13:54 - 00001023 _____ C:\Users\ADMIN'\Desktop\proXPN.lnk
2016-03-27 22:05 - 2015-07-03 12:27 - 00002290 _____ C:\Users\ADMIN'\Desktop\Chrome App Launcher.lnk
2016-03-27 22:05 - 2015-07-03 10:18 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-03-27 22:05 - 2015-06-06 09:43 - 00001137 _____ C:\Users\ADMIN'\Desktop\System Checkup.lnk
2016-03-27 22:05 - 2015-05-10 17:47 - 00001248 _____ C:\Users\ADMIN'\Desktop\Adobe Photoshop CC 2014 (32 Bit).lnk
2016-03-27 22:05 - 2015-05-10 17:10 - 00001354 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-03-27 22:05 - 2015-05-03 17:22 - 00001122 _____ C:\Users\ADMIN'\Desktop\PC Wizard 2013.lnk
2016-03-27 22:05 - 2015-04-11 10:37 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-27 22:05 - 2015-03-11 21:52 - 00000418 _____ C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
2016-03-27 22:05 - 2015-02-07 14:35 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-27 22:05 - 2015-01-19 15:26 - 00000969 _____ C:\Users\Public\Desktop\Cool Edit Pro 2.1.lnk
2016-03-27 22:05 - 2014-12-20 13:46 - 00001765 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-03-27 22:05 - 2014-12-20 13:45 - 00001806 _____ C:\Users\Public\Desktop\Apps.lnk
2016-03-27 22:05 - 2014-12-06 20:30 - 00002028 _____ C:\Users\Public\Desktop\FoneLab.lnk
2016-03-27 22:05 - 2014-11-19 22:31 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-27 22:05 - 2014-06-22 15:03 - 00002563 _____ C:\Users\Public\Desktop\MIDI-OX.lnk
2016-03-27 22:05 - 2014-05-17 13:15 - 00001990 _____ C:\Users\Public\Desktop\FL Studio 11.lnk
2016-03-27 22:05 - 2014-05-14 20:49 - 00001042 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-03-27 22:05 - 2014-05-03 12:49 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-27 22:05 - 2014-05-03 12:49 - 00001020 _____ C:\Users\Public\Desktop\Google Drive.lnk
2016-03-27 22:05 - 2014-05-03 12:47 - 00001068 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-03-27 22:05 - 2014-05-03 12:41 - 00001131 _____ C:\Users\ADMIN'\Desktop\Auslogics DiskDefrag.lnk
2016-03-27 22:05 - 2014-05-03 11:59 - 00000606 _____ C:\Users\ADMIN'\Desktop\LiberKey.lnk
2016-03-27 22:05 - 2014-05-03 11:38 - 00002145 _____ C:\Users\ADMIN'\Desktop\System Mechanic.lnk
2016-03-27 22:05 - 2014-04-20 17:55 - 00000934 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-03-27 22:05 - 2014-03-08 11:03 - 00001211 _____ C:\Users\ADMIN'\Desktop\Product Key Explorer.lnk
2016-03-27 22:05 - 2014-02-15 13:00 - 00002105 _____ C:\Users\Public\Desktop\CyberLink YouCam 6.lnk
2016-03-27 22:05 - 2014-02-09 19:18 - 00002501 _____ C:\Users\Public\Desktop\TurboTax 2013.lnk
2016-03-27 22:05 - 2014-02-06 20:35 - 00000951 _____ C:\Users\Public\Desktop\Registry First Aid.lnk
2016-03-27 22:05 - 2014-02-02 10:22 - 00000677 _____ C:\Users\Public\Desktop\Keyboarding Pro™ 5 - Single.lnk
2016-03-27 22:05 - 2013-12-21 09:59 - 00001115 _____ C:\Users\Public\Desktop\Wise PC 1stAid.lnk
2016-03-27 22:05 - 2013-12-21 09:57 - 00001178 _____ C:\Users\Public\Desktop\Wise Data Recovery.lnk
2016-03-27 22:05 - 2013-12-09 22:00 - 00001321 _____ C:\Users\Public\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1.lnk
2016-03-27 22:05 - 2013-11-04 20:55 - 00001028 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-27 22:05 - 2013-10-27 09:03 - 00001071 _____ C:\Users\ADMIN'\Desktop\Songr.lnk
2016-03-27 22:05 - 2013-10-26 18:37 - 00001176 _____ C:\Users\Public\Desktop\Paint.NET.lnk
2016-03-27 22:05 - 2013-10-20 08:31 - 00001131 _____ C:\Users\ADMIN'\Desktop\Auslogics BoostSpeed.lnk
2016-03-27 22:05 - 2013-09-21 11:01 - 00000969 _____ C:\Users\ADMIN'\Desktop\SpeedFan.lnk
2016-03-27 22:05 - 2013-09-08 09:00 - 00001149 _____ C:\Users\ADMIN'\Desktop\Nero Express.lnk
2016-03-27 22:05 - 2013-09-02 14:48 - 00000993 _____ C:\Users\ADMIN'\Desktop\WhoCrashed.lnk
2016-03-27 22:05 - 2013-08-25 09:43 - 00001688 _____ C:\Users\ADMIN'\Desktop\Google Drive.lnk
2016-03-27 22:05 - 2013-08-04 10:55 - 00002031 _____ C:\Users\Public\Desktop\PerfectDisk 12.5.lnk
2016-03-27 22:05 - 2013-07-28 10:10 - 00001212 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Pro Edition 5.2.lnk
2016-03-27 22:05 - 2013-07-13 12:51 - 00001582 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2016-03-27 22:05 - 2013-07-13 12:23 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-27 22:05 - 2013-07-06 08:23 - 00001065 _____ C:\Users\Public\Desktop\RapidTyping.lnk
2016-03-27 22:05 - 2013-07-04 11:48 - 00001226 _____ C:\Users\ADMIN'\Desktop\Revo Uninstaller.lnk
2016-03-27 22:05 - 2013-06-15 11:42 - 00001049 _____ C:\Users\Public\Desktop\WinTV 7.lnk
2016-03-27 22:05 - 2013-06-15 09:39 - 00001963 _____ C:\Users\Public\Desktop\TotalMedia 3.5.lnk
2016-03-27 22:05 - 2013-04-20 10:38 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-03-27 22:05 - 2013-04-16 20:07 - 00002785 _____ C:\Users\Public\Desktop\Nero Video 12.lnk
2016-03-27 22:05 - 2013-04-16 20:05 - 00002055 _____ C:\Users\Public\Desktop\Nero Kwik Media.lnk
2016-03-27 22:05 - 2013-04-16 20:03 - 00002857 _____ C:\Users\Public\Desktop\Nero 12.lnk
2016-03-27 22:05 - 2013-04-16 20:02 - 00002831 _____ C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
2016-03-27 22:05 - 2013-04-13 14:26 - 00001292 _____ C:\Users\ADMIN'\Desktop\Auslogics Internet Optimizer.lnk
2016-03-27 22:05 - 2013-03-24 12:35 - 00001186 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 5.8.5 .lnk
2016-03-27 22:05 - 2013-03-20 18:13 - 00001142 _____ C:\Users\Public\Desktop\Alcohol 120%.lnk
2016-03-27 22:05 - 2013-03-05 22:00 - 00001212 _____ C:\Users\ADMIN'\Desktop\Calculator.lnk
2016-03-27 22:05 - 2013-03-03 14:35 - 00001111 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2016-03-27 22:05 - 2013-03-03 14:05 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-27 22:05 - 2013-03-02 16:08 - 00002182 _____ C:\Users\Public\Desktop\Roxio Creator Home.lnk
2016-03-27 22:05 - 2013-03-02 16:05 - 00001993 _____ C:\Users\Public\Desktop\CyberLink PowerDVD.lnk
2016-03-27 21:36 - 2014-07-12 09:56 - 00170200 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2016-03-27 21:29 - 2014-07-28 20:25 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\CrashDumps
2016-03-27 21:28 - 2013-03-03 13:20 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\BitComet
2016-03-27 21:07 - 2015-03-28 19:47 - 00000000 ____D C:\Program Files\McAfee
2016-03-27 21:07 - 2015-03-28 16:07 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-03-27 20:52 - 2015-03-28 19:51 - 00000000 ____D C:\Users\ADMIN'\AppData\LocalLow\SafeKey
2016-03-27 20:50 - 2013-03-02 16:48 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Google
2016-03-27 19:38 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\system
2016-03-27 19:09 - 2014-05-03 12:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-03-27 19:02 - 2013-03-02 16:03 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Adobe
2016-03-26 23:32 - 2013-03-03 15:10 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\vlc
2016-03-24 16:44 - 2014-06-13 15:35 - 00000000 ____D C:\Users\Exist\Desktop\flp's
2016-03-23 21:54 - 2015-04-04 00:40 - 00000000 ___SD C:\Windows\System32\GWX
2016-03-21 11:05 - 2016-01-21 19:27 - 00000000 ____D C:\Users\Bryan\AppData\Local\CrashDumps
2016-03-18 15:16 - 2014-08-15 14:47 - 00000000 ____D C:\Users\Exist\Desktop\beats
2016-03-18 14:11 - 2009-07-13 18:04 - 00000630 _____ C:\Windows\win.ini
2016-03-18 14:11 - 2009-07-13 18:04 - 00000241 _____ C:\Windows\system.ini
2016-03-15 19:38 - 2016-02-15 15:12 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\iolo
2016-03-14 17:38 - 2013-06-08 13:48 - 00000000 ____D C:\users\Walter
2016-03-12 19:19 - 2013-03-03 14:35 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2016-03-12 19:19 - 2013-03-03 14:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2016-03-12 08:44 - 2016-02-14 11:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-10 13:09 - 2014-05-03 12:49 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2016-03-10 13:08 - 2014-05-03 12:49 - 00126336 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamchameleon.sys
2016-03-10 13:08 - 2014-05-03 12:49 - 00024448 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2016-03-09 21:32 - 2014-09-21 20:49 - 00543560 _____ C:\Windows\System32\FNTCACHE.DAT
2016-03-09 17:11 - 2016-02-25 15:10 - 07613334 _____ C:\Users\Exist\Downloads\FENIX X OHGEESY - CRAZY.m4a
2016-03-09 14:00 - 2013-03-03 14:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-08 18:29 - 2014-12-10 12:59 - 00000000 ____D C:\Windows\System32\appraiser
2016-03-08 17:18 - 2013-08-14 22:12 - 00000000 ____D C:\Windows\System32\MRT
2016-03-08 17:03 - 2013-03-03 14:45 - 141270216 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
 
Some files in TEMP:
====================
C:\Users\ADMIN'\AppData\Local\Temp\7za.exe
C:\Users\ADMIN'\AppData\Local\Temp\catchme.dll
C:\Users\ADMIN'\AppData\Local\Temp\dxdiag.exe
C:\Users\ADMIN'\AppData\Local\Temp\IadHide5.dll
C:\Users\ADMIN'\AppData\Local\Temp\io1.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\kts16.0.0.614en-gb.exe
C:\Users\ADMIN'\AppData\Local\Temp\LPPlugin.dll
C:\Users\ADMIN'\AppData\Local\Temp\McCSPInstall.dll
C:\Users\ADMIN'\AppData\Local\Temp\mccspuninstall.exe
C:\Users\ADMIN'\AppData\Local\Temp\namebench.exe
C:\Users\ADMIN'\AppData\Local\Temp\python27.dll
C:\Users\ADMIN'\AppData\Local\Temp\s5mark_setup_aid91tid336_20160318.exe
C:\Users\ADMIN'\AppData\Local\Temp\tcl85.dll
C:\Users\ADMIN'\AppData\Local\Temp\tk85.dll
C:\Users\ADMIN'\AppData\Local\Temp\Uninstall.exe
C:\Users\Exist\AppData\Local\Temp\IadHide5.dll
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe
[2016-02-09 14:33] - [2016-01-21 21:12] - 2973184 ____A (Microsoft Corporation) 2A156D5EBF221EF2A6AE7CE452324DAC
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2015-05-12 13:12] - [2015-04-12 19:19] - 0259072 ____A (Microsoft Corporation) 0780A42DBD7D9969F9BF4A19AA4285B5
 
C:\Windows\System32\User32.dll
[2015-12-08 13:56] - [2015-11-10 10:39] - 0811520 ____A (Microsoft Corporation) 4C5A23AE4F5157F579C89736EA5D42CE
 
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 19%
Total physical RAM: 2557.61 MB
Available physical RAM: 2060.15 MB
Total Virtual: 2555.9 MB
Available Virtual: 2070.4 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.41 GB) (Free:2.99 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:32.9 GB) NTFS
Drive g: (MULTIBOOT) (Removable) (Total:14.9 GB) (Free:2.78 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: AB4C7F5F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 54194EBA)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)
 
 
LastRegBack: 2016-03-23 16:29
 
==================== End of FRST.txt ============================

  • 0

#29
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

here it is

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by SYSTEM on MININT-QS5VPB8 (04-04-2016 21:11:45)
Running from g:\
Platform: Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-11-07] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [360448 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] wscript,
HKU\ADMIN'\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\ADMIN'\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\ADMIN'\...\Run: [Pritc] => C:\Users\ADMIN'\AppData\Local\Temp\is-06EDJ.tmp\print.exe <===== ATTENTION
HKU\ADMIN'\...\Run: [Snail Translator] => C:\Windows\Snail Translator\Snail Translator\Snail Translator.exe [454656 2016-03-23] ()
HKU\ADMIN'\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\ADMIN'\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-13] (Microsoft Corporation)
HKU\Bryan\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-02] (Google Inc.)
HKU\Bryan\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Bryan\...\Run: ["E:\Program Files\Steam\steam.exe" -silent] => "E:\Program Files\Steam\steam.exe" -silent
HKU\Bryan\...\Run: [ooVoo.exe] => C:\Program Files\ooVoo\oovoo.exe /minimized
HKU\Bryan\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\Bryan\...\Policies\system: [LogonHoursAction] 2
HKU\Bryan\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Exist\...\Run: [LDM] => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [36864 2015-03-11] (Logitech)
HKU\Exist\...\Policies\system: [LogonHoursAction] 2
HKU\Exist\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\jackie\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIBE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Walter\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-02] (Google Inc.)
HKU\Walter\...\Policies\system: [LogonHoursAction] 2
HKU\Walter\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
BootExecute: autocheck autochk *  BootDefrag.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S4 AxiomAudioDevMon; C:\Program Files\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)
S2 BackupService; C:\Users\ADMIN'\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-28] (www.BitComet.com)
S4 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\49.0.2623.40\remoting_host.exe [69016 2016-02-05] (Google Inc.)
S4 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S4 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
S4 Fitbit; C:\Program Files\Fitbit\fitbit.exe [773152 2012-06-22] (Fitbit, Inc.)
S2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
S3 GFI LanGuard Patch Agent; C:\Windows\Patches\PatchAgent.exe [427376 2014-11-15] ()
S4 Hauppauge WinTV Extender; C:\Program Files\WinTV\Extend\wintvextender.exe [67584 2014-11-15] (Hauppauge Computer Works, Inc)
S4 HauppaugeTVServer; C:\Program Files\WinTV\TVServer\hauppaugetvserver.exe [602624 2014-11-15] (Hauppauge Computer Works)
S2 HFGService; C:\Windows\System32\HFGService.dll [413696 2009-12-21] (CSR, plc)
S2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S4 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [1415032 2013-08-04] (Raxco Software, Inc.)
S4 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2166648 2013-08-04] (Raxco Software, Inc.)
S2 proXPN VPN; C:\Program Files\proXPN\bin\proXPNService.exe [102264 2015-06-11] ()
S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S2 FFPCAutoSave; J:\PCAutoSaveSv.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [12728 2011-12-26] ()
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2016-01-28] (Broadcom Corporation.)
S0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16064 2014-06-30] (Glarysoft Ltd)
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-08] (BlueStack Systems)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [43008 2009-12-21] (CSR, plc)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
S3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [35560 2013-10-28] (CyberLink Corporation)
S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [26856 2014-02-17] (CPUID)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [61952 2009-12-21] (CSR, plc)
S2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [104088 2013-08-04] (Raxco Software, Inc.)
S2 DLABMFSM; C:\Windows\System32\Drivers\DLABMFSM.SYS [37360 2007-07-23] (Roxio)
S2 DLABOIOM; C:\Windows\System32\Drivers\DLABOIOM.SYS [32848 2007-07-23] (Roxio)
S2 DLADResM; C:\Windows\System32\Drivers\DLADResM.SYS [9104 2007-07-23] (Roxio)
S2 DLAIFS_M; C:\Windows\System32\Drivers\DLAIFS_M.SYS [108752 2007-07-23] (Roxio)
S2 DLAOPIOM; C:\Windows\System32\Drivers\DLAOPIOM.SYS [27216 2007-07-23] (Roxio)
S2 DLAPoolM; C:\Windows\System32\Drivers\DLAPoolM.SYS [16304 2007-07-23] (Roxio)
S2 DLAUDFAM; C:\Windows\System32\Drivers\DLAUDFAM.SYS [93552 2007-07-23] (Roxio)
S2 DLAUDF_M; C:\Windows\System32\Drivers\DLAUDF_M.SYS [98448 2007-07-23] (Roxio)
S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-12-03] (EldoS Corporation)
S0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2015-07-18] (Glarysoft Ltd)
S3 hcw72ADFilter; C:\Windows\System32\DRIVERS\hcw72ADFilter.sys [28928 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 hcw72ATV; C:\Windows\System32\DRIVERS\hcw72ATV.sys [1217920 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 hcw72DTV; C:\Windows\System32\DRIVERS\hcw72DTV.sys [1220224 2010-01-11] (Hauppauge Computer Works, Inc.)
S3 ISODrive; C:\Users\ADMIN'\Desktop\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 MADFULEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard_DFU.sys [23304 2010-02-09] (M-Audio)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [34432 2012-10-10] (ManyCam LLC)
S3 MAUSBLEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard.sys [167304 2010-02-09] (M-Audio)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-27] (Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22656 2013-01-31] (ManyCam LLC)
S2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-12-03] (Raxco Software, Inc.)
S0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-03-20] (Duplex Secure Ltd.)
S3 SynTP_1; C:\Windows\System32\DRIVERS\SynTP_1.sys [355440 2013-02-14] (Synaptics Incorporated)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2015-02-05] (The OpenVPN Project)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 AtiDCM; \??\C:\AMD\Support\13-9-legacy_vista_win7_32_dd_ccc\Bin\atidcmxx.sys [X]
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
S3 btwampfl; \??\C:\Windows\system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\Users\ADMIN'\AppData\Local\Temp\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [X]
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S0 Partizan; system32\drivers\Partizan.sys [X]
S0 rqqahwf; System32\drivers\ntsw.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Soobzo\GDUpdate\smw.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-02 17:15 - 2016-04-04 21:11 - 00000000 ____D C:\FRST
2016-03-28 19:49 - 2016-03-28 19:49 - 00140488 _____ C:\Windows\Minidump\032816-29296-01.dmp
2016-03-27 21:26 - 2016-03-27 22:05 - 00002102 _____ C:\Users\ADMIN'\Desktop\Snail Translator.lnk
2016-03-27 21:26 - 2016-03-27 21:26 - 00000000 ____D C:\Windows\Snail Translator
2016-03-27 21:20 - 2016-03-27 22:05 - 00001958 _____ C:\Users\ADMIN'\Desktop\Gmail.lnk
2016-03-27 21:19 - 2016-03-27 21:19 - 00000000 ____D C:\Program Files\Common Files\Soobzo
2016-03-27 21:15 - 2016-03-27 22:04 - 00000000 ____D C:\Program Files\msrtn32
2016-03-27 21:14 - 2016-03-27 21:14 - 00000000 ____D C:\Program Files\basicData
2016-03-27 21:13 - 2016-03-27 22:04 - 00000000 ____D C:\Program Files\S5
2016-03-27 21:13 - 2016-03-27 21:13 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\c
2016-03-27 21:04 - 2016-03-28 19:49 - 210154689 ____N C:\Windows\MEMORY.DMP
2016-03-27 20:52 - 2016-03-27 22:05 - 00001032 _____ C:\Users\Public\Desktop\KNCTR.lnk
2016-03-27 20:52 - 2016-03-27 21:12 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\app
2016-03-27 20:52 - 2016-03-27 20:52 - 00000000 ____D C:\Program Files\Itibiti Soft Phone
2016-03-27 20:50 - 2016-03-30 14:41 - 00000000 ____D C:\Program Files\ContentPush
2016-03-27 20:50 - 2016-03-27 22:05 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\Store
2016-03-27 20:50 - 2016-03-27 20:50 - 06000640 _____ C:\Program Files\GUTC958.tmp
2016-03-27 20:50 - 2016-03-27 20:50 - 00631808 _____ C:\Windows\clb.dat
2016-03-27 20:50 - 2016-03-27 20:50 - 00000000 ____D C:\Program Files\GUMC919.tmp
2016-03-27 20:49 - 2016-03-27 21:25 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Setup Wizard
2016-03-27 20:41 - 2016-03-27 20:41 - 00000192 _____ C:\Windows\wininit.ini
2016-03-26 20:58 - 2016-03-26 20:58 - 00026485 _____ C:\Users\ADMIN'\Desktop\the-revenant-2015-dvdscr-xvid-ac3-etrg-english-74863.zip
2016-03-26 20:58 - 2015-12-26 08:32 - 00068720 _____ C:\Users\ADMIN'\Desktop\The.Revenant.2015.DVDScr.XviD.AC3-ETRG.srt
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Apple Computer
2016-03-21 11:29 - 2016-03-21 11:29 - 00000000 ____D C:\Users\Bryan\AppData\Local\Apple Computer
2016-03-21 11:28 - 2016-03-21 11:28 - 50545909 _____ C:\Users\Bryan\Downloads\Hotline Bling.flp
2016-03-18 15:38 - 2016-03-18 15:38 - 00000000 ____D C:\Users\Exist\AppData\Local\Paint.NET
2016-03-15 20:24 - 2016-03-15 20:24 - 00068259 _____ C:\Users\Bryan\Downloads\Untitled document.pdf
2016-03-15 19:58 - 2016-03-15 19:58 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Macromedia
2016-03-15 19:58 - 2016-03-15 19:58 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\Adobe
2016-03-15 19:09 - 2016-03-15 19:09 - 00000000 ____D C:\Users\Bryan\AppData\Local\GWX
2016-03-14 19:39 - 2016-03-14 19:40 - 00000000 ____D C:\Windows\rescache
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\LocalLow\Adobe
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Local\CEF
2016-03-14 18:34 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Local\Adobe
2016-03-14 18:31 - 2016-03-14 18:31 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Apple Computer
2016-03-14 18:31 - 2016-03-14 18:31 - 00000000 ____D C:\Users\Walter\AppData\Local\Apple Computer
2016-03-14 18:22 - 2016-03-14 18:59 - 00000000 ____D C:\Users\Walter\Desktop\1
2016-03-14 17:58 - 2016-03-14 17:58 - 00000000 ____D C:\Program Files\New folder
2016-03-14 17:51 - 2016-03-14 17:51 - 00000000 ____D C:\Users\Walter\AppData\Roaming\iolo
2016-03-14 17:46 - 2016-03-14 17:46 - 00000000 ____D C:\Users\Walter\AppData\Roaming\WinRAR
2016-03-14 17:45 - 2016-03-14 18:34 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Adobe
2016-03-14 17:45 - 2016-03-14 17:55 - 00000000 ____D C:\Users\Walter\AppData\Local\CrashDumps
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\AppData\Roaming\Sun
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\AppData\LocalLow\Sun
2016-03-14 17:38 - 2016-03-14 17:38 - 00000000 ____D C:\Users\Walter\.oracle_jre_usage
2016-03-14 17:33 - 2016-03-14 18:16 - 00163712 _____ C:\Users\Walter\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-14 17:33 - 2016-03-14 17:33 - 00000000 ____D C:\Users\Walter\AppData\Local\Wondershare
2016-03-14 17:32 - 2016-03-14 17:34 - 00000000 ____D C:\Users\Walter\AppData\Local\Google
2016-03-14 17:32 - 2016-03-14 17:32 - 00000632 __RSH C:\Users\Walter\ntuser.pol
2016-03-10 16:59 - 2016-03-10 17:00 - 278483620 _____ C:\Users\Exist\Downloads\[99Sounds] Project Exodus.rar
2016-03-09 17:02 - 2016-02-09 01:50 - 00021504 _____ (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2016-03-09 17:02 - 2016-02-04 09:46 - 02387456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2016-03-09 17:01 - 2016-02-11 10:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2016-03-09 17:01 - 2016-02-11 10:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-03-09 17:01 - 2016-02-11 10:44 - 00138176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2016-03-09 17:01 - 2016-02-11 10:44 - 00067520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-03-09 17:01 - 2016-02-11 10:41 - 01310232 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-03-09 17:01 - 2016-02-11 10:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2016-03-09 17:01 - 2016-02-11 10:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00654336 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00400896 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-03-09 17:01 - 2016-02-11 10:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2016-03-09 17:01 - 2016-02-11 10:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2016-03-09 17:01 - 2016-02-11 10:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2016-03-09 17:01 - 2016-02-11 10:33 - 01060864 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2016-03-09 17:01 - 2016-02-11 10:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2016-03-09 17:01 - 2016-02-11 10:31 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-03-09 17:01 - 2016-02-11 10:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-03-09 17:01 - 2016-02-11 10:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-03-09 17:01 - 2016-02-11 09:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2016-03-09 17:01 - 2016-02-11 09:37 - 00262656 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-03-09 17:01 - 2016-02-11 09:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-03-09 17:01 - 2016-02-11 09:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-03-09 17:01 - 2016-02-11 09:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2016-03-09 17:01 - 2016-02-11 09:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2016-03-09 17:01 - 2016-02-11 09:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-03-09 17:01 - 2016-02-11 09:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2016-03-09 17:01 - 2016-02-11 09:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2016-03-09 17:00 - 2016-02-08 22:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2016-03-09 17:00 - 2016-02-08 13:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2016-03-09 17:00 - 2016-02-08 12:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2016-03-09 17:00 - 2016-02-08 12:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2016-03-09 17:00 - 2016-02-08 12:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2016-03-09 17:00 - 2016-02-08 12:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2016-03-09 17:00 - 2016-02-08 12:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2016-03-09 17:00 - 2016-02-08 12:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2016-03-09 17:00 - 2016-02-08 12:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2016-03-09 17:00 - 2016-02-08 12:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2016-03-09 17:00 - 2016-02-08 12:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2016-03-09 17:00 - 2016-02-08 12:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2016-03-09 17:00 - 2016-02-08 12:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2016-03-09 17:00 - 2016-02-08 12:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2016-03-09 17:00 - 2016-02-08 12:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2016-03-09 17:00 - 2016-02-08 12:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2016-03-09 17:00 - 2016-02-08 12:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2016-03-09 17:00 - 2016-02-08 12:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-03-09 17:00 - 2016-02-08 12:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2016-03-09 17:00 - 2016-02-08 12:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2016-03-09 17:00 - 2016-02-08 12:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2016-03-09 17:00 - 2016-02-08 12:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2016-03-09 17:00 - 2016-02-08 12:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2016-03-09 17:00 - 2016-02-08 12:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2016-03-09 17:00 - 2016-02-08 12:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2016-03-09 17:00 - 2016-02-08 12:02 - 00684032 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2016-03-09 17:00 - 2016-02-08 12:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2016-03-09 17:00 - 2016-02-08 12:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2016-03-09 17:00 - 2016-02-08 11:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2016-03-09 17:00 - 2016-02-08 11:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2016-03-09 17:00 - 2016-02-08 11:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2016-03-08 16:01 - 2016-03-23 20:17 - 00000000 ____D C:\Users\Exist\AppData\Local\CrashDumps
2016-03-08 12:43 - 2016-02-19 10:50 - 00034240 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2016-03-08 12:43 - 2016-02-19 10:41 - 00958464 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2016-03-08 12:43 - 2016-02-19 06:07 - 01206784 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2016-03-08 12:43 - 2016-02-12 10:39 - 02956288 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2016-03-08 12:43 - 2016-02-12 10:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2016-03-08 12:43 - 2016-02-12 10:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2016-03-08 12:43 - 2016-02-12 10:07 - 02062848 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2016-03-08 12:43 - 2016-02-12 10:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2016-03-08 12:43 - 2016-02-12 10:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2016-03-08 12:43 - 2016-02-12 10:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2016-03-08 12:43 - 2016-02-12 10:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2016-03-08 12:43 - 2016-02-11 06:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2016-03-08 12:43 - 2016-02-09 01:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2016-03-08 12:43 - 2016-02-09 01:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2016-03-08 12:43 - 2016-02-09 01:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2016-03-08 12:43 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2016-03-08 12:43 - 2016-02-09 01:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2016-03-08 12:43 - 2016-02-05 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2016-03-08 12:43 - 2016-02-05 10:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2016-03-08 12:43 - 2016-02-05 10:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2016-03-08 12:43 - 2016-02-05 09:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2016-03-08 12:43 - 2016-02-05 09:43 - 00034304 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00591872 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2016-03-08 12:43 - 2016-02-05 06:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2016-03-08 12:43 - 2016-02-04 10:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2016-03-08 12:43 - 2016-02-03 10:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2016-03-08 12:43 - 2016-02-03 10:49 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\olepro32.dll
2016-03-08 12:43 - 2016-02-03 10:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2016-03-08 12:43 - 2016-02-03 09:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2016-03-08 12:43 - 2016-01-11 10:54 - 01212352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2016-03-08 12:43 - 2015-11-19 06:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
2016-03-08 12:43 - 2015-11-19 06:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-04 20:00 - 2009-07-13 20:34 - 00026768 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-04 20:00 - 2009-07-13 20:34 - 00026768 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-04 19:56 - 2010-11-20 13:01 - 00689024 _____ C:\Windows\System32\PerfStringBackup.INI
2016-04-04 19:56 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-04-04 19:23 - 2009-07-13 18:37 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2016-04-04 18:24 - 2016-01-21 20:45 - 00000008 __RSH C:\Users\ADMIN'\ntuser.pol
2016-04-04 18:24 - 2013-03-02 15:52 - 00000000 ____D C:\users\ADMIN'
2016-04-03 20:28 - 2015-11-07 12:19 - 01396876 _____ C:\Windows\ntbtlog.txt
2016-03-31 18:06 - 2013-06-09 10:16 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\DiskDefrag
2016-03-28 19:49 - 2013-06-17 14:17 - 00000000 ____D C:\Windows\Minidump
2016-03-27 22:07 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\L2Schemas
2016-03-27 22:05 - 2016-01-28 19:12 - 00002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-27 22:05 - 2016-01-28 19:12 - 00001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-27 22:05 - 2016-01-28 19:12 - 00001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-27 22:05 - 2016-01-05 20:13 - 00000917 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-03-27 22:05 - 2015-10-28 20:26 - 00000969 _____ C:\Users\Public\Desktop\BitComet.lnk
2016-03-27 22:05 - 2015-10-10 18:38 - 00001036 _____ C:\Users\Public\Desktop\4Card Recovery.lnk
2016-03-27 22:05 - 2015-07-25 11:05 - 00001410 _____ C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2016-03-27 22:05 - 2015-07-25 11:05 - 00001388 _____ C:\Users\Public\Desktop\Wondershare Media Server.lnk
2016-03-27 22:05 - 2015-07-23 19:38 - 00001292 _____ C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk
2016-03-27 22:05 - 2015-07-03 13:54 - 00001023 _____ C:\Users\ADMIN'\Desktop\proXPN.lnk
2016-03-27 22:05 - 2015-07-03 12:27 - 00002290 _____ C:\Users\ADMIN'\Desktop\Chrome App Launcher.lnk
2016-03-27 22:05 - 2015-07-03 10:18 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-03-27 22:05 - 2015-06-06 09:43 - 00001137 _____ C:\Users\ADMIN'\Desktop\System Checkup.lnk
2016-03-27 22:05 - 2015-05-10 17:47 - 00001248 _____ C:\Users\ADMIN'\Desktop\Adobe Photoshop CC 2014 (32 Bit).lnk
2016-03-27 22:05 - 2015-05-10 17:10 - 00001354 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-03-27 22:05 - 2015-05-03 17:22 - 00001122 _____ C:\Users\ADMIN'\Desktop\PC Wizard 2013.lnk
2016-03-27 22:05 - 2015-04-11 10:37 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-27 22:05 - 2015-03-11 21:52 - 00000418 _____ C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
2016-03-27 22:05 - 2015-02-07 14:35 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-27 22:05 - 2015-01-19 15:26 - 00000969 _____ C:\Users\Public\Desktop\Cool Edit Pro 2.1.lnk
2016-03-27 22:05 - 2014-12-20 13:46 - 00001765 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-03-27 22:05 - 2014-12-20 13:45 - 00001806 _____ C:\Users\Public\Desktop\Apps.lnk
2016-03-27 22:05 - 2014-12-06 20:30 - 00002028 _____ C:\Users\Public\Desktop\FoneLab.lnk
2016-03-27 22:05 - 2014-11-19 22:31 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-27 22:05 - 2014-06-22 15:03 - 00002563 _____ C:\Users\Public\Desktop\MIDI-OX.lnk
2016-03-27 22:05 - 2014-05-17 13:15 - 00001990 _____ C:\Users\Public\Desktop\FL Studio 11.lnk
2016-03-27 22:05 - 2014-05-14 20:49 - 00001042 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-03-27 22:05 - 2014-05-03 12:49 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-27 22:05 - 2014-05-03 12:49 - 00001020 _____ C:\Users\Public\Desktop\Google Drive.lnk
2016-03-27 22:05 - 2014-05-03 12:47 - 00001068 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-03-27 22:05 - 2014-05-03 12:41 - 00001131 _____ C:\Users\ADMIN'\Desktop\Auslogics DiskDefrag.lnk
2016-03-27 22:05 - 2014-05-03 11:59 - 00000606 _____ C:\Users\ADMIN'\Desktop\LiberKey.lnk
2016-03-27 22:05 - 2014-05-03 11:38 - 00002145 _____ C:\Users\ADMIN'\Desktop\System Mechanic.lnk
2016-03-27 22:05 - 2014-04-20 17:55 - 00000934 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-03-27 22:05 - 2014-03-08 11:03 - 00001211 _____ C:\Users\ADMIN'\Desktop\Product Key Explorer.lnk
2016-03-27 22:05 - 2014-02-15 13:00 - 00002105 _____ C:\Users\Public\Desktop\CyberLink YouCam 6.lnk
2016-03-27 22:05 - 2014-02-09 19:18 - 00002501 _____ C:\Users\Public\Desktop\TurboTax 2013.lnk
2016-03-27 22:05 - 2014-02-06 20:35 - 00000951 _____ C:\Users\Public\Desktop\Registry First Aid.lnk
2016-03-27 22:05 - 2014-02-02 10:22 - 00000677 _____ C:\Users\Public\Desktop\Keyboarding Pro™ 5 - Single.lnk
2016-03-27 22:05 - 2013-12-21 09:59 - 00001115 _____ C:\Users\Public\Desktop\Wise PC 1stAid.lnk
2016-03-27 22:05 - 2013-12-21 09:57 - 00001178 _____ C:\Users\Public\Desktop\Wise Data Recovery.lnk
2016-03-27 22:05 - 2013-12-09 22:00 - 00001321 _____ C:\Users\Public\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1.lnk
2016-03-27 22:05 - 2013-11-04 20:55 - 00001028 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-27 22:05 - 2013-10-27 09:03 - 00001071 _____ C:\Users\ADMIN'\Desktop\Songr.lnk
2016-03-27 22:05 - 2013-10-26 18:37 - 00001176 _____ C:\Users\Public\Desktop\Paint.NET.lnk
2016-03-27 22:05 - 2013-10-20 08:31 - 00001131 _____ C:\Users\ADMIN'\Desktop\Auslogics BoostSpeed.lnk
2016-03-27 22:05 - 2013-09-21 11:01 - 00000969 _____ C:\Users\ADMIN'\Desktop\SpeedFan.lnk
2016-03-27 22:05 - 2013-09-08 09:00 - 00001149 _____ C:\Users\ADMIN'\Desktop\Nero Express.lnk
2016-03-27 22:05 - 2013-09-02 14:48 - 00000993 _____ C:\Users\ADMIN'\Desktop\WhoCrashed.lnk
2016-03-27 22:05 - 2013-08-25 09:43 - 00001688 _____ C:\Users\ADMIN'\Desktop\Google Drive.lnk
2016-03-27 22:05 - 2013-08-04 10:55 - 00002031 _____ C:\Users\Public\Desktop\PerfectDisk 12.5.lnk
2016-03-27 22:05 - 2013-07-28 10:10 - 00001212 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Pro Edition 5.2.lnk
2016-03-27 22:05 - 2013-07-13 12:51 - 00001582 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2016-03-27 22:05 - 2013-07-13 12:23 - 00002503 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-27 22:05 - 2013-07-06 08:23 - 00001065 _____ C:\Users\Public\Desktop\RapidTyping.lnk
2016-03-27 22:05 - 2013-07-04 11:48 - 00001226 _____ C:\Users\ADMIN'\Desktop\Revo Uninstaller.lnk
2016-03-27 22:05 - 2013-06-15 11:42 - 00001049 _____ C:\Users\Public\Desktop\WinTV 7.lnk
2016-03-27 22:05 - 2013-06-15 09:39 - 00001963 _____ C:\Users\Public\Desktop\TotalMedia 3.5.lnk
2016-03-27 22:05 - 2013-04-20 10:38 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-03-27 22:05 - 2013-04-16 20:07 - 00002785 _____ C:\Users\Public\Desktop\Nero Video 12.lnk
2016-03-27 22:05 - 2013-04-16 20:05 - 00002055 _____ C:\Users\Public\Desktop\Nero Kwik Media.lnk
2016-03-27 22:05 - 2013-04-16 20:03 - 00002857 _____ C:\Users\Public\Desktop\Nero 12.lnk
2016-03-27 22:05 - 2013-04-16 20:02 - 00002831 _____ C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
2016-03-27 22:05 - 2013-04-13 14:26 - 00001292 _____ C:\Users\ADMIN'\Desktop\Auslogics Internet Optimizer.lnk
2016-03-27 22:05 - 2013-03-24 12:35 - 00001186 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 5.8.5 .lnk
2016-03-27 22:05 - 2013-03-20 18:13 - 00001142 _____ C:\Users\Public\Desktop\Alcohol 120%.lnk
2016-03-27 22:05 - 2013-03-05 22:00 - 00001212 _____ C:\Users\ADMIN'\Desktop\Calculator.lnk
2016-03-27 22:05 - 2013-03-03 14:35 - 00001111 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2016-03-27 22:05 - 2013-03-03 14:05 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-27 22:05 - 2013-03-02 16:08 - 00002182 _____ C:\Users\Public\Desktop\Roxio Creator Home.lnk
2016-03-27 22:05 - 2013-03-02 16:05 - 00001993 _____ C:\Users\Public\Desktop\CyberLink PowerDVD.lnk
2016-03-27 21:36 - 2014-07-12 09:56 - 00170200 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2016-03-27 21:29 - 2014-07-28 20:25 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\CrashDumps
2016-03-27 21:28 - 2013-03-03 13:20 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\BitComet
2016-03-27 21:07 - 2015-03-28 19:47 - 00000000 ____D C:\Program Files\McAfee
2016-03-27 21:07 - 2015-03-28 16:07 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-03-27 20:52 - 2015-03-28 19:51 - 00000000 ____D C:\Users\ADMIN'\AppData\LocalLow\SafeKey
2016-03-27 20:50 - 2013-03-02 16:48 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Google
2016-03-27 19:38 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\system
2016-03-27 19:09 - 2014-05-03 12:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-03-27 19:02 - 2013-03-02 16:03 - 00000000 ____D C:\Users\ADMIN'\AppData\Local\Adobe
2016-03-26 23:32 - 2013-03-03 15:10 - 00000000 ____D C:\Users\ADMIN'\AppData\Roaming\vlc
2016-03-24 16:44 - 2014-06-13 15:35 - 00000000 ____D C:\Users\Exist\Desktop\flp's
2016-03-23 21:54 - 2015-04-04 00:40 - 00000000 ___SD C:\Windows\System32\GWX
2016-03-21 11:05 - 2016-01-21 19:27 - 00000000 ____D C:\Users\Bryan\AppData\Local\CrashDumps
2016-03-18 15:16 - 2014-08-15 14:47 - 00000000 ____D C:\Users\Exist\Desktop\beats
2016-03-18 14:11 - 2009-07-13 18:04 - 00000630 _____ C:\Windows\win.ini
2016-03-18 14:11 - 2009-07-13 18:04 - 00000241 _____ C:\Windows\system.ini
2016-03-15 19:38 - 2016-02-15 15:12 - 00000000 ____D C:\Users\Bryan\AppData\Roaming\iolo
2016-03-14 17:38 - 2013-06-08 13:48 - 00000000 ____D C:\users\Walter
2016-03-12 19:19 - 2013-03-03 14:35 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2016-03-12 19:19 - 2013-03-03 14:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2016-03-12 08:44 - 2016-02-14 11:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-10 13:09 - 2014-05-03 12:49 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2016-03-10 13:08 - 2014-05-03 12:49 - 00126336 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamchameleon.sys
2016-03-10 13:08 - 2014-05-03 12:49 - 00024448 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2016-03-09 21:32 - 2014-09-21 20:49 - 00543560 _____ C:\Windows\System32\FNTCACHE.DAT
2016-03-09 17:11 - 2016-02-25 15:10 - 07613334 _____ C:\Users\Exist\Downloads\FENIX X OHGEESY - CRAZY.m4a
2016-03-09 14:00 - 2013-03-03 14:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-08 18:29 - 2014-12-10 12:59 - 00000000 ____D C:\Windows\System32\appraiser
2016-03-08 17:18 - 2013-08-14 22:12 - 00000000 ____D C:\Windows\System32\MRT
2016-03-08 17:03 - 2013-03-03 14:45 - 141270216 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
 
Some files in TEMP:
====================
C:\Users\ADMIN'\AppData\Local\Temp\7za.exe
C:\Users\ADMIN'\AppData\Local\Temp\catchme.dll
C:\Users\ADMIN'\AppData\Local\Temp\dxdiag.exe
C:\Users\ADMIN'\AppData\Local\Temp\IadHide5.dll
C:\Users\ADMIN'\AppData\Local\Temp\io1.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\ADMIN'\AppData\Local\Temp\kts16.0.0.614en-gb.exe
C:\Users\ADMIN'\AppData\Local\Temp\LPPlugin.dll
C:\Users\ADMIN'\AppData\Local\Temp\McCSPInstall.dll
C:\Users\ADMIN'\AppData\Local\Temp\mccspuninstall.exe
C:\Users\ADMIN'\AppData\Local\Temp\namebench.exe
C:\Users\ADMIN'\AppData\Local\Temp\python27.dll
C:\Users\ADMIN'\AppData\Local\Temp\s5mark_setup_aid91tid336_20160318.exe
C:\Users\ADMIN'\AppData\Local\Temp\tcl85.dll
C:\Users\ADMIN'\AppData\Local\Temp\tk85.dll
C:\Users\ADMIN'\AppData\Local\Temp\Uninstall.exe
C:\Users\Exist\AppData\Local\Temp\IadHide5.dll
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe
[2016-02-09 14:33] - [2016-01-21 21:12] - 2973184 ____A (Microsoft Corporation) 2A156D5EBF221EF2A6AE7CE452324DAC
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2015-05-12 13:12] - [2015-04-12 19:19] - 0259072 ____A (Microsoft Corporation) 0780A42DBD7D9969F9BF4A19AA4285B5
 
C:\Windows\System32\User32.dll
[2015-12-08 13:56] - [2015-11-10 10:39] - 0811520 ____A (Microsoft Corporation) 4C5A23AE4F5157F579C89736EA5D42CE
 
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 19%
Total physical RAM: 2557.61 MB
Available physical RAM: 2060.15 MB
Total Virtual: 2555.9 MB
Available Virtual: 2070.4 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.41 GB) (Free:2.99 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:32.9 GB) NTFS
Drive g: (MULTIBOOT) (Removable) (Total:14.9 GB) (Free:2.78 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: AB4C7F5F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 54194EBA)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)
 
 
LastRegBack: 2016-03-23 16:29
 
==================== End of FRST.txt ============================

  • 0

#30
pcme

pcme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

sorry i posted twice


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP