Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 Main Start Disk Spins And System Doesn't Work


  • Please log in to reply

#1
cloroxmartini

cloroxmartini

    Member

  • Member
  • PipPipPip
  • 134 posts

Was using the DELL laptop fine yesterday and today on full startup it takes forever and nothing works right. CTRL-ALT-DLT does not work to bring up the system window where I can shut things down.The hard disk light runs continuously. Screen goes black with mouse arrow showing and movable. Safe mode works fine with or without networking.

 

The only recent event was installing and OCR program which I uninstalled (which took a couple tries)

 

I am posting this using safe mode with networking:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by RSB3 (2016-06-17 13:05:40)
Running from C:\Users\RSB3.HENSELPHELPS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-26 13:43:29)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1338001094-3292723480-2479503419-500 - Administrator - Disabled)
cba_anonymous (S-1-5-21-1338001094-3292723480-2479503419-1005 - Limited - Enabled)
Guest (S-1-5-21-1338001094-3292723480-2479503419-501 - Limited - Disabled)
RSB3 (S-1-5-21-1338001094-3292723480-2479503419-1001 - Administrator - Enabled) => C:\Users\RSB3
UpdatusUser (S-1-5-21-1338001094-3292723480-2479503419-1000 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: LANDesk Antivirus client (Enabled - Up to date) {81FFFA3F-5728-2935-775B-945612FB42EE}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.33 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assemble Publisher Add-Ins (HKLM\...\{9D2BDAF2-059B-4D74-BCF5-98A4316B6AC4}) (Version: 2.0.5093 - Assemble Systems)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk MapGuide® Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.6.11 - Autodesk, Inc.)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Revit 2014 (HKLM\...\Autodesk Revit 2014) (Version: 13.03.08151 - Autodesk)
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{761cd2c4-5249-4346-8318-a499d06d2681}) (Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.63.21885 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.1.5.22031 - Avira Operations GmbH & Co. KG)
AXIS Media Control Embedded (HKLM-x32\...\AXIS Media Control Embedded) (Version:  - )
Beck Technology Client Broker (HKLM-x32\...\InstallShield_{E0575819-21B7-4351-8671-7A5EA8A1B02E}) (Version: 2013.1.0.0 - Beck Technology)
Beck Technology Client Broker (x32 Version: 2013.1.0.0 - Beck Technology) Hidden
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Bluebeam Revu x64 12 (HKLM-x32\...\InstallShield_{8F81B206-1111-4EFA-8431-42BB992C5D76}) (Version: 12.5.0 - Bluebeam Software)
Bluebeam Revu x64 12 (Version: 12.5.0 - Bluebeam Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
C.H.I. Overhead Doors Division 8 Binder (HKLM-x32\...\{53F6F4AA-8D9E-4BFA-8D32-3CE71D62D3CE}) (Version: 1.2.0 - C.H.I. Overhead Doors)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Crystal Reports Runtime (HKLM-x32\...\{974518D4-7C04-4B2D-AADC-0D4F303E275F}) (Version: 1.00.0000 - Autodesk)
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.4822 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dell ControlVault Host Components Installer 64 bit (Version: 2.1.6.214 - Broadcom Corporation) Hidden
Dell Data Protection | Access (HKLM-x32\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.1.00001.002 - Dell Inc.)
Dell Data Protection | Access (Version: 02.01.01.002 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM-x32\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 2.01.018 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM-x32\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 2.01.010 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell System Manager (HKLM\...\{FDF509ED-9624-4FDE-9BAA-9566C186AB96}) (Version: 1.6.00000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.124 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.28 - Creative Technology Ltd)
DellAccess (Version: 01.01.00.072 - Wave Systems Corp.) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
doPDF 7.2 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
DProfiler (HKLM-x32\...\InstallShield_{43D028A6-8D0C-4D6F-AD95-983F0D916FBE}) (Version: 2013.1.0.0 - Beck Technology)
DProfiler (x32 Version: 2013.1.0.0 - Beck Technology) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.235.13 - Dell Inc.)
DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
EMBASSY Security Center (Version: 04.03.00.121 - Wave Systems Corp.) Hidden
FARO LS 1.1.408.2 (HKLM-x32\...\{91221AAC-F2A0-4028-8016-C7DAF63CB6CC}) (Version: 4.8.2.25521 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 4.8.2.25521 (HKLM-x32\...\FARO LS_is1) (Version:  - FARO Technologies)
FileZilla Client 3.16.0 (HKLM-x32\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
Free Audio Editor 2015 9.2.2 (HKLM-x32\...\Free Audio Editor 2015_is1) (Version:  - FAE Distribution, Inc.)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GIMP 2.6.12 (HKLM\...\GIMP-2_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\Google Chrome Frame) (Version: 32.0.1700.107 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.2.0.822 - Citrix Online, a division of Citrix Systems, Inc.)
GoToMeeting 7.18.0.4962 (HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\GoToMeeting) (Version: 7.18.0.4962 - CitrixOnline)
HASP SRM Run-time (HKLM-x32\...\{2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5}) (Version: 3.50.1.8213 - Aladdin Knowledge Systems Ltd. ® 1985-2008.)
HEDB Search (HKLM-x32\...\{510FE46E-7A12-4A6B-BC67-D52F1320265A}) (Version: 2.0.0 - RhinoWare)
HP Officejet 7500 E910 Basic Device Software (HKLM\...\{7CF50183-026B-418D-A26C-A254290BD824}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.4.18.7 - HP)
ICE (HKLM-x32\...\ICE) (Version:  - )
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Innovaya BIM Software (HKLM-x32\...\{77308AFD-5146-4B93-94CA-195B70DD5A2E}) (Version: 13.06.13 - Innovaya, LLC)
Innovaya BIM Software (x32 Version: 13.06.13 - Innovaya, LLC) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.7.176.1 (HKLM\...\PROSetDX) (Version: 15.7.176.1 - Dell)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
iSqFt Full Viewer V4.01 (HKLM-x32\...\{19A71C4F-94D9-44EA-AC98-FF8A045273AB}) (Version:  - )
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KONICA MINOLTA C554Series(PS_PCL_FAX) (HKLM\...\KONICA MINOLTA C554Series Installer(PS_PCL_FAX)) (Version:  - KONICA MINOLTA)
LANDesk Advance Agent (x32 Version: 1.0.0 - LANDesk Software) Hidden
LANDesk® Antivirus (HKLM-x32\...\LANDesk Antivirus) (Version: 9.0.3.45 - LANDesk Software)
LANDesk® Common Base Agent 8 (x32 Version: 9.0.3.5 - LANDesk Software, Ltd) Hidden
Lotus Notes 6 (HKLM-x32\...\{9C7D4FF4-6494-4E7C-ABE5-D850DAC4AFA6}) (Version: 6.00.2269 - IBM)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marketing Fonts (HKLM\...\{DB5BBA53-18F6-4F1B-B86D-2F4B5BB6503F}) (Version: 1.00 - Hensel Phelps Construction Co.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{3184EDDE-ED8D-4A3F-A575-99BD5FE3A524}) (Version: 15.8.8945.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6001.1078 - Microsoft Corporation)
Microsoft Office Access Runtime (English) 2007 (HKLM-x32\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visio Viewer 2010 (HKLM-x32\...\{95140000-0052-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTRU TCG Software Stack (Version: 2.1.36 - Security Innovation, Inc.) Hidden
NVIDIA Graphics Driver 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{0CB3B7EE-52C7-4136-AF40-605567D90318}) (Version: 3.0.07.23 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.23 - O2Micro International LTD.) Hidden
OCR program for Yiddish (HKLM-x32\...\{5A6F726F-6AB8-4772-6576-650200000001}) (Version: 1.0.1 - Ulrich Greve)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
On-Screen Takeoff (HKLM-x32\...\{028CDFF6-4C1B-4A70-8501-1267F02D2DC0}) (Version: 3.9.0.6 - On Center Software, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Panasonic DRM Plugin (HKLM-x32\...\{9C267E0B-9058-49D4-96F4-D42056D22B59}) (Version: 1.2.1.0 - Panasonic Avionics Corporation)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Preboot Manager (Version: 03.03.00.074 - Wave Systems Corp.) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.55 - NCH Software)
Private Information Manager (Version: 07.01.00.022 - Wave Systems Corp.) Hidden
QHOCR 0.8.3-alpha (HKLM-x32\...\QHOCR) (Version: 0.8.3-alpha - Diego Iastrubni)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Revit 2014 (Version: 13.03.08151 - Autodesk) Hidden
Revit 2014 Language Pack - English (Version: 13.03.08151 - Autodesk) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sentinel Protection Installer 7.5.0 (HKLM-x32\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype Meetings App (HKLM-x32\...\{240D565E-3537-4048-8920-FAAB2A136A84}) (Version: 16.2.0.23 - Microsoft Corporation)
Snow Inventory Client for Windows (x64) (HKLM\...\{7C22D831-EF1A-4780-B30F-B5AD8618E10B}) (Version: 3.7.03 - Snow Software AB)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
Trusted Drive Manager (Version: 4.1.1.312 - Wave Systems Corp.) Hidden
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
VEO (HKLM\...\{8E5F8472-D15D-40C3-B3B1-31EFC90D473B}) (Version: 1.10.2.8 - M-SIX)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Wave Infrastructure Installer (Version: 07.67.17.0010 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.13.00.033 - Wave Systems Corp) Hidden
WDO HEDB Input (HKLM-x32\...\{90AE3C9A-FCD2-4983-8ABA-71AE16C0AA28}) (Version: 2.0.0 - RhinoWare)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinEx Master 8.6 (HKLM-x32\...\ROCTEKWXM_is1) (Version:  - Roctek Corp.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1082\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391_Classes\CLSID\{FE2EC208-BECF-4E83-8BF4-E35DBA4EB6A1}\localserver32 -> C:\Users\RSB3.HENSELPHELPS\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.23\GatewayVersion-x64.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {036DDC5B-5693-4909-8109-8229D870DE32} - System32\Tasks\HPCeeScheduleForRSB3 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {1A250898-7CD9-4BDD-B7D9-73DDC85BA32E} - System32\Tasks\{D7EE196F-D8AC-4E82-9512-51733FB40E21} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E0575819-21B7-4351-8671-7A5EA8A1B02E}\setup.exe" -c -runfromtemp -l0x0409 -removeonly
Task: {3037077E-2725-44A3-A9A4-E11424DEDC46} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN54B1R13F => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-22] (HP Inc.)
Task: {3C8D347F-62D9-4453-BC5F-08FA11FC4414} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN48E1M09J => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-22] (HP Inc.)
Task: {3FB7CCFA-9DAD-4A73-8A13-B3C5A0DE26E3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {4036B04A-485A-4260-B22A-F08F0372BB98} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {4B273B21-7393-4270-8668-6249AD64D28B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-22] (HP Inc.)
Task: {501E0B71-A4F9-4837-B7F8-2A47E420D52B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {5C08EEBE-54F9-4A70-885C-10F051B8F9C6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {602EA474-68BB-4CFE-9C3C-99E81DE32960} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-01] (Microsoft Corporation)
Task: {7D85EAD0-0B56-4C0C-AA2B-102B9802FEEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {96AC5031-CF00-43D5-A9F2-3A14B2B43303} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN42DB612Q => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-22] (HP Inc.)
Task: {A17371AF-CC0F-470A-B036-04CE2205DABD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {A3E665F0-992B-49AE-8B13-3CDDADBF42E0} - System32\Tasks\G2MUploadTask-S-1-5-21-2903611290-4059586168-1443931954-5841391 => C:\Users\RSB3.HENSELPHELPS\AppData\Local\Citrix\GoToMeeting\4962\g2mupload.exe [2016-05-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B01F7F52-C520-4DEB-AEB7-7ADFC884B491} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH58T2B0Y1 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-22] (HP Inc.)
Task: {B0D15EE1-4BAB-4449-9862-F638E4D052A3} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {B6066635-8E67-4A85-BD9B-D7C5E789B9DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C0C42714-2531-4CD7-9BEA-E7EB17DB9774} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {C6FF5ADC-C18A-4203-9F2B-5A01F779CB29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {CB099B0B-501D-495A-92AC-B408A7C851B4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {D206A83A-453F-4C61-ADF2-A7EBBC1688C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {D2C2A4A7-B2FA-4B2E-886B-0C6CB9DF1636} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {D4F4E11C-2197-4727-85AC-F8607C9E3E35} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-01] (Microsoft Corporation)
Task: {EA5A557B-FAE6-4F7F-BFB2-36E605A68A74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN46SC605T => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-22] (HP Inc.)
Task: {F046DDE2-EE66-42E8-A24F-89E2351F7F14} - System32\Tasks\G2MUpdateTask-S-1-5-21-2903611290-4059586168-1443931954-5841391 => C:\Users\RSB3.HENSELPHELPS\AppData\Local\Citrix\GoToMeeting\4962\g2mupdate.exe [2016-05-19] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {FBE46357-80F8-4A66-B784-4271DE49FAE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {FCECE817-D7AF-426C-ABB8-00410A4B3944} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-01] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2903611290-4059586168-1443931954-5841391.job => C:\Users\RSB3.HENSELPHELPS\AppData\Local\Citrix\GoToMeeting\4962\g2mupdate.exe C:\Users\RSB3.HEN
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2903611290-4059586168-1443931954-5841391.job => C:\Users\RSB3.HENSELPHELPS\AppData\Local\Citrix\GoToMeeting\4962\g2mupload.exe C:\Users\RSB3.HEN
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRSB3.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-05-18 07:25 - 2016-05-01 14:52 - 08911040 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-02-29 13:23 - 2016-02-29 13:23 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2011-10-18 13:25 - 2013-12-04 12:22 - 00518432 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2016-05-18 07:25 - 2016-05-01 14:40 - 08911048 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\isqft.com -> hxxps://www.isqft.com
IE trusted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\isqft.com -> hxxps://www.isqft.com
IE trusted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\isqft.com -> www.isqft.com
IE trusted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\samsungsetup.com -> hxxp://www.samsungsetup.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\123simsen.com -> www.123simsen.com
 
There are 7856 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 05:34 - 2015-02-04 23:56 - 00000009 ____A C:\Windows\system32\Drivers\etc\hosts
 
റഊഊ
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\Control Panel\Desktop\\Wallpaper -> C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.100.102.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Beck Technology Broker => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Babylon Client => C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
MSCONFIG\startupreg: BbInstallUser => C:\Program Files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe
MSCONFIG\startupreg: BbPrintMonitor => C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: GoToMeeting => "C:\Program Files (x86)\Citrix\GoToMeeting\1082\g2mstart.exe" "/Trigger RunAtLogon"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Officejet 7500 E910 (NET) => "C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe" -deviceID "MY3CG4101H05JB:NW" -scfn "HP Officejet 7500 E910 (NET)" -AutoStart 1
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TdmNotify => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{09DC3A69-14F5-4F76-850A-43738484FE45}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{92A633B8-C7F1-45EF-B05F-0710BE9CB274}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{CEA6EEE4-ECC1-4488-B3A4-A28AC603AFC7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{F3F9491E-7075-4ECB-8D0E-11FB6673AAC2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{94559D38-1D98-4894-8437-8FE2FF39D17B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D43D0FE8-AA0E-4BF9-A063-EF14B553D74A}] => (Allow) LPort=2869
FirewallRules: [{6B106493-479F-4B88-8BB7-E7E9F84C2440}] => (Allow) LPort=1900
FirewallRules: [{87F28516-97DF-4E24-8221-98546F44C26A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9AD703F9-B18A-4A13-94E0-923C0777C1AE}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{4F597DDC-9DA9-4B1D-A4DF-831C8CAE2976}] => (Allow) C:\Program Files (x86)\MC² Software\ice.exe
FirewallRules: [{51D40BC4-848F-4421-B8D0-A20C08416122}] => (Allow) C:\Program Files (x86)\MC² Software\ice.exe
FirewallRules: [{C200DFBF-E53C-45A2-B095-00FE74ADCB8C}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{D150C8EB-DA4C-4779-BA38-7642DA94F6BC}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{35EF6013-5AAD-4D96-B77F-24E2B3246054}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{E704DE47-FCEC-4BC6-A614-FC0C4DCA7DA2}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{2CF56BB3-0C81-45BB-9DCA-ABB70F851FA8}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{8F21FE6A-D366-4D58-B592-058D892AE0B5}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{CCF7AC55-7D97-4A22-90EF-39E7353956C9}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{22F09475-889E-48BA-9F0A-76BA9782FD2D}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{6605B5F7-C9F5-4F3A-AE85-00A6FC14D24B}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{81B0251A-A135-45C8-930C-8D0696BCA691}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{3DD5C678-CCCB-419B-993E-AB05E5AF167F}] => (Allow) LPort=1947
FirewallRules: [{5C42A92D-0DA0-42A9-95E1-6CB365581235}] => (Allow) LPort=1947
FirewallRules: [TCP Query User{EB5ADA33-8801-4A37-BAAD-43D575762C03}C:\program files (x86)\mc² software\icelicsv.exe] => (Allow) C:\program files (x86)\mc² software\icelicsv.exe
FirewallRules: [UDP Query User{D10D20DA-132B-42FF-BA7A-4A8411F36670}C:\program files (x86)\mc² software\icelicsv.exe] => (Allow) C:\program files (x86)\mc² software\icelicsv.exe
FirewallRules: [{D01B929B-2072-4CD6-9EF4-678F33E40964}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{BD9F41FB-FDE2-4782-A5DD-8F0A2F5D35F5}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{6449FC24-6222-47EC-9B3A-8D326A3D0E78}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{17DB7700-B1E9-45B9-A9F2-57B5676E3E13}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{9DF12F63-2D8D-4587-97B0-36F0F3674A36}] => (Allow) LPort=18081
FirewallRules: [TCP Query User{1E81EC20-0EF0-4CCE-8472-C1BAD06CC22F}C:\program files (x86)\mc² software\icelicsv.exe] => (Allow) C:\program files (x86)\mc² software\icelicsv.exe
FirewallRules: [UDP Query User{6FC2C4BD-D8E8-45A1-9576-EFF440CF956D}C:\program files (x86)\mc² software\icelicsv.exe] => (Allow) C:\program files (x86)\mc² software\icelicsv.exe
FirewallRules: [{C2412DA9-FF8D-4E99-A9ED-41FE021F7ECC}] => (Allow) C:\Users\RSB3.HENSELPHELPS\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{3382B3FF-DA91-4780-9718-11281A29D1F5}] => (Allow) C:\Users\RSB3.HENSELPHELPS\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{5886D275-87A4-45E9-8BD8-47B75537264D}C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{AD757494-5EE2-4350-A530-BC0D436D3842}C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{A607C44D-B3D9-4FC2-B00D-FFEEFDC22046}C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A275070F-328E-4629-8D7D-64FE989300CF}C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rsb3.henselphelps\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BD5F3C63-2E54-4E1C-8277-1925E7A3AE66}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8216FDC2-4CCE-4F52-9E55-1133BCE2650F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{1622D060-31E4-49DD-8BDE-1DFBE5FC91AD}C:\program files\m-six\veo\veo.exe] => (Allow) C:\program files\m-six\veo\veo.exe
FirewallRules: [UDP Query User{09C394A8-9460-4474-9AF5-0BAFEFD62018}C:\program files\m-six\veo\veo.exe] => (Allow) C:\program files\m-six\veo\veo.exe
FirewallRules: [TCP Query User{10791C5C-D6A9-47DA-9514-7778B57F1498}C:\program files\m-six\veo\veo.exe] => (Allow) C:\program files\m-six\veo\veo.exe
FirewallRules: [UDP Query User{7C98427B-EF00-4FFE-B1EC-A7AA3FC737EC}C:\program files\m-six\veo\veo.exe] => (Allow) C:\program files\m-six\veo\veo.exe
FirewallRules: [TCP Query User{ADC9A384-FDE8-4358-96D4-4B5F45AF9E88}C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [UDP Query User{20B02D3A-ED8E-4D59-B70B-8F58164EC818}C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [{AD8A1122-DFE0-46D1-B3C0-11E00985D904}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\FaxApplications.exe
FirewallRules: [{75F2F4F3-A3BE-4206-9AE0-874647E1FC81}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\DigitalWizards.exe
FirewallRules: [{6058E809-3541-4F0A-BD96-904FA53B9B8A}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\SendAFax.exe
FirewallRules: [{4DB50116-59B8-47AF-B5D5-399F726A7BC9}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe
FirewallRules: [{34AC213D-AAAC-402B-97CA-15F1650482D8}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7398540A-0622-41F5-9094-D06E47AEA122}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B53BFB45-C813-4D75-BF43-DDE85EBB79E7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{1A3B1A4D-88F9-4EBF-879E-A7461AC3B42B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{E7DCB63D-BC31-4AD6-8802-86B0237092D7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{F55F3AFE-8681-4B75-A865-8BF9461D7D6C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{0A3B9598-88BB-4208-9895-EE02CEDF8380}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{1F39A7DB-1A70-42FA-81E9-66E975EB5956}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{EEA7D928-327A-488E-BA44-C7BC2A27E11C}C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [UDP Query User{A6347896-E600-4FB7-B964-51013F661237}C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [{BB637511-33DB-406F-B22D-53EE0C6D41FF}] => (Block) C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [{FEE9DD08-210A-4DCA-ABFF-4CB9EECF99CB}] => (Block) C:\users\rsb3.henselphelps\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe
FirewallRules: [TCP Query User{2CB8F0CC-1735-4443-A495-4D43FBE93A8A}C:\program files\m-six\veo\veo.exe] => (Allow) C:\program files\m-six\veo\veo.exe
FirewallRules: [UDP Query User{70436D8B-93B5-484E-B55D-7C6DFCF4F700}C:\program files\m-six\veo\veo.exe] => (Allow) C:\program files\m-six\veo\veo.exe
FirewallRules: [{B0492D2A-A6F9-4B93-83E5-3DE92D8C13AE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{542BDFBC-B020-4A18-8F69-40F0DD24AA9B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{791998C7-3738-4DF5-81D2-234F807CD9FA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{BAA3C795-1A22-4865-99BD-6CC53456811C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{16FBB992-2217-4417-829B-818E7846C4EB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{51CEFA99-5114-4623-B0F4-580DD62D2329}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{0E195DAB-2688-4FE0-9CA6-C10FD4DEAAAB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2223CA30-8027-4DB9-93FB-30D7115384BA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B0CE9D5B-7B0B-49D1-9730-4B7923CD105E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{12CEF7A5-066D-442B-AF11-0D89AC89F010}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BDE7754C-7632-49F2-9A84-400D55F52244}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B42D776E-C4D4-4732-A0B8-61BCD632E0E0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{76D0BC88-557A-4D15-A6BD-F2EB58C4F4FB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{78F00D96-E6F3-4349-AF67-D30221BF1806}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0245A02C-F8EC-44BE-ACA0-D086B560A640}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{83F996A1-D5ED-4B53-8FA3-FBD989584CDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{040AA133-280A-4791-9631-C80F73E64ABB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BE5484A7-453F-4382-8D16-27919956217E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{3C155DB7-67A3-4138-93DC-82DD3F9956C3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{6026D766-CEC1-45E2-A51B-E79D50F99064}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{EF0C789F-4811-4240-92F0-08750F7C880F}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Integrated Webcam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/17/2016 12:52:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:52:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:52:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:52:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:52:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:52:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:49:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:14:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:14:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/17/2016 12:13:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (06/17/2016 01:04:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:04:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
Error: (06/17/2016 01:03:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068 = The dependency service or group failed to start.
 
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 27%
Total physical RAM: 6025.02 MB
Available physical RAM: 4350.07 MB
Total Virtual: 12048.21 MB
Available Virtual: 10556.97 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:147.01 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 64582CAE)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

 

 

The Security Processor Loader Driver service is a kernel driver. If the Security Processor Loader Driver fails to load or initialize, the error is logged and the computer attempts to restart with the LastKnownGood configuration. If the LastKnownGood configuration fails, Windows 7 startup also fails, and the boot process halts with a Stop error.

 

 

So I think you need to try and fix this.  

 

Download the attached spldr.zip file.  

 

Attached File  spldr.zip   448bytes   63 downloads

 

Save it then right click and Extract All.  Find spdlr.reg and right click and MERGE

 

reboot and see if that helped.  If not go back into Safe Mode with Networking

 

 

Right click on Computer and select Manage then Device Manager.  View, Show Hidden Devices.  Click on the arrow in front of non-plug and play devices then scroll down until you find spdlr.  It probably has a yellow flag.  Right click on it and select Properties.  If it doesn't say it's started then try to start it.  Do you get an error?

 

When you ran FRST you should have gotten two logs.  You just posted the Addition.txt log.  There should also be a FRST.txt log.  Can you post it?

 

 


  • 0

#3
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by RSB3 (administrator) on 590W7RSB3 (17-06-2016 13:04:42)
Running from C:\Users\RSB3.HENSELPHELPS\Desktop
Loaded Profiles: RSB3 (Available Profiles: UpdatusUser & RSB3 & RSB3)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\RSB3.HENSELPHELPS\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [611192 2011-07-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2011-07-25] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-15] (Dell Inc.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-12-04] ()
HKLM\...\Run: [BbInstallUser] => C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe [48696 2014-07-23] (Bluebeam Software, Inc.)
HKLM\...\Run: [BbPrintMonitor] => C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe [211000 2014-07-23] (Bluebeam Software, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-02] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LANDesk Antivirus] => C:\Program Files (x86)\LANDesk\LDClient\antivirus\LDav.exe [911872 2011-11-22] (LANDesk Software, Inc. and its affiliates.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-13] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\822\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\Run: [Akamai NetSession Interface] => C:\Users\RSB3.HENSELPHELPS\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-12-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156256 2013-12-04] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0 wvauth
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-05-28] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-05-28] (Wave Systems Corp.)
Startup: C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-05-18]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-05-18]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * lsdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.100.102.1
Tcpip\..\Interfaces\{32859399-331D-44E2-BEE4-1A667E4D1B94}: [DhcpNameServer] 10.100.102.1
Tcpip\..\Interfaces\{7828D661-366E-43A5-973A-8B0DA5E29CC3}: [DhcpNameServer] 213.57.2.5 213.57.22.5
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USREL/1
HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.com/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {56408579-CBE9-40B2-A4C5-808AFF2A63A0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {56408579-CBE9-40B2-A4C5-808AFF2A63A0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391 -> DefaultScope {D5F5BEBD-2505-40C8-ABCE-24611C638040} URL = hxxp://www.bing.com/search?q={searchTerms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391 -> {56408579-CBE9-40B2-A4C5-808AFF2A63A0} URL = 
SearchScopes: HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391 -> {D5F5BEBD-2505-40C8-ABCE-24611C638040} URL = hxxp://www.bing.com/search?q={searchTerms}&form=OSDSRC
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-01] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-01] (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-15] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-15] (Oracle Corporation)
DPF: HKLM-x32 {1663ed61-23eb-11d2-b92f-008048fdd814} hxxp://www.isqft.com/Applets/ScriptX/ScriptX.cab
DPF: HKLM-x32 {1FDFCFC3-B893-43E1-9138-4A2D2452A551} hxxps://www.t-mobilepictures.com/myalbum/scripts/downloader/FileDownloader7.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://vpn.henselphelps.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://ibeam4019.eairlink.com/activex/AMC.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-01] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll [2013-07-30] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-07-30] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391: @citrixonline.com/appdetectorplugin -> C:\Users\RSB3.HENSELPHELPS\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-02-14] (Citrix Online)
FF Plugin HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391: LWAPlugin15.8 -> C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2014-11-25] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391: panasonic.com/PanasonicDrmPlugin -> C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Panasonic Avionics Corporation\Panasonic DRM Plugin\1.2.1.0\npPanasonicDrmPlugin.dll [2014-02-06] (Panasonic Avionics Corporation)
FF Plugin HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391: SkypeForBusinessPlugin-16.2 -> C:\Users\RSB3.HENSELPHELPS\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.23\npGatewayNpapi.dll [2016-02-26] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2903611290-4059586168-1443931954-5841391: SkypeForBusinessPlugin64-16.2 -> C:\Users\RSB3.HENSELPHELPS\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.23\npGatewayNpapi-x64.dll [2016-02-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2014-11-25] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\[email protected] => not found
 
Chrome: 
=======
CHR Profile: C:\Users\RSB3.HENSELPHELPS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\RSB3.HENSELPHELPS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\RSB3.HENSELPHELPS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [285176 2016-05-19] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [226064 2016-05-31] (Avira Operations GmbH & Co. KG)
S4 Beck Technology Broker; C:\Program Files (x86)\Beck Technology\Beck Technology Client Broker\btbrkrsvc.exe [159744 2012-06-30] () [File not signed]
S2 CBA8; C:\Program Files (x86)\LANDesk\Shared Files\residentagent.exe [147456 2011-08-01] (Avocent Corporation) [File not signed]
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-05-01] (Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S2 Intel Local Scheduler Service; C:\Program Files (x86)\LANDesk\LDClient\localsch.exe [239776 2015-09-16] (LANDESK Software, Inc. and its affiliates.)
S2 Intel PDS; C:\Windows\SysWOW64\CBA\pds.exe [32825 2007-08-31] (LANDesk Software Ltd.) [File not signed]
S2 ISSUSER; C:\Program Files (x86)\LANDesk\LDClient\issuser.exe [1459200 2011-10-20] (LANDesk Software, Inc. and its affiliates.) [File not signed]
S2 kavehost; C:\Program Files (x86)\LANDesk\LDClient\antivirus\kavehost.exe [91992 2012-03-14] (Kaspersky Lab ZAO)
S2 LANDesk Policy Invoker; C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe [207872 2011-09-29] (LANDesk Software, Inc. and its affiliates.) [File not signed]
S2 LANDesk Targeted Multicast; C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe [179200 2011-10-19] (LANDesk Software, Inc. and its affiliates.) [File not signed]
S2 LANDesk® Out-of-Band Monitor Service; C:\Program Files (x86)\LANDesk\LDClient\amtmon.exe [1058304 2011-10-14] (LANDesk Software, Inc. and its affiliates.) [File not signed]
S2 LDAVService; C:\Program Files (x86)\LANDesk\LDClient\antivirus\avservice.exe [597336 2011-11-23] (LANDesk Software, Inc. and its affiliates.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 MSSQL$BECKTECHNOLOGY; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-11] (Microsoft Corporation)
S2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] () [File not signed]
S2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc.)
S2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc)
S2 SnowInventoryClient; C:\Program Files\INVENTORYCLIENT\client64.exe [4822528 2015-10-16] (Snow Software AB) [File not signed]
S2 Softmon; C:\Program Files (x86)\LANDesk\LDClient\softmon.exe [681128 2015-04-09] (LANDESK Software, Inc. and its affiliates.)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1633280 2011-02-17] () [File not signed]
S2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1600000 2011-07-01] (Wave Systems Corp.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-15] (Dell Inc.) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-04-04] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-04-04] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2012-03-14] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2012-03-14] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [362072 2012-03-14] (Kaspersky Lab)
S3 ldblank; C:\Windows\System32\DRIVERS\ldblank.sys [20992 2011-05-13] (LANDesk Software, Inc. and its affiliates.)
S3 ldmirror; C:\Windows\System32\DRIVERS\ldmirror.sys [5120 2011-05-13] (LANDesk Software, Inc. and its affiliates.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-17] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 mirrorflt; C:\Windows\System32\DRIVERS\mirrorflt.sys [7168 2011-05-13] (LANDesk Software, Inc. and its affiliates.)
S1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-04] (NVIDIA Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
S3 pmem; \??\C:\Users\RSB3~1.HEN\AppData\Local\Temp\_MEI84002\drivers\winpmem64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-17 13:04 - 2016-06-17 13:05 - 00024420 _____ C:\Users\RSB3.HENSELPHELPS\Desktop\FRST.txt
2016-06-17 13:04 - 2016-06-17 13:04 - 02386944 _____ (Farbar) C:\Users\RSB3.HENSELPHELPS\Desktop\FRST64 (1).exe
2016-06-17 13:02 - 2016-06-17 13:04 - 00000000 ____D C:\FRST
2016-06-17 13:02 - 2016-06-17 13:02 - 02386944 _____ (Farbar) C:\Users\RSB3.HENSELPHELPS\Downloads\FRST64.exe
2016-06-17 12:54 - 2016-06-17 12:54 - 00000458 _____ C:\Windows\ntbtlog.txt
2016-06-15 08:17 - 2016-05-18 19:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 08:17 - 2016-05-18 19:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 08:17 - 2016-05-12 20:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-15 08:17 - 2016-05-12 18:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-15 08:17 - 2016-05-12 17:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 08:17 - 2016-05-12 17:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 08:17 - 2016-05-12 16:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 08:16 - 2016-06-06 19:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 08:16 - 2016-06-06 19:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 08:16 - 2016-06-03 16:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 08:16 - 2016-05-27 16:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-15 08:16 - 2016-05-27 16:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 08:16 - 2016-05-27 16:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 08:16 - 2016-05-27 16:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-15 08:16 - 2016-05-22 16:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 08:16 - 2016-05-14 01:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 08:16 - 2016-05-14 01:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 08:16 - 2016-05-14 01:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 08:16 - 2016-05-14 01:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-15 08:16 - 2016-05-14 01:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-15 08:16 - 2016-05-14 00:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 08:16 - 2016-05-14 00:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-15 08:16 - 2016-05-14 00:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 08:16 - 2016-05-14 00:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-15 08:16 - 2016-05-14 00:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 08:16 - 2016-05-12 20:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 08:16 - 2016-05-12 20:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-15 08:16 - 2016-05-12 20:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-15 08:16 - 2016-05-12 20:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-15 08:16 - 2016-05-12 20:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-15 08:16 - 2016-05-12 20:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-15 08:16 - 2016-05-12 20:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 08:16 - 2016-05-12 20:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-15 08:16 - 2016-05-12 20:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-15 08:16 - 2016-05-12 18:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-15 08:16 - 2016-05-12 18:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-15 08:16 - 2016-05-12 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-15 08:16 - 2016-05-12 18:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 08:16 - 2016-05-12 17:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-15 08:16 - 2016-05-12 17:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 08:16 - 2016-05-12 17:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-15 08:16 - 2016-05-12 17:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-15 08:16 - 2016-05-12 17:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-15 08:16 - 2016-05-12 17:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-15 08:16 - 2016-05-12 17:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-06-15 08:16 - 2016-05-12 17:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-15 08:16 - 2016-05-12 17:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-15 08:16 - 2016-05-12 16:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 08:16 - 2016-05-12 16:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 08:16 - 2016-05-11 20:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 08:16 - 2016-05-11 20:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 08:16 - 2016-05-11 20:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 08:16 - 2016-05-11 20:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 08:16 - 2016-05-11 18:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 08:16 - 2016-05-11 18:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 08:16 - 2016-05-11 18:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 08:16 - 2016-05-11 18:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 08:16 - 2016-05-11 18:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-15 08:16 - 2016-05-11 18:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-15 08:16 - 2016-05-11 17:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 08:16 - 2016-03-09 22:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-15 08:16 - 2016-03-09 21:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-15 08:15 - 2016-05-24 02:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-15 08:15 - 2016-05-24 01:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-15 08:15 - 2016-05-21 20:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 08:15 - 2016-05-21 19:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 08:15 - 2016-05-21 01:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-15 08:15 - 2016-05-21 01:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-15 08:15 - 2016-05-21 01:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-15 08:15 - 2016-05-21 01:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-15 08:15 - 2016-05-21 01:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 08:15 - 2016-05-21 01:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-15 08:15 - 2016-05-21 01:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-15 08:15 - 2016-05-21 01:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 08:15 - 2016-05-21 01:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-15 08:15 - 2016-05-21 01:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 08:15 - 2016-05-21 01:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-15 08:15 - 2016-05-21 00:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-15 08:15 - 2016-05-21 00:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 08:15 - 2016-05-21 00:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-15 08:15 - 2016-05-21 00:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-15 08:15 - 2016-05-21 00:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-15 08:15 - 2016-05-21 00:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-15 08:15 - 2016-05-21 00:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-15 08:15 - 2016-05-21 00:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-15 08:15 - 2016-05-21 00:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-15 08:15 - 2016-05-21 00:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-15 08:15 - 2016-05-21 00:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-15 08:15 - 2016-05-21 00:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 08:15 - 2016-05-21 00:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-15 08:15 - 2016-05-21 00:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-15 08:15 - 2016-05-21 00:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-15 08:15 - 2016-05-21 00:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-15 08:15 - 2016-05-21 00:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-15 08:15 - 2016-05-21 00:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-15 08:15 - 2016-05-21 00:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-15 08:15 - 2016-05-21 00:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-15 08:15 - 2016-05-21 00:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-15 08:15 - 2016-05-21 00:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-15 08:15 - 2016-05-21 00:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-15 08:15 - 2016-05-21 00:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 08:15 - 2016-05-21 00:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-15 08:15 - 2016-05-21 00:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-15 08:15 - 2016-05-21 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-15 08:15 - 2016-05-21 00:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-15 08:15 - 2016-05-21 00:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-15 08:15 - 2016-05-21 00:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-15 08:15 - 2016-05-21 00:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-15 08:15 - 2016-05-21 00:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-15 08:15 - 2016-05-21 00:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-15 08:15 - 2016-05-21 00:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-15 08:15 - 2016-05-21 00:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 08:15 - 2016-05-21 00:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-15 08:15 - 2016-05-21 00:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 08:15 - 2016-05-21 00:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-15 08:15 - 2016-05-21 00:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-15 08:15 - 2016-05-21 00:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 08:15 - 2016-05-21 00:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-15 08:15 - 2016-05-21 00:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 08:15 - 2016-05-21 00:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-15 08:15 - 2016-05-21 00:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-15 08:15 - 2016-05-21 00:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-15 08:15 - 2016-05-20 23:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 08:15 - 2016-05-20 23:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 08:15 - 2016-05-20 23:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 08:15 - 2016-05-20 23:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-15 08:15 - 2016-05-20 23:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 08:15 - 2016-05-20 23:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 08:15 - 2016-04-14 19:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-15 08:15 - 2016-04-14 19:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-15 08:15 - 2016-04-14 19:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-15 08:15 - 2016-04-14 19:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-15 08:15 - 2016-04-14 19:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-15 08:15 - 2016-04-14 19:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-15 08:15 - 2016-04-14 18:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-15 08:15 - 2016-04-14 18:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-15 08:15 - 2016-04-14 18:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-15 08:15 - 2016-04-14 18:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-15 08:15 - 2016-04-14 18:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-15 08:15 - 2016-04-14 18:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-15 08:15 - 2016-04-09 09:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 08:15 - 2016-04-09 09:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-15 08:15 - 2016-04-09 09:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-15 08:15 - 2016-04-09 09:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-15 08:15 - 2016-04-09 08:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 08:15 - 2016-04-09 08:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-13 12:52 - 2016-06-13 12:52 - 00142086 _____ C:\Users\RSB3.HENSELPHELPS\Desktop\cc_20160613_125156.reg
2016-06-13 11:32 - 2016-06-13 11:32 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Avira
2016-06-13 11:27 - 2016-06-13 11:27 - 00003432 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2016-06-13 11:27 - 2016-06-13 11:27 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-06-13 11:27 - 2016-06-13 11:27 - 00001002 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-06-13 11:24 - 2016-04-04 17:07 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-06-13 11:24 - 2016-04-04 17:07 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-06-13 11:24 - 2016-04-04 17:07 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-06-13 11:24 - 2016-04-04 17:07 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-06-13 11:21 - 2016-06-13 11:21 - 00001176 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-13 11:20 - 2016-06-13 11:27 - 00000000 ____D C:\ProgramData\Avira
2016-06-13 11:20 - 2016-06-13 11:27 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-13 11:20 - 2016-06-13 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-13 11:19 - 2016-06-13 11:20 - 04630840 _____ (Avira Operations GmbH & Co. KG) C:\Users\RSB3.HENSELPHELPS\Downloads\avira_en_av_575e6cb2edd39__ws.exe
2016-06-13 10:30 - 2016-06-13 11:06 - 00000000 ____D C:\Program Files (x86)\LingoCom
2016-06-13 10:30 - 2016-06-13 10:30 - 00000928 _____ C:\Windows\SysWOW64\winsys.lng
2016-06-13 10:30 - 2016-06-13 10:30 - 00000928 _____ C:\ProgramData\winsys.lng
2016-06-13 10:30 - 2007-05-03 18:00 - 00081920 _____ C:\Windows\SysWOW64\GkSui20.EXE
2016-06-13 10:29 - 2016-06-13 10:29 - 02796627 _____ C:\Users\RSB3.HENSELPHELPS\Downloads\LingoWare-heb.exe
2016-06-09 18:24 - 2016-06-09 19:10 - 00581675 _____ C:\Users\RSB3.HENSELPHELPS\Desktop\Dropbox - courselistingunavailable.pdf
2016-06-09 18:15 - 2016-06-17 03:39 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForRSB3.job
2016-06-09 18:15 - 2016-06-16 18:36 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRSB3
2016-06-09 15:59 - 2016-06-09 15:59 - 00002235 _____ C:\Users\RSB3.HENSELPHELPS\AppData\Local\recently-used.xbel
2016-06-08 13:40 - 2016-06-08 13:40 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\HpReg_Backup
2016-06-08 13:33 - 2016-06-09 18:15 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\AppData\Local\Hewlett-Packard
2016-06-08 13:33 - 2016-06-08 13:33 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Hewlett-Packard
2016-06-08 13:30 - 2016-06-08 13:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-06-08 13:30 - 2016-06-08 13:30 - 00002197 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-06-08 13:30 - 2016-06-08 13:30 - 00000000 ____D C:\System.sav
2016-06-08 13:30 - 2016-06-08 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-06-08 13:29 - 2016-06-08 13:29 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\hpqLog
2016-06-08 13:27 - 2016-06-08 13:51 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2016-06-08 13:26 - 2016-06-08 13:30 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-06-08 13:24 - 2016-06-08 13:24 - 03836976 _____ (Oleg N. Scherbakov) C:\Users\RSB3.HENSELPHELPS\Downloads\HPSupportSolutionsFramework-12.3.11.29.exe
2016-06-06 17:23 - 2016-06-06 17:23 - 00000162 _____ C:\Users\RSB3.HENSELPHELPS\Desktop\Monti 5 5 14_archive.zip
2016-06-06 17:22 - 2016-06-06 17:34 - 00000064 _____ C:\Users\RSB3.HENSELPHELPS\Desktop\Monti 5 5 14.ldb
2016-06-01 14:25 - 2016-06-01 14:25 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\New folder
2016-05-29 10:04 - 2016-05-30 12:47 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\ISRAEL Tel Nof Airbase
2016-05-26 14:48 - 2016-05-26 14:48 - 00268800 _____ C:\Users\RSB3.HENSELPHELPS\Downloads\yazdayrr.xls
2016-05-18 12:38 - 2016-05-18 12:38 - 00330978 _____ C:\Users\RSB3.HENSELPHELPS\Documents\IBA-7644-SIGNAGESCHEDULE.pdf
2016-05-18 12:38 - 2016-05-18 12:38 - 00308761 _____ C:\Users\RSB3.HENSELPHELPS\Documents\IBA-7643-SIGNAGESCHEDULE.pdf
2016-05-18 12:38 - 2016-05-18 12:38 - 00298789 _____ C:\Users\RSB3.HENSELPHELPS\Documents\IBA-7645-SIGNAGESCHEDULE.pdf
2016-05-18 12:38 - 2016-04-20 11:12 - 00265922 _____ C:\Users\RSB3.HENSELPHELPS\Documents\IBA-7646-SIGNAGESCHEDULE.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-17 12:54 - 2014-11-11 10:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 12:50 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-06-17 12:49 - 2012-08-21 20:09 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-17 12:15 - 2009-07-14 08:13 - 00871342 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-17 10:40 - 2011-11-02 00:36 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 10:26 - 2014-02-14 19:48 - 00000608 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2903611290-4059586168-1443931954-5841391.job
2016-06-17 10:26 - 2011-10-26 19:30 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\Outlook Files
2016-06-17 10:15 - 2009-07-14 07:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 10:15 - 2009-07-14 07:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 10:03 - 2015-11-20 20:11 - 00000000 ___RD C:\Users\RSB3.HENSELPHELPS\iCloudDrive
2016-06-17 10:03 - 2012-04-05 18:51 - 00000000 ____D C:\ProgramData\vulScan
2016-06-17 10:01 - 2011-11-02 00:36 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 09:57 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-17 04:29 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache
2016-06-17 03:40 - 2009-07-14 07:45 - 00587760 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-17 03:36 - 2014-12-14 08:35 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-17 03:17 - 2013-07-15 17:46 - 00000000 ____D C:\Windows\system32\MRT
2016-06-17 03:07 - 2011-10-26 18:07 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-16 17:22 - 2014-08-17 14:45 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\Recover Documents
2016-06-16 17:21 - 2014-09-14 06:52 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\AppData\Local\CrashDumps
2016-06-16 17:20 - 2016-05-05 09:53 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\UAV ISRAEL BEST VALUE
2016-06-14 18:16 - 2011-10-18 12:11 - 00000000 ____D C:\ProgramData\Sonic
2016-06-13 16:03 - 2012-04-05 18:54 - 00000000 ____D C:\ProgramData\LANDeskAV
2016-06-13 11:27 - 2014-12-22 15:59 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\Mozilla
2016-06-13 11:20 - 2014-06-12 20:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-13 11:12 - 2014-11-11 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-13 11:12 - 2014-11-11 10:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-13 11:12 - 2012-08-10 20:01 - 00001072 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-13 10:44 - 2009-07-14 08:08 - 00032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-13 10:15 - 2016-03-12 16:57 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\OLD UAV Israel
2016-06-10 13:13 - 2015-02-04 08:35 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Desktop\Randy Personal June 16
2016-06-10 12:58 - 2016-01-08 16:55 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Desktop\Desktop Excel Files
2016-06-09 16:02 - 2012-02-11 18:27 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\.gimp-2.6
2016-06-08 13:39 - 2014-08-10 10:44 - 00000000 ____D C:\ProgramData\HP
2016-06-08 13:30 - 2011-10-18 11:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-08 13:27 - 2011-10-26 19:24 - 00165400 _____ C:\Users\RSB3.HENSELPHELPS\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-08 08:41 - 2013-07-26 23:47 - 00002157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 17:34 - 2016-01-08 17:01 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Desktop\Monti
2016-06-06 17:23 - 2011-11-01 20:50 - 02430976 _____ C:\Users\RSB3.HENSELPHELPS\Desktop\Monti 5 5 14.est
2016-05-29 15:59 - 2014-06-12 01:53 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Documents\Intel Israel
2016-05-27 03:00 - 2015-04-07 04:47 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 03:00 - 2015-04-07 04:47 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-25 11:55 - 2011-10-26 19:21 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\AppData\Local\Microsoft Help
2016-05-24 15:54 - 2015-10-12 09:44 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Desktop\Meptagon October 2015 Histroy
2016-05-24 08:04 - 2009-07-14 08:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-05-22 16:51 - 2013-02-05 01:51 - 00000000 ____D C:\Users\RSB3.HENSELPHELPS\Desktop\Estimating Class
2016-05-19 11:31 - 2015-05-30 17:46 - 00003736 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2903611290-4059586168-1443931954-5841391
2016-05-19 11:31 - 2015-05-30 17:46 - 00000704 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2903611290-4059586168-1443931954-5841391.job
2016-05-19 11:31 - 2014-02-14 19:48 - 00003640 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2903611290-4059586168-1443931954-5841391
2016-05-19 07:08 - 2016-01-07 17:08 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-19 07:05 - 2011-10-26 16:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
 
==================== Files in the root of some directories =======
 
2012-10-03 17:31 - 2013-06-13 17:53 - 7656960 _____ () C:\Program Files (x86)\Common Files\Innovaya BIM Software.msi
2012-08-10 19:33 - 2012-08-10 19:33 - 0000118 _____ () C:\Users\RSB3.HENSELPHELPS\AppData\Roaming\history.Word.pwcdat
2015-05-14 12:54 - 2015-05-14 12:54 - 0004096 ____H () C:\Users\RSB3.HENSELPHELPS\AppData\Local\keyfile3.drm
2016-06-09 15:59 - 2016-06-09 15:59 - 0002235 _____ () C:\Users\RSB3.HENSELPHELPS\AppData\Local\recently-used.xbel
2014-05-08 18:24 - 2015-03-23 11:50 - 0007624 _____ () C:\Users\RSB3.HENSELPHELPS\AppData\Local\Resmon.ResmonCfg
2014-08-10 10:44 - 2014-08-10 10:44 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-08 18:04 - 2015-03-04 08:21 - 0000828 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-01-08 17:28 - 2014-09-16 08:53 - 0000441 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2016-06-13 10:30 - 2016-06-13 10:30 - 0000928 _____ () C:\ProgramData\winsys.lng
 
Files to move or delete:
====================
C:\Users\RSB3.HENSELPHELPS\ccsetup312.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-06-17 00:32
 
==================== End of FRST.txt ============================

  • 0

#4
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Merged splder and it boots (took 4 minutes,) and I can CTRL+ALT+DEL

 

Disk light still stays on constantly


  • 0

#5
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

I booted to the normal system and then ran Google Chrome, check this thread, a few other things, closed it, and it locked up, the hard drive spinning - forever, and I could do nothing. So I did a hard shut down and restarted in safe mode.


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
 
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 
sfc /scannow
 
(SPACE after sfc.  This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close nOtepad.  Close the Command Window.
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.

  • 0

#7
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
Chkdsk is at stage 4 of 5 and is hung up at (360060 of 539888 files processed), over 45 minutes now
  • 0

#8
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
Now 4 hours stuck in the same place
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

If it still hasn't finished it's not going to.  Force it off by holding down the power button or pulling the plug.  Restart it.  Does it run disk check again?


  • 0

#10
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

It gave me the option to run disc check and I bypassed. It boots to windows normal but ran a system file repair operation prior to full boot up. I am currently in full operating mode for the first time just because however the HD is spinning its little tail off and I am sure the lockup will happen again.


  • 0

Advertisements


#11
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Prior to posting here I ran "defraggler by Piriform" and the disc was 23% fragmented. The program indicated the disc was healthy.


  • 0

#12
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
Yep, just froze
  • 0

#13
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
By the way I posted using my phone
  • 0

#14
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
I had opened Outlook and it ran ok. Then opened windows explorer and it ran ok. Then opened a program called Bluebeam (which I use a lot and have a license for) and it did a word search then froze. I let it run while frozen and after hitting ctrl+alt+del the screen finally went black then a window slowly opened that says "Failure to display security and shut down options - then logon process was unable to display security and logon options when CTRL+ALT+DEL was pressed. If the operating system does not respond, press ESC or restart the computer by pressing the power switch.

The whole time the HD light is on solid.
  • 0

#15
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
I did a ccleaner run on the registry before all this happened and saved the registry.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP