Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

MULTIPLE MALWARE IN MY LAPTOP! HELP! :(

Malware Virus Spyware Help

  • Please log in to reply

#31
aevimaob

aevimaob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Scan Before Intel Rapid Storage Technology Update:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by joey (administrator) on JOEY-PC (24-11-2016 22:59:34)
Running from C:\Users\joey\Desktop\Fixer
Loaded Profiles: joey (Available Profiles: joey)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Bentley Systems Inc.) C:\Program Files (x86)\Bentley\Engineering\SPC Server v8i SS4\Bentley.Structural.PropertyCatalog.Server.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-19] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\...\MountPoints2: {a5462f60-adf1-11e5-bcf9-806e6f6e6963} - E:\AutoLauncher.exe
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-12-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP DeskJet 2130 series.lnk [2016-11-24]
ShortcutTarget: Monitor Ink Alerts - HP DeskJet 2130 series.lnk -> C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{54C8C10A-1541-48E5-8BB0-81B76293547E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F885A14C-F9A5-4EAF-8326-A7FE5F25CBD7}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
 
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-10-19]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-17]
CHR Extension: (Chrome Media Router) - C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-10-01]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 Bentley Property Catalog Service; C:\Program Files (x86)\Bentley\Engineering\SPC Server v8i SS4\Bentley.Structural.PropertyCatalog.Server.exe [8704 2015-05-28] (Bentley Systems Inc.) [File not signed]
S3 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-08-11] (Broadcom Corporation.)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [197888 2010-01-22] (SMI)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
U0 aswVmm; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-24 22:58 - 2016-11-24 22:58 - 00614418 _____ C:\Users\joey\Desktop\f6flpy-x64.zip
2016-11-23 23:28 - 2012-07-26 11:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-11-23 23:28 - 2012-07-26 11:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-11-23 23:28 - 2012-07-26 11:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-11-23 23:28 - 2012-07-26 11:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-11-23 23:28 - 2012-07-26 11:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-11-23 23:28 - 2012-07-26 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-11-23 23:28 - 2012-07-26 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-11-23 23:28 - 2012-06-02 22:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-11-23 21:56 - 2015-10-13 12:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-11-23 21:36 - 2013-05-10 13:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-11-23 21:36 - 2013-05-10 11:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-11-23 21:35 - 2016-01-22 14:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-23 21:35 - 2016-01-22 14:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-23 21:35 - 2016-01-22 14:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-23 21:35 - 2016-01-22 14:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-23 21:35 - 2016-01-22 14:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-23 21:35 - 2016-01-22 14:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-23 21:35 - 2016-01-22 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-23 21:35 - 2016-01-22 14:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-11-23 21:35 - 2016-01-22 14:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-11-23 21:35 - 2016-01-22 14:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-23 21:35 - 2016-01-22 14:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-23 21:35 - 2016-01-22 14:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-23 21:35 - 2016-01-22 14:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-11-23 21:35 - 2016-01-22 14:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-23 21:35 - 2016-01-22 14:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-23 21:35 - 2016-01-22 14:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-23 21:35 - 2016-01-22 14:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-23 21:35 - 2016-01-22 14:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-23 21:35 - 2016-01-22 14:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-23 21:35 - 2016-01-22 14:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-23 21:35 - 2016-01-22 14:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-23 21:35 - 2016-01-22 14:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-23 21:35 - 2016-01-22 14:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-23 21:35 - 2016-01-22 14:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-23 21:35 - 2016-01-22 14:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-23 21:35 - 2016-01-22 14:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-23 21:35 - 2016-01-22 14:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-11-23 21:35 - 2016-01-22 14:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-23 21:35 - 2016-01-22 13:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-23 21:35 - 2016-01-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-23 21:35 - 2016-01-22 13:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-23 21:35 - 2016-01-22 12:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-23 21:35 - 2016-01-22 12:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-23 21:35 - 2016-01-22 12:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-23 21:35 - 2016-01-22 12:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-23 21:35 - 2016-01-22 12:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-23 21:35 - 2016-01-22 12:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-23 21:35 - 2016-01-22 12:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-23 21:35 - 2016-01-22 12:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-23 21:35 - 2016-01-22 12:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-23 21:35 - 2016-01-22 12:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-23 21:35 - 2015-09-23 21:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-11-23 21:35 - 2015-09-23 21:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-11-23 21:35 - 2015-09-23 21:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-11-23 21:34 - 2016-05-13 01:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-11-23 21:34 - 2016-05-13 01:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-11-23 21:34 - 2016-05-12 23:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-11-23 21:34 - 2016-05-12 22:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-11-23 21:34 - 2016-05-12 22:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-11-23 21:33 - 2012-11-23 11:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-11-23 21:32 - 2016-05-19 00:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-11-23 21:32 - 2016-05-19 00:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-11-23 21:31 - 2016-03-10 03:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-11-23 21:31 - 2016-03-10 03:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-11-23 21:31 - 2016-03-10 02:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-11-23 21:31 - 2016-03-10 02:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-11-23 21:31 - 2014-10-25 09:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-11-23 21:31 - 2014-10-25 09:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-11-23 21:31 - 2014-07-17 10:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-11-23 21:31 - 2014-07-17 10:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-11-23 21:31 - 2014-07-17 09:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-11-23 21:31 - 2014-07-17 09:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-11-23 21:31 - 2014-07-17 09:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-11-23 21:31 - 2014-07-17 09:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2016-11-23 21:31 - 2014-07-17 09:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-11-23 21:31 - 2014-07-17 09:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-11-23 21:31 - 2013-02-15 14:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-11-23 21:31 - 2013-02-15 14:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-11-23 21:31 - 2013-02-15 11:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-11-23 21:31 - 2012-04-26 13:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2016-11-23 21:31 - 2012-04-26 13:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2016-11-23 21:28 - 2016-03-10 02:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-11-23 21:28 - 2016-03-10 02:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-11-23 21:28 - 2015-11-04 03:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-11-23 21:28 - 2015-11-04 02:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-11-23 21:28 - 2014-12-08 11:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-11-23 21:28 - 2014-12-08 10:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-11-23 21:28 - 2013-05-13 13:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-23 21:28 - 2013-05-13 13:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-23 21:28 - 2013-05-13 13:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-23 21:28 - 2013-05-13 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-11-23 21:28 - 2013-05-13 12:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-23 21:28 - 2013-05-13 12:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-23 21:28 - 2013-05-13 12:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-23 21:28 - 2013-05-13 11:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-11-23 21:28 - 2013-05-13 11:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-11-23 21:28 - 2013-05-13 11:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-11-23 21:28 - 2013-01-24 14:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-11-23 21:28 - 2011-02-18 18:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2016-11-23 21:28 - 2011-02-18 13:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2016-11-23 21:28 - 2011-02-12 19:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2016-11-23 21:27 - 2013-10-12 10:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-11-23 21:27 - 2013-10-12 10:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-11-23 21:27 - 2013-10-12 10:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-11-23 21:27 - 2013-10-12 10:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-11-23 21:27 - 2013-10-12 09:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-11-23 21:27 - 2013-10-12 09:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-11-23 21:27 - 2013-10-12 09:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-11-23 21:27 - 2013-10-12 09:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-11-23 21:27 - 2011-08-27 13:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-23 21:27 - 2011-08-27 13:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-11-23 21:27 - 2011-08-27 12:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-23 21:27 - 2011-08-27 12:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-11-23 21:26 - 2014-08-23 08:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-23 21:26 - 2012-06-06 14:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2016-11-23 21:26 - 2012-06-06 13:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2016-11-23 21:25 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-23 21:25 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-11-23 21:25 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-11-23 21:18 - 2016-04-15 00:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-11-23 21:18 - 2016-04-15 00:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-11-23 21:18 - 2016-04-14 23:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-11-23 21:18 - 2016-04-14 23:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-11-23 21:16 - 2012-03-01 14:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-11-23 21:16 - 2012-03-01 14:38 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-23 21:16 - 2012-03-01 14:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-11-23 21:16 - 2012-03-01 14:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-11-23 21:16 - 2012-03-01 13:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-23 21:16 - 2012-03-01 13:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-11-23 21:16 - 2012-03-01 13:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-11-22 22:30 - 2014-03-10 05:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-11-22 22:30 - 2014-03-10 05:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-11-22 22:30 - 2014-03-10 05:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-11-22 22:30 - 2014-03-10 05:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-11-22 22:29 - 2014-07-01 06:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-11-22 22:29 - 2014-07-01 06:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-11-22 22:28 - 2014-06-06 14:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-11-22 22:28 - 2014-06-06 14:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-11-22 22:19 - 2016-04-09 14:58 - 01190912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-11-22 22:19 - 2016-04-09 14:54 - 01011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-11-22 22:19 - 2015-02-04 11:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-11-22 22:19 - 2015-02-04 10:54 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-11-22 22:19 - 2013-10-12 10:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-11-22 22:19 - 2013-10-12 10:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-11-22 22:19 - 2013-10-12 10:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-11-22 22:19 - 2013-10-12 10:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-11-22 22:19 - 2013-10-12 10:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-11-22 22:19 - 2013-08-28 09:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-22 22:18 - 2016-11-22 22:18 - 00000000 ____D C:\Users\joey\AppData\Local\Intel
2016-11-22 22:17 - 2016-11-22 22:17 - 00001170 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.6.lnk
2016-11-22 22:17 - 2016-11-22 22:17 - 00001170 _____ C:\ProgramData\Desktop\Intel® Driver Update Utility 2.6.lnk
2016-11-22 22:17 - 2016-11-22 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-11-22 22:16 - 2016-11-22 22:17 - 00003036 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_WILLAMETTE
2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\ProgramData\Intel
2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-11-22 22:16 - 2015-06-04 13:33 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2016-11-22 22:15 - 2016-11-22 22:16 - 00000000 ____D C:\Program Files\Intel
2016-11-22 22:15 - 2016-11-22 22:15 - 00000000 ____D C:\Windows\System32\Tasks\Intel
2016-11-22 22:10 - 2016-11-22 22:11 - 07491840 _____ (Intel) C:\Users\joey\Desktop\Intel Driver Update Utility Installer.exe
2016-11-22 21:25 - 2016-11-22 21:25 - 00000000 ____D C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-11-22 21:17 - 2016-11-22 21:17 - 00000000 ____D C:\Users\joey\AppData\Local\WOP
2016-11-22 20:47 - 2012-02-17 14:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-11-22 20:47 - 2012-02-17 13:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-11-22 20:47 - 2012-02-17 12:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2016-11-22 17:04 - 2016-11-22 17:04 - 00008408 _____ C:\Users\joey\Desktop\System Idle Process.txt
2016-11-22 16:40 - 2015-10-21 02:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-22 16:40 - 2015-10-21 02:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-22 16:40 - 2015-10-21 02:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-11-22 16:40 - 2015-10-21 02:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-22 16:40 - 2015-10-21 02:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-11-22 16:40 - 2015-10-21 01:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-11-22 16:28 - 2016-11-22 16:28 - 00000000 ____D C:\938b87c6511940c1d7a2020a
2016-11-22 15:50 - 2016-11-22 15:50 - 00000000 ____D C:\Windows\CheckSur
2016-11-22 15:11 - 2016-11-22 15:15 - 00000000 ____D C:\cd78eb130dfc5629d94061bab981
2016-11-22 00:38 - 2016-11-22 00:38 - 01020722 _____ C:\Users\joey\Documents\t shirts prints 2.pptx
2016-11-22 00:31 - 2016-11-22 00:39 - 00524626 _____ C:\Users\joey\Documents\t shirt prints.pptx
2016-11-20 22:03 - 2016-11-20 22:08 - 00006725 _____ C:\junk.txt
2016-11-20 19:42 - 2016-11-24 22:59 - 00000000 ____D C:\Users\joey\Desktop\Fixer
2016-11-20 15:09 - 2016-11-20 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-11-20 15:09 - 2016-11-20 15:09 - 00000000 ____D C:\Program Files\Speccy
2016-11-20 14:56 - 2016-11-20 14:57 - 00001067 _____ C:\VEW.txt
2016-11-20 13:58 - 2016-11-20 13:59 - 00000000 ____D C:\Users\joey\Desktop\Right
2016-11-20 13:53 - 2016-11-22 00:32 - 00000000 ____D C:\Users\joey\Desktop\Left
2016-11-19 21:06 - 2016-11-24 22:59 - 00000000 ____D C:\FRST
2016-11-19 20:56 - 2016-11-19 20:57 - 00084442 _____ C:\Windows\ntbtlog.txt
2016-11-19 20:56 - 2016-11-19 20:56 - 319663712 _____ C:\Windows\MEMORY.DMP
2016-11-19 20:56 - 2016-11-19 20:56 - 00292320 _____ C:\Windows\Minidump\111916-27315-01.dmp
2016-11-19 20:56 - 2016-11-19 20:56 - 00000000 ____D C:\Windows\Minidump
2016-11-19 16:24 - 2016-11-20 06:32 - 00000000 ____D C:\AdwCleaner
2016-11-19 10:59 - 2016-11-19 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-19 10:44 - 2016-11-19 10:44 - 00000000 ____D C:\Users\joey\AppData\Roaming\AVG
2016-11-19 10:40 - 2016-11-19 10:40 - 00000000 ____D C:\Users\joey\AppData\Roaming\TuneUp Software
2016-11-19 10:29 - 2016-11-20 08:58 - 00000000 ____D C:\ProgramData\MFAData
2016-11-19 10:29 - 2016-11-19 10:29 - 00000000 ____D C:\Users\joey\AppData\Local\MFAData
2016-11-19 10:12 - 2016-11-19 10:13 - 03312392 _____ (AVG Technologies CZ, s.r.o.) C:\Users\joey\Downloads\AVG_Performance_709 (1).exe
2016-11-19 10:07 - 2016-11-19 10:08 - 03312392 _____ (AVG Technologies CZ, s.r.o.) C:\Users\joey\Downloads\AVG_Performance_709.exe
2016-11-19 10:06 - 2016-11-20 09:21 - 00000000 ____D C:\Users\joey\AppData\Local\AvgSetupLog
2016-11-19 10:06 - 2016-11-20 09:21 - 00000000 ____D C:\ProgramData\Avg
2016-11-19 10:06 - 2016-11-20 08:58 - 00000000 ____D C:\Users\joey\AppData\Local\Avg
2016-11-19 10:05 - 2016-11-19 10:06 - 03312896 _____ (AVG Technologies CZ, s.r.o.) C:\Users\joey\Downloads\AVG_Protection_Free_1606.exe
2016-10-27 23:55 - 2016-10-27 23:58 - 16112168 _____ (EaseUS ) C:\Users\joey\Downloads\drw_trial.exe
2016-10-27 23:54 - 2016-10-27 23:56 - 04426120 _____ (Piriform Ltd) C:\Users\joey\Downloads\rcsetup152.exe
2016-10-27 01:20 - 2016-11-23 21:21 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-10-27 01:19 - 2016-11-23 21:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-10-27 01:19 - 2016-11-23 21:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-10-27 00:51 - 2016-10-27 00:51 - 00925628 _____ C:\Users\joey\Documents\duplicate.txt
2016-10-26 04:05 - 2016-11-19 22:52 - 00007596 _____ C:\Users\joey\AppData\Local\Resmon.ResmonCfg
2016-10-25 22:53 - 2016-10-25 22:57 - 08270712 _____ (Piriform Ltd) C:\Users\joey\Downloads\ccsetup523.exe
2016-10-25 22:50 - 2016-10-25 22:58 - 00000000 ____D C:\Users\joey\Downloads\New folder
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-24 22:59 - 2016-10-19 19:24 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-24 22:59 - 2016-10-19 19:24 - 00000000 ____D C:\ProgramData\Documents\AdobeGC
2016-11-24 22:57 - 2009-07-14 12:45 - 00021088 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-24 22:57 - 2009-07-14 12:45 - 00021088 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-24 22:50 - 2015-12-29 08:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-24 22:50 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\tracing
2016-11-24 22:48 - 2016-10-24 00:43 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-11-24 22:48 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-24 22:05 - 2015-12-29 08:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-24 20:27 - 2009-07-14 13:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-24 20:27 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
2016-11-24 19:24 - 2015-12-28 22:52 - 00774004 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-24 18:41 - 2015-12-28 22:17 - 00220088 _____ C:\Users\joey\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-24 18:38 - 2009-07-14 12:45 - 00748552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-23 23:37 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-11-23 21:21 - 2016-10-24 17:50 - 00001945 _____ C:\Windows\epplauncher.mif
2016-11-22 22:14 - 2015-12-28 22:55 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-22 21:17 - 2016-10-14 17:38 - 00000000 ____D C:\Users\joey\AppData\Local\Wings of Prey
2016-11-22 00:04 - 2015-12-28 22:25 - 00000000 ____D C:\Users\joey\Documents\Bluetooth Exchange Folder
2016-11-20 18:15 - 2009-07-14 13:08 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-20 08:44 - 2016-10-24 08:16 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-19 20:43 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-17 07:18 - 2016-09-07 20:38 - 00000452 __RSH C:\ProgramData\ntuser.pol
2016-11-15 10:26 - 2015-12-29 08:50 - 00000000 ____D C:\Users\joey\AppData\Local\Google
2016-11-01 10:54 - 2015-12-28 23:03 - 00000000 ____D C:\Users\joey\AppData\Local\Autodesk
2016-10-30 14:55 - 2015-12-29 00:08 - 00000000 ____D C:\Users\joey\AppData\Roaming\vlc
2016-10-28 09:22 - 2010-11-21 11:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-28 00:25 - 2015-12-28 22:15 - 00000000 ____D C:\Users\joey
2016-10-26 19:51 - 2016-10-24 09:02 - 00000000 ____D C:\Windows\pss
2016-10-25 23:24 - 2015-12-29 14:01 - 00000000 ____D C:\Windows\Panther
2016-10-25 23:24 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\ModemLogs
2016-10-25 05:26 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\Vss
 
==================== Files in the root of some directories =======
 
2016-08-30 22:26 - 2016-08-30 22:26 - 0003584 _____ () C:\Users\joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-26 04:05 - 2016-11-19 22:52 - 0007596 _____ () C:\Users\joey\AppData\Local\Resmon.ResmonCfg
2015-12-29 08:45 - 2015-12-29 08:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-10-01 20:40 - 2016-10-01 20:40 - 0000092 _____ () C:\ProgramData\CameraRecorder.ini
2015-12-28 23:02 - 2015-12-28 23:02 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
Some files in TEMP:
====================
C:\Users\joey\AppData\Local\Temp\libeay32.dll
C:\Users\joey\AppData\Local\Temp\msvcr120.dll
C:\Users\joey\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-16 22:24
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by joey (24-11-2016 23:03:39)
Running from C:\Users\joey\Desktop\Fixer
Windows 7 Professional Service Pack 1 (X64) (2015-12-28 14:14:57)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3334329050-1205438810-3444544024-500 - Administrator - Disabled)
Guest (S-1-5-21-3334329050-1205438810-3444544024-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3334329050-1205438810-3444544024-1002 - Limited - Enabled)
joey (S-1-5-21-3334329050-1205438810-3444544024-1000 - Administrator - Enabled) => C:\Users\joey
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.1.4 - Intel) Hidden
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.18 - Adobe Systems)
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Bentley OpenSTAADOEM (HKLM-x32\...\{4F180E04-ED69-40A7-95F0-2228E5C60AB2}) (Version: 08.02.09.41 - Bentley Systems, Inc.)
Bentley SPC Server v8i SS4 (HKLM-x32\...\{C88234D5-2327-4B3D-9D75-9F2749930B04}) (Version: 8.11.11.14 - Bentley Systems, Inc.)
Bentley Structure Property Catalog V8i SS4 v3.1.4.2 (HKLM-x32\...\{1D70E5D3-34E6-4EE8-BFB7-AB1DDC8DE0D1}) (Version: 3.1.4.2 - Bentley Systems, Inc.)
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.62 - Conexant)
DriverDoc (x32 Version: 1.3.2 - Solvusoft Corporation) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.1.8 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HP DeskJet 2130 series Basic Device Software (HKLM\...\{54A80AED-ADB5-4D32-83F2-A9A5DF4ED2C1}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
HP DeskJet 2130 series Help (HKLM-x32\...\{1CDFD3C9-BDF8-4DDC-BDA2-EBC53F938B5F}) (Version: 35.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: 5.38.2.4 - Silicon Motion)
Lenovo EasyCamera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.38.2.4 - Silicon Motion)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{DFB19121-0609-49C1-92B1-546E5A940FE8}) (Version: 2.0.1.7 - Lenovo)
PipeLink for STAAD.Pro V8i (Build 20.14.11.04) (HKLM-x32\...\{A7979F57-9431-4CD4-AE4B-50D407EBA400}) (Version: 20.14.11.04 - Bentley Systems, Inc.)
Product Improvement Study for HP DeskJet 2130 series (HKLM\...\{EA4DB54A-FAE0-4FDA-A66D-AEB8F5FFBE83}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
STAAD.foundation V8i (SELECTseries 4) Release 5.3 (HKLM-x32\...\{EF9432B0-F705-46FB-A864-2AE17F571E7A}) (Version: 05.03.00.37 - Bentley Systems Inc.)
STAAD.Pro V8i SELECTseries 6 (HKLM-x32\...\{8A6D0892-27A0-4429-8C85-15DCF73B8529}) (Version: 20.07.11.33 - Bentley Systems, Inc.)
StrucLink for STAAD.Pro V8i (Build 20.14.11.05) (HKLM-x32\...\{127FE612-C33A-410E-B11C-A98025A6D366}) (Version: 20.14.11.05 - Bentley Systems, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07A4E17E-2754-4ABC-9DC1-56D3B567F958} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {0C5C2AE7-2A0A-4B92-89CE-0C7DC5936A1B} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {609C0955-D202-4C46-BAC3-0A17B40E1164} - System32\Tasks\HPCustParticipation HP DeskJet 2130 series => C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe [2015-04-09] (Hewlett-Packard Development Company, LP)
Task: {6EE67162-914F-4D4F-9E54-0D68466C69FB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {7819E578-BC76-4965-AE5B-8AD3811D046D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-04] (Google Inc.)
Task: {9CF4B069-B9B9-459D-BDEA-90E57B63868F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {F18AC037-012D-451D-AB2D-6C2AE1296242} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-04] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-28 22:28 - 2009-12-19 02:52 - 00201120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2015-12-28 22:28 - 2009-12-19 02:53 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 00256152 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\analyzer.dll
2015-12-28 22:28 - 2009-12-19 02:52 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2009-08-11 16:59 - 2009-08-11 16:59 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2016-11-22 22:16 - 2016-06-08 18:07 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-11-22 22:16 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-11-22 22:16 - 2016-06-08 18:17 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-11-22 22:16 - 2016-06-08 18:12 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-11-22 22:16 - 2016-06-08 18:15 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-11-22 22:16 - 2016-06-08 18:17 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-11-22 22:16 - 2016-06-08 18:17 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-11-22 22:16 - 2016-06-08 18:15 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2015-12-28 22:19 - 2009-12-23 17:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-12-28 22:28 - 2009-12-19 02:50 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2015-12-28 22:28 - 2009-12-19 02:51 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2015-12-28 23:04 - 2016-02-24 12:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-12-28 23:04 - 2016-02-24 12:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-11-15 11:09 - 2016-11-09 04:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 11:09 - 2016-11-09 04:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-10-24 23:58 - 2016-10-26 21:14 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\joey\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: BitTorrent => "C:\Users\joey\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FC761DEB-9513-494F-AF3B-A2BB17AD68AC}] => (Allow) LPort=50248
FirewallRules: [{71AA814A-4BC7-4225-B86F-64CE3514385B}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe
FirewallRules: [{4B08A3D5-E199-4CE6-83E5-A7E9601BAE46}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{EE75F78E-92CE-4569-8889-D616C60B0D39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4BF0C8D7-D3A3-4A23-A1EC-0AF6CB55242A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D0C1DD3E-2A61-4EB0-ABEC-0FBD2AF9DF7B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
 
==================== Restore Points =========================
 
15-11-2016 18:54:57 Windows Update
19-11-2016 10:30:18 Installed AVG 2016
19-11-2016 10:33:45 Installed AVG
19-11-2016 16:32:46 JRT Pre-Junkware Removal
19-11-2016 16:46:46 Windows Update
20-11-2016 08:37:32 Removed AVG
20-11-2016 08:44:26 Removed AVG 2016
20-11-2016 09:05:18 Removed Visual Studio 2012 x64 Redistributables
20-11-2016 09:22:49 Removed Visual Studio 2012 x86 Redistributables
20-11-2016 09:24:18 Removed Visual Studio 2012 x64 Redistributables
22-11-2016 15:49:06 Windows Update
22-11-2016 16:40:21 Windows Update
22-11-2016 16:55:55 Windows Update
22-11-2016 22:14:19 Intel® Driver Update Utility
22-11-2016 22:23:39 Windows Update
23-11-2016 21:15:30 Windows Update
23-11-2016 22:09:11 Windows Update
24-11-2016 18:58:51 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/24/2016 10:50:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/24/2016 08:21:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/24/2016 06:48:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/24/2016 06:41:40 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Web.RegularExpressions, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (11/24/2016 06:39:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (11/23/2016 11:41:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dw20.exe, version: 2.0.50727.4927, time stamp: 0x4a275ab7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x11d8
Faulting application start time: 0x01d2459ff7cf34a6
Faulting application path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
Faulting module path: unknown
Report Id: 3dc70afb-b193-11e6-8329-70f3954bf046
 
Error: (11/23/2016 11:41:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UNS.exe, version: 6.0.0.1202, time stamp: 0x4b203de1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0xa78
Faulting application start time: 0x01d245901ff6662c
Faulting application path: C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
Faulting module path: unknown
Report Id: 3c02c586-b193-11e6-8329-70f3954bf046
 
Error: (11/23/2016 11:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AdAppMgrSvc.exe, version: 5.0.142.14, time stamp: 0x56cd31d5
Faulting module name: msxml3.dll_unloaded, version: 0.0.0.0, time stamp: 0x4ce7b8e9
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x810
Faulting application start time: 0x01d2459005a5d09e
Faulting application path: C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
Faulting module path: msxml3.dll
Report Id: 36d7486e-b193-11e6-8329-70f3954bf046
 
Error: (11/23/2016 11:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 9.5.6.1002, time stamp: 0x4b32c4bd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x%9
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
 
Error: (11/23/2016 11:40:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LMS.exe, version: 6.0.30.1202, time stamp: 0x4b203d8b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x7dc
Faulting application start time: 0x01d2458fb1c1bbd2
Faulting application path: C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
Faulting module path: unknown
Report Id: 313e4c09-b193-11e6-8329-70f3954bf046
 
 
System errors:
=============
Error: (11/24/2016 08:16:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
 
Error: (11/24/2016 08:15:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service.
 
Error: (11/24/2016 08:13:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.233.216.0
 
Update Source: Microsoft Update Server
 
Update Stage: Download
 
 
Signature Type: AntiVirus
 
Update Type: Full
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: 
 
Previous Engine Version: 1.1.13303.0
 
Error code: 0x8024001e
 
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
 
Error: (11/24/2016 08:13:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.233.216.0
 
Update Source: Microsoft Update Server
 
Update Stage: Download
 
 
Signature Type: AntiVirus
 
Update Type: Full
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: 
 
Previous Engine Version: 1.1.13303.0
 
Error code: 0x8024001e
 
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
 
Error: (11/24/2016 08:13:19 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (11/23/2016 11:43:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
 
Error: (11/23/2016 11:42:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service.
 
Error: (11/23/2016 11:42:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LMS service.
 
Error: (11/23/2016 11:41:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IAStorDataMgrSvc service.
 
Error: (11/23/2016 11:41:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Autodesk Application Manager Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
CodeIntegrity:
===================================
  Date: 2016-10-26 02:45:19.803
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:19.787
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:19.756
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:19.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:19.725
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:19.693
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:11.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:11.815
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:11.800
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-26 02:45:11.769
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 73%
Total physical RAM: 1974.85 MB
Available physical RAM: 523.89 MB
Total Virtual: 4935.85 MB
Available Virtual: 3055.7 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:195.21 GB) (Free:122.79 GB) NTFS
Drive d: (Data) (Fixed) (Total:269.36 GB) (Free:221.84 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=269.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1.1 GB) - (Type=12)
 
==================== End of Addition.txt ============================

  • 0

Advertisements


#32
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
1.  Download the Intel® Rapid Storage Technology setup file
    and double-click to self-extract and to begin the setup 
    process (file Name example: SetupRST.exe).
 
2.  The Welcome window appears. Click 'Next' to continue.
 
3.  For systems running in RAID mode, the Uninstallation Warning window
    appears. You will not be able to uninstall the driver in this mode.
    Click 'Next' to continue.
 
4.  The Software License Agreement window appears. If you agree to these
    terms, click the check box then click 'Yes' to continue.
 
5.  The Readme File Information window appears. Review the information
    then Click 'Next' to continue.
 
6.  The Choose Destination Folder window appears. Type in a desired
    location for the installation files or choose the default.
    Click 'Next' to continue.
 
7.  The Confirmation window appears. At this point you are about to begin
    the file copy portion of thie installation.  Click 'Next' 
    to continue installing the driver and other SW components.
 
8.  If the Windows Automated Installer* Wizard Complete window 
    is shown without a prompt to restart the system, click 
    'Finish' and proceed to step 9. If it is shown with a 
    prompt to restart the system, select 'Yes, I want to 
    restart my computer now.' (selected by default) and 
    click 'Finish'. Once the system has restarted,
    proceed to step 9.
 
9.  To verify that the driver was loaded correctly, refer 
    to section 6.

  • 0






Similar Topics


Also tagged with one or more of these keywords: Malware, Virus, Spyware Help

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP