Scan Before Intel Rapid Storage Technology Update:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by joey (administrator) on JOEY-PC (24-11-2016 22:59:34)
Running from C:\Users\joey\Desktop\Fixer
Loaded Profiles: joey (Available Profiles: joey)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Bentley Systems Inc.) C:\Program Files (x86)\Bentley\Engineering\SPC Server v8i SS4\Bentley.Structural.PropertyCatalog.Server.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-19] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\...\MountPoints2: {a5462f60-adf1-11e5-bcf9-806e6f6e6963} - E:\AutoLauncher.exe
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-12-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP DeskJet 2130 series.lnk [2016-11-24]
ShortcutTarget: Monitor Ink Alerts - HP DeskJet 2130 series.lnk -> C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{54C8C10A-1541-48E5-8BB0-81B76293547E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F885A14C-F9A5-4EAF-8326-A7FE5F25CBD7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-10-01] (Adobe Systems Incorporated)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-10-19]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-17]
CHR Extension: (Chrome Media Router) - C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-10-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 Bentley Property Catalog Service; C:\Program Files (x86)\Bentley\Engineering\SPC Server v8i SS4\Bentley.Structural.PropertyCatalog.Server.exe [8704 2015-05-28] (Bentley Systems Inc.) [File not signed]
S3 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-08-11] (Broadcom Corporation.)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [197888 2010-01-22] (SMI)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
U0 aswVmm; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-24 22:58 - 2016-11-24 22:58 - 00614418 _____ C:\Users\joey\Desktop\f6flpy-x64.zip
2016-11-23 23:28 - 2012-07-26 11:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-11-23 23:28 - 2012-07-26 11:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-11-23 23:28 - 2012-07-26 11:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-11-23 23:28 - 2012-07-26 11:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-11-23 23:28 - 2012-07-26 11:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-11-23 23:28 - 2012-07-26 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-11-23 23:28 - 2012-07-26 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-11-23 23:28 - 2012-06-02 22:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-11-23 21:56 - 2015-10-13 12:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-11-23 21:36 - 2013-05-10 13:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-11-23 21:36 - 2013-05-10 11:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-11-23 21:35 - 2016-01-22 14:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-23 21:35 - 2016-01-22 14:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-23 21:35 - 2016-01-22 14:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-23 21:35 - 2016-01-22 14:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-23 21:35 - 2016-01-22 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-23 21:35 - 2016-01-22 14:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-23 21:35 - 2016-01-22 14:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-23 21:35 - 2016-01-22 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-23 21:35 - 2016-01-22 14:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-11-23 21:35 - 2016-01-22 14:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-11-23 21:35 - 2016-01-22 14:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-23 21:35 - 2016-01-22 14:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-23 21:35 - 2016-01-22 14:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-23 21:35 - 2016-01-22 14:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-11-23 21:35 - 2016-01-22 14:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-23 21:35 - 2016-01-22 14:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-23 21:35 - 2016-01-22 14:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-23 21:35 - 2016-01-22 14:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-23 21:35 - 2016-01-22 14:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-23 21:35 - 2016-01-22 14:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-23 21:35 - 2016-01-22 14:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-23 21:35 - 2016-01-22 14:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-23 21:35 - 2016-01-22 14:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-23 21:35 - 2016-01-22 14:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-23 21:35 - 2016-01-22 14:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 14:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-23 21:35 - 2016-01-22 14:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-23 21:35 - 2016-01-22 14:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-23 21:35 - 2016-01-22 14:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-23 21:35 - 2016-01-22 14:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-11-23 21:35 - 2016-01-22 14:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-11-23 21:35 - 2016-01-22 14:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 13:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-23 21:35 - 2016-01-22 13:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-23 21:35 - 2016-01-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-23 21:35 - 2016-01-22 13:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-23 21:35 - 2016-01-22 12:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-23 21:35 - 2016-01-22 12:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-23 21:35 - 2016-01-22 12:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-23 21:35 - 2016-01-22 12:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-23 21:35 - 2016-01-22 12:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-23 21:35 - 2016-01-22 12:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-23 21:35 - 2016-01-22 12:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-23 21:35 - 2016-01-22 12:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-23 21:35 - 2016-01-22 12:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-23 21:35 - 2016-01-22 12:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-23 21:35 - 2016-01-22 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-23 21:35 - 2015-09-23 21:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-11-23 21:35 - 2015-09-23 21:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-11-23 21:35 - 2015-09-23 21:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-11-23 21:34 - 2016-05-13 01:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-11-23 21:34 - 2016-05-13 01:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-11-23 21:34 - 2016-05-13 01:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-11-23 21:34 - 2016-05-12 23:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-11-23 21:34 - 2016-05-12 23:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-11-23 21:34 - 2016-05-12 22:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-11-23 21:34 - 2016-05-12 22:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-11-23 21:33 - 2012-11-23 11:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-11-23 21:32 - 2016-05-19 00:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-11-23 21:32 - 2016-05-19 00:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-11-23 21:31 - 2016-03-10 03:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-11-23 21:31 - 2016-03-10 03:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-11-23 21:31 - 2016-03-10 02:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-11-23 21:31 - 2016-03-10 02:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-11-23 21:31 - 2014-10-25 09:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-11-23 21:31 - 2014-10-25 09:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-11-23 21:31 - 2014-07-17 10:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-11-23 21:31 - 2014-07-17 10:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-11-23 21:31 - 2014-07-17 10:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-11-23 21:31 - 2014-07-17 09:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-11-23 21:31 - 2014-07-17 09:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-11-23 21:31 - 2014-07-17 09:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-11-23 21:31 - 2014-07-17 09:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2016-11-23 21:31 - 2014-07-17 09:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-11-23 21:31 - 2014-07-17 09:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-11-23 21:31 - 2013-02-15 14:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-11-23 21:31 - 2013-02-15 14:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-11-23 21:31 - 2013-02-15 11:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-11-23 21:31 - 2012-04-26 13:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2016-11-23 21:31 - 2012-04-26 13:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2016-11-23 21:28 - 2016-03-10 02:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-11-23 21:28 - 2016-03-10 02:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-11-23 21:28 - 2015-11-04 03:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-11-23 21:28 - 2015-11-04 02:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-11-23 21:28 - 2014-12-08 11:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-11-23 21:28 - 2014-12-08 10:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-11-23 21:28 - 2013-05-13 13:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-23 21:28 - 2013-05-13 13:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-23 21:28 - 2013-05-13 13:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-23 21:28 - 2013-05-13 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-11-23 21:28 - 2013-05-13 12:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-23 21:28 - 2013-05-13 12:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-23 21:28 - 2013-05-13 12:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-23 21:28 - 2013-05-13 11:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-11-23 21:28 - 2013-05-13 11:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-11-23 21:28 - 2013-05-13 11:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-11-23 21:28 - 2013-01-24 14:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-11-23 21:28 - 2011-02-18 18:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2016-11-23 21:28 - 2011-02-18 13:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2016-11-23 21:28 - 2011-02-12 19:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2016-11-23 21:27 - 2013-10-12 10:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-11-23 21:27 - 2013-10-12 10:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-11-23 21:27 - 2013-10-12 10:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-11-23 21:27 - 2013-10-12 10:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-11-23 21:27 - 2013-10-12 09:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-11-23 21:27 - 2013-10-12 09:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-11-23 21:27 - 2013-10-12 09:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-11-23 21:27 - 2013-10-12 09:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-11-23 21:27 - 2011-08-27 13:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-23 21:27 - 2011-08-27 13:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-11-23 21:27 - 2011-08-27 12:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-23 21:27 - 2011-08-27 12:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-11-23 21:26 - 2014-08-23 08:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-23 21:26 - 2012-06-06 14:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2016-11-23 21:26 - 2012-06-06 13:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2016-11-23 21:25 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-23 21:25 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-11-23 21:25 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-11-23 21:18 - 2016-04-15 00:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-11-23 21:18 - 2016-04-15 00:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-11-23 21:18 - 2016-04-15 00:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-11-23 21:18 - 2016-04-14 23:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-11-23 21:18 - 2016-04-14 23:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-11-23 21:18 - 2016-04-14 23:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-11-23 21:16 - 2012-03-01 14:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-11-23 21:16 - 2012-03-01 14:38 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-23 21:16 - 2012-03-01 14:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-11-23 21:16 - 2012-03-01 14:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-11-23 21:16 - 2012-03-01 13:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-23 21:16 - 2012-03-01 13:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-11-23 21:16 - 2012-03-01 13:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-11-22 22:30 - 2014-03-10 05:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-11-22 22:30 - 2014-03-10 05:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-11-22 22:30 - 2014-03-10 05:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-11-22 22:30 - 2014-03-10 05:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-11-22 22:29 - 2014-07-01 06:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-11-22 22:29 - 2014-07-01 06:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-11-22 22:28 - 2014-06-06 14:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-11-22 22:28 - 2014-06-06 14:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-11-22 22:19 - 2016-04-09 14:58 - 01190912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-11-22 22:19 - 2016-04-09 14:54 - 01011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-11-22 22:19 - 2015-02-04 11:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-11-22 22:19 - 2015-02-04 10:54 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-11-22 22:19 - 2013-10-12 10:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-11-22 22:19 - 2013-10-12 10:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-11-22 22:19 - 2013-10-12 10:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-11-22 22:19 - 2013-10-12 10:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-11-22 22:19 - 2013-10-12 10:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-11-22 22:19 - 2013-08-28 09:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-22 22:18 - 2016-11-22 22:18 - 00000000 ____D C:\Users\joey\AppData\Local\Intel
2016-11-22 22:17 - 2016-11-22 22:17 - 00001170 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.6.lnk
2016-11-22 22:17 - 2016-11-22 22:17 - 00001170 _____ C:\ProgramData\Desktop\Intel® Driver Update Utility 2.6.lnk
2016-11-22 22:17 - 2016-11-22 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-11-22 22:16 - 2016-11-22 22:17 - 00003036 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_WILLAMETTE
2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\ProgramData\Intel
2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-11-22 22:16 - 2015-06-04 13:33 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2016-11-22 22:15 - 2016-11-22 22:16 - 00000000 ____D C:\Program Files\Intel
2016-11-22 22:15 - 2016-11-22 22:15 - 00000000 ____D C:\Windows\System32\Tasks\Intel
2016-11-22 22:10 - 2016-11-22 22:11 - 07491840 _____ (Intel) C:\Users\joey\Desktop\Intel Driver Update Utility Installer.exe
2016-11-22 21:25 - 2016-11-22 21:25 - 00000000 ____D C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-11-22 21:17 - 2016-11-22 21:17 - 00000000 ____D C:\Users\joey\AppData\Local\WOP
2016-11-22 20:47 - 2012-02-17 14:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-11-22 20:47 - 2012-02-17 13:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-11-22 20:47 - 2012-02-17 12:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2016-11-22 17:04 - 2016-11-22 17:04 - 00008408 _____ C:\Users\joey\Desktop\System Idle Process.txt
2016-11-22 16:40 - 2015-10-21 02:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-22 16:40 - 2015-10-21 02:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-22 16:40 - 2015-10-21 02:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-22 16:40 - 2015-10-21 02:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-11-22 16:40 - 2015-10-21 02:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-22 16:40 - 2015-10-21 02:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-11-22 16:40 - 2015-10-21 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-11-22 16:40 - 2015-10-21 01:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-11-22 16:28 - 2016-11-22 16:28 - 00000000 ____D C:\938b87c6511940c1d7a2020a
2016-11-22 15:50 - 2016-11-22 15:50 - 00000000 ____D C:\Windows\CheckSur
2016-11-22 15:11 - 2016-11-22 15:15 - 00000000 ____D C:\cd78eb130dfc5629d94061bab981
2016-11-22 00:38 - 2016-11-22 00:38 - 01020722 _____ C:\Users\joey\Documents\t shirts prints 2.pptx
2016-11-22 00:31 - 2016-11-22 00:39 - 00524626 _____ C:\Users\joey\Documents\t shirt prints.pptx
2016-11-20 22:03 - 2016-11-20 22:08 - 00006725 _____ C:\junk.txt
2016-11-20 19:42 - 2016-11-24 22:59 - 00000000 ____D C:\Users\joey\Desktop\Fixer
2016-11-20 15:09 - 2016-11-20 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-11-20 15:09 - 2016-11-20 15:09 - 00000000 ____D C:\Program Files\Speccy
2016-11-20 14:56 - 2016-11-20 14:57 - 00001067 _____ C:\VEW.txt
2016-11-20 13:58 - 2016-11-20 13:59 - 00000000 ____D C:\Users\joey\Desktop\Right
2016-11-20 13:53 - 2016-11-22 00:32 - 00000000 ____D C:\Users\joey\Desktop\Left
2016-11-19 21:06 - 2016-11-24 22:59 - 00000000 ____D C:\FRST
2016-11-19 20:56 - 2016-11-19 20:57 - 00084442 _____ C:\Windows\ntbtlog.txt
2016-11-19 20:56 - 2016-11-19 20:56 - 319663712 _____ C:\Windows\MEMORY.DMP
2016-11-19 20:56 - 2016-11-19 20:56 - 00292320 _____ C:\Windows\Minidump\111916-27315-01.dmp
2016-11-19 20:56 - 2016-11-19 20:56 - 00000000 ____D C:\Windows\Minidump
2016-11-19 16:24 - 2016-11-20 06:32 - 00000000 ____D C:\AdwCleaner
2016-11-19 10:59 - 2016-11-19 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-19 10:44 - 2016-11-19 10:44 - 00000000 ____D C:\Users\joey\AppData\Roaming\AVG
2016-11-19 10:40 - 2016-11-19 10:40 - 00000000 ____D C:\Users\joey\AppData\Roaming\TuneUp Software
2016-11-19 10:29 - 2016-11-20 08:58 - 00000000 ____D C:\ProgramData\MFAData
2016-11-19 10:29 - 2016-11-19 10:29 - 00000000 ____D C:\Users\joey\AppData\Local\MFAData
2016-11-19 10:12 - 2016-11-19 10:13 - 03312392 _____ (AVG Technologies CZ, s.r.o.) C:\Users\joey\Downloads\AVG_Performance_709 (1).exe
2016-11-19 10:07 - 2016-11-19 10:08 - 03312392 _____ (AVG Technologies CZ, s.r.o.) C:\Users\joey\Downloads\AVG_Performance_709.exe
2016-11-19 10:06 - 2016-11-20 09:21 - 00000000 ____D C:\Users\joey\AppData\Local\AvgSetupLog
2016-11-19 10:06 - 2016-11-20 09:21 - 00000000 ____D C:\ProgramData\Avg
2016-11-19 10:06 - 2016-11-20 08:58 - 00000000 ____D C:\Users\joey\AppData\Local\Avg
2016-11-19 10:05 - 2016-11-19 10:06 - 03312896 _____ (AVG Technologies CZ, s.r.o.) C:\Users\joey\Downloads\AVG_Protection_Free_1606.exe
2016-10-27 23:55 - 2016-10-27 23:58 - 16112168 _____ (EaseUS ) C:\Users\joey\Downloads\drw_trial.exe
2016-10-27 23:54 - 2016-10-27 23:56 - 04426120 _____ (Piriform Ltd) C:\Users\joey\Downloads\rcsetup152.exe
2016-10-27 01:20 - 2016-11-23 21:21 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-10-27 01:19 - 2016-11-23 21:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-10-27 01:19 - 2016-11-23 21:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-10-27 00:51 - 2016-10-27 00:51 - 00925628 _____ C:\Users\joey\Documents\duplicate.txt
2016-10-26 04:05 - 2016-11-19 22:52 - 00007596 _____ C:\Users\joey\AppData\Local\Resmon.ResmonCfg
2016-10-25 22:53 - 2016-10-25 22:57 - 08270712 _____ (Piriform Ltd) C:\Users\joey\Downloads\ccsetup523.exe
2016-10-25 22:50 - 2016-10-25 22:58 - 00000000 ____D C:\Users\joey\Downloads\New folder
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-24 22:59 - 2016-10-19 19:24 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-24 22:59 - 2016-10-19 19:24 - 00000000 ____D C:\ProgramData\Documents\AdobeGC
2016-11-24 22:57 - 2009-07-14 12:45 - 00021088 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-24 22:57 - 2009-07-14 12:45 - 00021088 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-24 22:50 - 2015-12-29 08:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-24 22:50 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\tracing
2016-11-24 22:48 - 2016-10-24 00:43 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-11-24 22:48 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-24 22:05 - 2015-12-29 08:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-24 20:27 - 2009-07-14 13:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-24 20:27 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
2016-11-24 19:24 - 2015-12-28 22:52 - 00774004 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-24 18:41 - 2015-12-28 22:17 - 00220088 _____ C:\Users\joey\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-24 18:38 - 2009-07-14 12:45 - 00748552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-23 23:37 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-11-23 21:21 - 2016-10-24 17:50 - 00001945 _____ C:\Windows\epplauncher.mif
2016-11-22 22:14 - 2015-12-28 22:55 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-22 21:17 - 2016-10-14 17:38 - 00000000 ____D C:\Users\joey\AppData\Local\Wings of Prey
2016-11-22 00:04 - 2015-12-28 22:25 - 00000000 ____D C:\Users\joey\Documents\Bluetooth Exchange Folder
2016-11-20 18:15 - 2009-07-14 13:08 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-20 08:44 - 2016-10-24 08:16 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-19 20:43 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-17 07:18 - 2016-09-07 20:38 - 00000452 __RSH C:\ProgramData\ntuser.pol
2016-11-15 10:26 - 2015-12-29 08:50 - 00000000 ____D C:\Users\joey\AppData\Local\Google
2016-11-01 10:54 - 2015-12-28 23:03 - 00000000 ____D C:\Users\joey\AppData\Local\Autodesk
2016-10-30 14:55 - 2015-12-29 00:08 - 00000000 ____D C:\Users\joey\AppData\Roaming\vlc
2016-10-28 09:22 - 2010-11-21 11:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-28 00:25 - 2015-12-28 22:15 - 00000000 ____D C:\Users\joey
2016-10-26 19:51 - 2016-10-24 09:02 - 00000000 ____D C:\Windows\pss
2016-10-25 23:24 - 2015-12-29 14:01 - 00000000 ____D C:\Windows\Panther
2016-10-25 23:24 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\ModemLogs
2016-10-25 05:26 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\Vss
==================== Files in the root of some directories =======
2016-08-30 22:26 - 2016-08-30 22:26 - 0003584 _____ () C:\Users\joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-26 04:05 - 2016-11-19 22:52 - 0007596 _____ () C:\Users\joey\AppData\Local\Resmon.ResmonCfg
2015-12-29 08:45 - 2015-12-29 08:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-10-01 20:40 - 2016-10-01 20:40 - 0000092 _____ () C:\ProgramData\CameraRecorder.ini
2015-12-28 23:02 - 2015-12-28 23:02 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Some files in TEMP:
====================
C:\Users\joey\AppData\Local\Temp\libeay32.dll
C:\Users\joey\AppData\Local\Temp\msvcr120.dll
C:\Users\joey\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-16 22:24
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by joey (24-11-2016 23:03:39)
Running from C:\Users\joey\Desktop\Fixer
Windows 7 Professional Service Pack 1 (X64) (2015-12-28 14:14:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3334329050-1205438810-3444544024-500 - Administrator - Disabled)
Guest (S-1-5-21-3334329050-1205438810-3444544024-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3334329050-1205438810-3444544024-1002 - Limited - Enabled)
joey (S-1-5-21-3334329050-1205438810-3444544024-1000 - Administrator - Enabled) => C:\Users\joey
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.1.4 - Intel) Hidden
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.18 - Adobe Systems)
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Bentley OpenSTAADOEM (HKLM-x32\...\{4F180E04-ED69-40A7-95F0-2228E5C60AB2}) (Version: 08.02.09.41 - Bentley Systems, Inc.)
Bentley SPC Server v8i SS4 (HKLM-x32\...\{C88234D5-2327-4B3D-9D75-9F2749930B04}) (Version: 8.11.11.14 - Bentley Systems, Inc.)
Bentley Structure Property Catalog V8i SS4 v3.1.4.2 (HKLM-x32\...\{1D70E5D3-34E6-4EE8-BFB7-AB1DDC8DE0D1}) (Version: 3.1.4.2 - Bentley Systems, Inc.)
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.62 - Conexant)
DriverDoc (x32 Version: 1.3.2 - Solvusoft Corporation) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.1.8 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HP DeskJet 2130 series Basic Device Software (HKLM\...\{54A80AED-ADB5-4D32-83F2-A9A5DF4ED2C1}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
HP DeskJet 2130 series Help (HKLM-x32\...\{1CDFD3C9-BDF8-4DDC-BDA2-EBC53F938B5F}) (Version: 35.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: 5.38.2.4 - Silicon Motion)
Lenovo EasyCamera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.38.2.4 - Silicon Motion)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{DFB19121-0609-49C1-92B1-546E5A940FE8}) (Version: 2.0.1.7 - Lenovo)
PipeLink for STAAD.Pro V8i (Build 20.14.11.04) (HKLM-x32\...\{A7979F57-9431-4CD4-AE4B-50D407EBA400}) (Version: 20.14.11.04 - Bentley Systems, Inc.)
Product Improvement Study for HP DeskJet 2130 series (HKLM\...\{EA4DB54A-FAE0-4FDA-A66D-AEB8F5FFBE83}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
STAAD.foundation V8i (SELECTseries 4) Release 5.3 (HKLM-x32\...\{EF9432B0-F705-46FB-A864-2AE17F571E7A}) (Version: 05.03.00.37 - Bentley Systems Inc.)
STAAD.Pro V8i SELECTseries 6 (HKLM-x32\...\{8A6D0892-27A0-4429-8C85-15DCF73B8529}) (Version: 20.07.11.33 - Bentley Systems, Inc.)
StrucLink for STAAD.Pro V8i (Build 20.14.11.05) (HKLM-x32\...\{127FE612-C33A-410E-B11C-A98025A6D366}) (Version: 20.14.11.05 - Bentley Systems, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3334329050-1205438810-3444544024-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07A4E17E-2754-4ABC-9DC1-56D3B567F958} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {0C5C2AE7-2A0A-4B92-89CE-0C7DC5936A1B} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {609C0955-D202-4C46-BAC3-0A17B40E1164} - System32\Tasks\HPCustParticipation HP DeskJet 2130 series => C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe [2015-04-09] (Hewlett-Packard Development Company, LP)
Task: {6EE67162-914F-4D4F-9E54-0D68466C69FB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {7819E578-BC76-4965-AE5B-8AD3811D046D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-04] (Google Inc.)
Task: {9CF4B069-B9B9-459D-BDEA-90E57B63868F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {F18AC037-012D-451D-AB2D-6C2AE1296242} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-04] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-12-28 22:28 - 2009-12-19 02:52 - 00201120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2015-12-28 22:28 - 2009-12-19 02:53 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 00256152 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\analyzer.dll
2015-12-28 22:28 - 2009-12-19 02:52 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2009-08-11 16:59 - 2009-08-11 16:59 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2016-11-22 22:16 - 2016-06-08 18:07 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-11-22 22:16 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-11-22 22:16 - 2016-06-08 18:17 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-11-22 22:16 - 2016-06-08 18:12 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-11-22 22:16 - 2016-06-08 18:15 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-11-22 22:16 - 2016-06-08 18:17 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-11-22 22:16 - 2016-06-08 18:17 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-11-22 22:16 - 2016-06-08 18:16 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-11-22 22:16 - 2016-06-08 18:15 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2015-12-28 22:19 - 2009-12-23 17:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-12-28 22:28 - 2009-12-19 02:50 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2015-12-28 22:28 - 2009-12-19 02:51 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2015-12-28 23:04 - 2016-02-24 12:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-12-28 23:04 - 2016-02-24 12:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-11-15 11:09 - 2016-11-09 04:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 11:09 - 2016-11-09 04:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-10-24 23:58 - 2016-10-26 21:14 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3334329050-1205438810-3444544024-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\joey\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: BitTorrent => "C:\Users\joey\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FC761DEB-9513-494F-AF3B-A2BB17AD68AC}] => (Allow) LPort=50248
FirewallRules: [{71AA814A-4BC7-4225-B86F-64CE3514385B}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe
FirewallRules: [{4B08A3D5-E199-4CE6-83E5-A7E9601BAE46}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{EE75F78E-92CE-4569-8889-D616C60B0D39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4BF0C8D7-D3A3-4A23-A1EC-0AF6CB55242A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D0C1DD3E-2A61-4EB0-ABEC-0FBD2AF9DF7B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
==================== Restore Points =========================
15-11-2016 18:54:57 Windows Update
19-11-2016 10:30:18 Installed AVG 2016
19-11-2016 10:33:45 Installed AVG
19-11-2016 16:32:46 JRT Pre-Junkware Removal
19-11-2016 16:46:46 Windows Update
20-11-2016 08:37:32 Removed AVG
20-11-2016 08:44:26 Removed AVG 2016
20-11-2016 09:05:18 Removed Visual Studio 2012 x64 Redistributables
20-11-2016 09:22:49 Removed Visual Studio 2012 x86 Redistributables
20-11-2016 09:24:18 Removed Visual Studio 2012 x64 Redistributables
22-11-2016 15:49:06 Windows Update
22-11-2016 16:40:21 Windows Update
22-11-2016 16:55:55 Windows Update
22-11-2016 22:14:19 Intel® Driver Update Utility
22-11-2016 22:23:39 Windows Update
23-11-2016 21:15:30 Windows Update
23-11-2016 22:09:11 Windows Update
24-11-2016 18:58:51 Windows Update
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/24/2016 10:50:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/24/2016 08:21:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/24/2016 06:48:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/24/2016 06:41:40 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Web.RegularExpressions, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/24/2016 06:39:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/23/2016 11:41:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dw20.exe, version: 2.0.50727.4927, time stamp: 0x4a275ab7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x11d8
Faulting application start time: 0x01d2459ff7cf34a6
Faulting application path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
Faulting module path: unknown
Report Id: 3dc70afb-b193-11e6-8329-70f3954bf046
Error: (11/23/2016 11:41:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: UNS.exe, version: 6.0.0.1202, time stamp: 0x4b203de1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0xa78
Faulting application start time: 0x01d245901ff6662c
Faulting application path: C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
Faulting module path: unknown
Report Id: 3c02c586-b193-11e6-8329-70f3954bf046
Error: (11/23/2016 11:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AdAppMgrSvc.exe, version: 5.0.142.14, time stamp: 0x56cd31d5
Faulting module name: msxml3.dll_unloaded, version: 0.0.0.0, time stamp: 0x4ce7b8e9
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x810
Faulting application start time: 0x01d2459005a5d09e
Faulting application path: C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
Faulting module path: msxml3.dll
Report Id: 36d7486e-b193-11e6-8329-70f3954bf046
Error: (11/23/2016 11:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 9.5.6.1002, time stamp: 0x4b32c4bd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x%9
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Error: (11/23/2016 11:40:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LMS.exe, version: 6.0.30.1202, time stamp: 0x4b203d8b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70db7374
Faulting process id: 0x7dc
Faulting application start time: 0x01d2458fb1c1bbd2
Faulting application path: C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
Faulting module path: unknown
Report Id: 313e4c09-b193-11e6-8329-70f3954bf046
System errors:
=============
Error: (11/24/2016 08:16:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
Error: (11/24/2016 08:15:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service.
Error: (11/24/2016 08:13:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.233.216.0
Update Source: Microsoft Update Server
Update Stage: Download
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.13303.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Error: (11/24/2016 08:13:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.233.216.0
Update Source: Microsoft Update Server
Update Stage: Download
Source Path: http://www.microsoft.com
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.13303.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Error: (11/24/2016 08:13:19 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (11/23/2016 11:43:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Winmgmt service.
Error: (11/23/2016 11:42:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service.
Error: (11/23/2016 11:42:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LMS service.
Error: (11/23/2016 11:41:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IAStorDataMgrSvc service.
Error: (11/23/2016 11:41:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Autodesk Application Manager Service service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2016-10-26 02:45:19.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:19.787
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:19.756
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:19.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:19.725
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:19.693
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:11.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:11.815
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:11.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-26 02:45:11.769
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 73%
Total physical RAM: 1974.85 MB
Available physical RAM: 523.89 MB
Total Virtual: 4935.85 MB
Available Virtual: 3055.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:122.79 GB) NTFS
Drive d: (Data) (Fixed) (Total:269.36 GB) (Free:221.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=269.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1.1 GB) - (Type=12)
==================== End of Addition.txt ============================