Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Black screen of death on Win7 64 dell latitude e6520 laptop


  • This topic is locked This topic is locked
2 replies to this topic

#1 seth.lifehelp

seth.lifehelp

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 16 April 2015 - 04:33 PM

I'm able to get to a command line from a Win 7-64 retail install disk - and have tried sfc /scannow but it hasn't fixed it - 'Windows Resource Protection did not find any integrity violations'

If this is in the wrong forum please advise

- not sure if that's because it's started from outside the original OS - awaiting delivery of recovery media shipped from Dell -

- farbar recovery scan tool log below

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by SYSTEM on MININT-MM3RG1V on 16-04-2015 13:57:09
Running from F:\
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [611192 2011-07-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-18] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2011-07-25] ()
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [381296 2011-12-08] (Wave Systems Corp.)
HKLM\...\Run: [DFEPApplication] => c:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077272 2011-08-24] (Dell Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112408 2012-04-17] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Client Access Service] => C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe [20531 2005-10-19] (IBM Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [436776 2013-06-14] ()
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-08] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2013-03-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [503400 2013-07-04] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-07-04] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1067072 2013-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2015-02-02] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\Schoolbase1\...\Run: [AdobeBridge] => [X]
HKU\Schoolbase1\...\Run: [Akamai NetSession Interface] => C:\Users\Schoolbase1\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\Schoolbase1\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\Schoolbase1\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3890768 2015-02-24] (Tonec Inc.)
HKU\Schoolbase1\...\Run: [GoToMeeting] => C:\Program Files (x86)\Citrix\GoToMeeting\2331\g2mstart.exe [44400 2015-03-03] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\Schoolbase1\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\Schoolbase1\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\Schoolbase1\...\Run: [DellSystemDetect] => C:\Users\Schoolbase1\AppData\Local\Apps\2.0\1N8THTLX.22B\O4NLPAAJ.K1R\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-03] (Dell)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\Users\dcmhs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Microsoft)
Startup: C:\Users\Schoolbase1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Schoolbase1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2014-02-13] (Two Pilots)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S3 Cwbrxd; C:\Windows\CWBRXD.EXE [65585 2005-06-08] (IBM Corporation)
S2 DFEPService; c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2279320 2011-08-24] (Dell Inc.)
S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-01] (DisplayLink Corp.)
S2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [218504 2012-01-17] ()
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [5632 2014-02-14] (The Neat Company)
S2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [59432 2013-06-14] (The OpenVPN Project)
S2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [59432 2013-06-14] (The OpenVPN Project)
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 SlingAgentService; C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe [93960 2009-09-25] (Sling Media Inc.)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1637888 2011-10-08] ()
S2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1679872 2012-01-05] (Wave Systems Corp.)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)
S2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-18] (Dell Inc.)
S3 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [198144 2012-01-16] (Wave Systems Corp.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.6.55673.0.sys [46384 2014-06-03] ()
S3 HBtnKey; C:\Windows\system32\drivers\HBtnKey.sys [20424 2011-07-19] (Dell Inc.)
S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\accelern.sys 1575A815C27789061F34B4F55AE0B5C3
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\Apfiltr.sys 6D4CB1F46A0AC05326F834FD6B822479
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgntflt.sys 00BF66D168E1A7AA7E1C9F458BBA0B34
C:\Windows\System32\DRIVERS\avipbb.sys 055D318220DD4593F2A8C8FF83707D36
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\BCM42RLY.sys C3D8920A5AAF10A72CEDB57D3339280A
C:\Windows\System32\DRIVERS\bcmwl664.sys D20EE58C13FF343B90550861EBCD9DDD
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrSerIb.sys 63A00CDBEB300522C49EC7CA77324060
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrUsbSIb.sys BBCFD6C6EF66449F55AF1BFDB08C9B12
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btwampfl.sys A0DFB69ADE3444C78B17636FCF28E898
C:\Windows\System32\drivers\btwaudio.sys 7CF028CE78696882B327FF13D2DFA534
C:\Windows\System32\drivers\btwavdt.sys 3DEF2370E414B4E299673558BA171A51
C:\Windows\System32\DRIVERS\btwl2cap.sys 9AD0FA253ED531D39FB2D74FE12A5FA9
C:\Windows\System32\DRIVERS\btwrchid.sys 9937E0E4DFC0030560A6DFE9D3A94B39
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CtClsFlt.sys 58CB536DA016641C9D24D183197F6DBF
C:\Windows\System32\DRIVERS\CVirtA64.sys 44BDDEB03C84A1C993C992FFB5700357
C:\Windows\system32\Drivers\CVPNDRVA.sys 79AF0E203D089AF442A3F70ED00A37FB
C:\Windows\System32\Drivers\cvusbdrv.sys 691C449ED4A7B6EF71F7F1F25EA434BD
C:\Windows\System32\Drivers\dfsc.sys CF1F6326AC44C42F4615D4BD53188AC5
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.6.55673.0.sys D1CD9E9895306FDDB70D7445B3FB8024
C:\Windows\system32\drivers\dlkmd.sys 307576F0D3332E1E90AAA07A66516D00
C:\Windows\System32\drivers\dlkmdldr.sys C9B7DE078EA90F0F4500063127B64854
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\DRIVERS\dne64x.sys 05CB5910B3CA6019FC3CCA815EE06FFB
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\e1c62x64.sys 1BEF2C2E229452EC49FFE5A27283341D
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\HBtnKey.sys 0E485F2C759F155170DA9F35354034E9
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\idmwfp.sys 3F2013A2880FE503B1B3BC8212764923
C:\Windows\System32\DRIVERS\igdkmd64.sys 9937600A1584FF00565D5379EB4C9EDB
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 56ED3EE5FED6BF2FC1305CF872042868
C:\Windows\System32\Drivers\ksecpkg.sys 8BA90F480705D7153AD0060CCA62222A
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AE2500w764.sys 584528BF596A54B2BF6BE5067ADDA44A
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 86614752D2FAE34CCD9E7B2AABA5FBEC
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys 211FB7D41E50BCBFEFC3512290E0339E
C:\Windows\System32\DRIVERS\mrxsmb10.sys E94368D48ADF90F03AA65112461AD02B
C:\Windows\System32\DRIVERS\mrxsmb20.sys 5162FAE8A13CF1F5B6DCD863D09173C7
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys AA0C2BA3782E92BD85E2264BE418E67C
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netvsc60.sys 73CE12B8BDD747B0063CB0A7EF44CEA7
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\O2MDFw7x64.sys 6172DB160FC566CF24307941C0E94D8E
C:\Windows\System32\DRIVERS\O2MDRw7x64.sys 8ED738ABA394BBF6D7802698BE453112
C:\Windows\System32\DRIVERS\o2sdjw7x64.sys A9C1E6B7C134FAD124338B7944FA996D
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\DRIVERS\PBADRV.sys 363B3F857ABEE85767E01E3044C539CD
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 71B6F78D6444CCE6F77BC42917A4E8F7
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RMCAST.sys CAF88D6573D21CD2AA27001DDBFDC74D
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\stdcfltn.sys E4EA2412FB1B8AEE33667A9CC6D456A4
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys EF5ACDE92BA3F691BBFEF781CB063501
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VMBusVideoM.sys 4CDD7DF58730D23BA9CB5829A6E2ECEA
C:\Windows\System32\DRIVERS\tap0901.sys 5D7360A19660F1C9B3E15C8DA969FE41
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys 91D3C92A44FC682DD791147604E79152
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys F7FFDF2A1D19A76A87759126B244C816
C:\Windows\System32\DRIVERS\usbhub.sys 245FE7FC634D6A993E682E0A9EBA4ABB
C:\Windows\system32\drivers\usbohci.sys C1A8966E0D09BFB501045105B30D86F2
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 2E682DCE4319A90E02A327F8A427544A
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\WinUSB.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\DRIVERS\WSDScan.sys 4A2A5C50DD1A63577D3ACA94269FBC7F
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== Three Months Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-16 13:56 - 2015-04-16 13:57 - 00000000 ____D () C:\FRST
2015-04-13 06:19 - 2015-04-13 06:19 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\Oracle
2015-03-11 07:01 - 2015-02-19 20:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2015-03-11 07:01 - 2015-02-19 20:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2015-03-11 07:01 - 2015-02-19 20:40 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-03-11 07:01 - 2015-02-19 20:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2015-03-11 07:01 - 2015-02-19 20:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 07:01 - 2015-02-19 20:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 07:01 - 2015-02-19 20:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 07:01 - 2015-02-19 20:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 07:01 - 2015-02-19 19:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-03-11 07:01 - 2015-02-19 19:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 06:58 - 2015-02-02 19:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2015-03-11 06:58 - 2014-06-27 16:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2015-03-11 06:57 - 2015-02-02 19:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-03-11 06:57 - 2015-02-02 19:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2015-03-11 06:57 - 2015-02-02 19:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-03-11 06:57 - 2015-02-02 19:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2015-03-11 06:57 - 2015-02-02 19:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\System32\quartz.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\System32\msscp.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\msmmsp.dll
2015-03-11 06:57 - 2015-02-02 19:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2015-03-11 06:57 - 2015-02-02 19:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2015-03-11 06:57 - 2015-02-02 19:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\System32\drmv2clt.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\evr.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\System32\cryptsp.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\System32\rrinstaller.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2015-03-11 06:57 - 2015-02-02 19:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\mfpmp.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\pcawrk.exe
2015-03-11 06:57 - 2015-02-02 19:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2015-03-11 06:57 - 2015-02-02 19:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2015-03-11 06:57 - 2015-02-02 19:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2015-03-11 06:57 - 2015-02-02 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\mferror.dll
2015-03-11 06:57 - 2015-02-02 19:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2015-03-11 06:57 - 2015-02-02 19:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 06:57 - 2015-02-02 19:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 06:57 - 2015-02-02 19:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 06:57 - 2015-02-02 19:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 06:57 - 2015-02-02 19:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 06:57 - 2015-02-02 19:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 06:57 - 2015-02-02 19:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 06:57 - 2015-02-02 19:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 06:57 - 2015-02-02 19:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 06:57 - 2015-02-02 19:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 06:57 - 2015-02-02 18:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2015-03-11 06:57 - 2015-01-30 19:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2015-03-11 06:57 - 2015-01-30 19:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-03-11 06:57 - 2015-01-30 15:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2015-03-11 06:57 - 2014-10-31 14:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2015-03-11 06:57 - 2014-06-27 16:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2015-03-11 06:54 - 2015-02-12 21:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 06:54 - 2015-02-12 21:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-03-11 06:54 - 2015-02-02 19:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2015-03-11 06:54 - 2015-02-02 19:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 06:53 - 2015-03-05 21:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-03-11 06:53 - 2015-03-05 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-03-11 06:53 - 2015-03-05 21:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-03-11 06:53 - 2015-03-05 21:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-03-11 06:53 - 2015-03-05 21:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-03-11 06:53 - 2015-03-05 21:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-03-11 06:53 - 2015-03-05 21:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-03-11 06:53 - 2015-03-05 21:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-03-11 06:53 - 2015-03-05 21:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 06:53 - 2015-03-05 21:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 06:53 - 2015-03-05 21:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 06:53 - 2015-03-05 21:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 06:53 - 2015-03-05 21:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 06:53 - 2015-03-05 21:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 06:53 - 2015-03-05 21:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 06:53 - 2015-01-30 15:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2015-03-11 06:44 - 2015-02-25 19:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-03-11 06:44 - 2015-02-02 19:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2015-03-11 06:44 - 2015-02-02 19:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 06:44 - 2015-01-16 18:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2015-03-11 06:44 - 2015-01-16 18:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 06:42 - 2015-02-03 19:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2015-03-11 06:42 - 2015-02-03 18:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-04 14:53 - 2015-01-08 19:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\System32\perftrack.dll
2015-03-04 14:53 - 2015-01-08 19:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\wdi.dll
2015-03-04 14:53 - 2015-01-08 19:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\System32\powertracker.dll
2015-03-04 14:53 - 2015-01-08 18:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-24 14:44 - 2015-01-08 15:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-24 14:44 - 2015-01-08 15:43 - 00419936 _____ () C:\Windows\System32\locale.nls
2015-02-24 05:41 - 2014-11-28 16:37 - 00180648 _____ (Tonec Inc.) C:\Windows\System32\Drivers\idmwfp.sys
2015-02-21 13:45 - 2015-02-21 13:45 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\Neat
2015-02-19 12:30 - 2015-02-19 12:33 - 00000000 ____D () C:\LWSI REPORT DISK
2015-02-19 08:04 - 2015-01-22 20:07 - 02339840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-02-19 08:04 - 2015-01-22 19:59 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-02-19 08:04 - 2015-01-22 19:00 - 01810944 _____ () C:\Windows\SysWOW64\jscript9.dll
2015-02-19 08:04 - 2015-01-22 18:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-17 13:04 - 2015-02-17 13:04 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-02-13 13:05 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-02-13 13:05 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-02-13 13:05 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-02-13 13:05 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-02-13 13:05 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-02-13 13:05 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2015-02-13 13:05 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-02-13 13:05 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2015-02-13 13:05 - 2015-01-13 19:08 - 17878016 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-02-13 13:05 - 2015-01-13 18:59 - 10924032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-02-13 13:05 - 2015-01-13 18:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-02-13 13:05 - 2015-01-13 18:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-02-13 13:05 - 2015-01-13 18:49 - 01388032 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-02-13 13:05 - 2015-01-13 18:47 - 01494016 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-02-13 13:05 - 2015-01-13 18:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-02-13 13:05 - 2015-01-13 18:47 - 00237056 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2015-02-13 13:05 - 2015-01-13 18:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-02-13 13:05 - 2015-01-13 18:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-02-13 13:05 - 2015-01-13 18:46 - 00173056 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-02-13 13:05 - 2015-01-13 18:45 - 02157056 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-02-13 13:05 - 2015-01-13 18:45 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-02-13 13:05 - 2015-01-13 18:45 - 00282112 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-02-13 13:05 - 2015-01-13 18:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-02-13 13:05 - 2015-01-13 18:44 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-02-13 13:05 - 2015-01-13 18:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-02-13 13:05 - 2015-01-13 18:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2015-02-13 13:05 - 2015-01-13 18:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2015-02-13 13:05 - 2015-01-13 18:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2015-02-13 13:05 - 2015-01-13 17:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-13 13:05 - 2015-01-13 17:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-02-13 13:05 - 2015-01-13 17:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-13 13:05 - 2015-01-13 17:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 13:05 - 2015-01-13 17:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-13 13:05 - 2015-01-13 17:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 13:05 - 2015-01-13 17:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 13:05 - 2015-01-13 17:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-13 13:05 - 2015-01-13 17:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-13 13:05 - 2015-01-13 17:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-02-13 13:05 - 2015-01-13 17:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-13 13:05 - 2015-01-13 17:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-13 13:05 - 2015-01-13 17:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-13 13:05 - 2015-01-13 17:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-13 13:05 - 2015-01-13 17:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-13 13:05 - 2015-01-13 17:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-13 13:05 - 2015-01-13 17:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-13 13:05 - 2015-01-13 17:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-02-13 13:05 - 2015-01-13 17:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-02-13 13:05 - 2015-01-13 17:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-02-13 13:05 - 2015-01-06 19:15 - 00104896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2015-02-13 13:05 - 2015-01-06 19:10 - 00782848 _____ (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2015-02-13 13:05 - 2015-01-06 18:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2015-02-13 13:05 - 2015-01-06 17:49 - 00310272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2015-02-13 13:05 - 2015-01-06 17:49 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-02-13 13:05 - 2015-01-06 17:48 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-02-13 13:05 - 2015-01-06 17:48 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-02-13 13:05 - 2015-01-06 17:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2015-02-13 13:05 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2015-02-13 13:05 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 06:11 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2015-02-11 06:11 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-01-30 16:28 - 2015-01-30 16:28 - 00000000 ____D () C:\Windows\twain_64
2015-01-30 14:23 - 2015-04-14 07:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-30 14:16 - 2015-04-14 12:47 - 00000000 ____D () C:\Users\Public\Documents\Neat ADF Scanner
2015-01-30 14:16 - 2015-01-30 14:16 - 00001853 _____ () C:\Users\Public\Desktop\Neat.lnk
2015-01-30 14:16 - 2015-01-30 14:16 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Local\The Neat Company
2015-01-30 14:16 - 2015-01-30 14:16 - 00000000 ____D () C:\Users\Public\Documents\Neat Mobile Scanner
2015-01-30 14:16 - 2015-01-30 14:16 - 00000000 ____D () C:\Program Files\Send To Neat
2015-01-30 14:16 - 2014-02-13 02:20 - 00148480 _____ (Two Pilots) C:\Windows\VPDAgent_x64.exe
2015-01-30 14:16 - 2014-02-13 02:20 - 00054784 _____ () C:\Windows\System32\sdtnpm.dll
2015-01-30 14:15 - 2015-01-30 14:15 - 00000000 ____D () C:\Users\Public\Documents\Neat Mobile Scanner 2008 Calibration Data
2015-01-30 14:15 - 2015-01-30 14:15 - 00000000 ____D () C:\Users\Public\Documents\Neat ADF Scanner 2008 Calibration Data
2015-01-30 14:15 - 2015-01-30 14:15 - 00000000 ____D () C:\Users\Public\Documents\741
2015-01-30 14:15 - 2015-01-30 14:15 - 00000000 ____D () C:\Program Files\Common Files\NeatReceipts
2015-01-30 14:14 - 2015-01-30 14:14 - 00000000 ____D () C:\ProgramData\The Neat Company
2015-01-30 14:13 - 2015-01-30 14:16 - 00000000 ____D () C:\Program Files\Common Files\The Neat Company
2015-01-30 14:13 - 2015-01-30 14:16 - 00000000 ____D () C:\Program Files (x86)\Neat
2015-01-30 14:07 - 2015-01-30 14:07 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2015-01-30 14:07 - 2015-01-30 14:07 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-01-30 14:07 - 2015-01-30 14:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-27 14:02 - 2015-01-27 14:02 - 00000000 ____D () C:\Users\Default\AppData\Local\LogMeIn
2015-01-27 14:02 - 2015-01-27 14:02 - 00000000 ____D () C:\Users\Default User\AppData\Local\LogMeIn
2015-01-22 14:15 - 2015-01-22 14:15 - 00000000 _____ () C:\Windows\EEventManager.INI
2015-01-22 13:49 - 2015-01-22 13:49 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\Leader Technologies
2015-01-22 13:49 - 2015-01-22 13:49 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\Acer
2015-01-22 09:26 - 2015-01-22 09:26 - 00000045 _____ () C:\Windows\WF-4630.ini
2015-01-22 09:25 - 2015-03-11 14:25 - 00000911 _____ () C:\Windows\Tasks\EPSON WF-4630 Series Update {152AB06D-76C5-409E-9D81-EDF128F22E33}.job
2015-01-22 09:25 - 2015-01-22 09:30 - 00000725 _____ () C:\Windows\Tasks\EPSON WF-4630 Series Invitation {152AB06D-76C5-409E-9D81-EDF128F22E33}.job
2015-01-22 09:25 - 2015-01-22 09:25 - 00003978 _____ () C:\Windows\System32\Tasks\EPSON WF-4630 Series Update {152AB06D-76C5-409E-9D81-EDF128F22E33}
2015-01-22 09:25 - 2015-01-22 09:25 - 00003792 _____ () C:\Windows\System32\Tasks\EPSON WF-4630 Series Invitation {152AB06D-76C5-409E-9D81-EDF128F22E33}
2015-01-22 09:24 - 2015-01-22 09:24 - 00000000 ____D () C:\Program Files (x86)\LTCM Client
2015-01-22 09:21 - 2015-01-22 13:49 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\Epson
2015-01-22 09:20 - 2015-01-22 09:23 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2015-01-22 09:20 - 2015-01-22 09:20 - 00000000 ____D () C:\Program Files\EpsonNet
2015-01-22 09:20 - 2015-01-22 09:20 - 00000000 ____D () C:\Program Files\EPSON
2015-01-22 09:20 - 2012-11-12 18:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\ensppui.dll
2015-01-22 09:20 - 2012-11-12 18:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enppui.dll
2015-01-22 09:20 - 2012-11-12 13:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\ensppmon.dll
2015-01-22 09:20 - 2012-11-12 13:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enppmon.dll
2015-01-22 09:20 - 2012-10-22 15:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enspres.dll
2015-01-22 09:20 - 2012-10-22 15:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enpres.dll
2015-01-22 09:19 - 2015-01-22 09:30 - 00000911 _____ () C:\Windows\Tasks\EPSON WF-4630 Series Update {CD89D453-4671-4064-9F61-BE5880310A1E}.job
2015-01-22 09:19 - 2015-01-22 09:30 - 00000725 _____ () C:\Windows\Tasks\EPSON WF-4630 Series Invitation {CD89D453-4671-4064-9F61-BE5880310A1E}.job
2015-01-22 09:19 - 2015-01-22 09:24 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-22 09:19 - 2015-01-22 09:19 - 00003978 _____ () C:\Windows\System32\Tasks\EPSON WF-4630 Series Update {CD89D453-4671-4064-9F61-BE5880310A1E}
2015-01-22 09:19 - 2015-01-22 09:19 - 00003792 _____ () C:\Windows\System32\Tasks\EPSON WF-4630 Series Invitation {CD89D453-4671-4064-9F61-BE5880310A1E}
2015-01-22 09:19 - 2015-01-22 09:19 - 00000967 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2015-01-22 09:19 - 2015-01-22 09:19 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2015-01-22 09:19 - 2012-07-23 22:00 - 00466432 _____ (Seiko Epson Corporation) C:\Windows\System32\esxw2ud.dll
2015-01-22 09:19 - 2012-05-16 22:00 - 00144560 _____ (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
2015-01-22 09:19 - 2010-11-22 11:27 - 00147472 _____ (TWAIN Working Group) C:\Windows\SysWOW64\twaindsm.dll
2015-01-22 09:18 - 2015-01-22 09:26 - 00000000 ____D () C:\ProgramData\EPSON
2015-01-22 09:18 - 2013-10-22 02:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\E_YLMBKLE.DLL
2015-01-22 09:18 - 2011-03-15 01:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\E_YD4BKLE.DLL
2015-01-22 09:18 - 2007-04-09 23:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\System32\E_GCINST.DLL
2015-01-22 09:08 - 2014-11-26 10:21 - 00002008 _____ () C:\Users\Schoolbase1\Desktop\ControlCenter4.lnk
2015-01-22 08:52 - 2015-01-22 08:52 - 00000000 ____D () C:\ProgramData\PCFaxTx
2015-01-22 08:52 - 2013-01-06 16:53 - 00087040 ____R (Brother Industries, Ltd.) C:\Windows\System32\BrNetSti.dll
2015-01-22 08:52 - 2012-12-12 09:37 - 00318464 ____N (Brother Industries, Ltd.) C:\Windows\System32\BrFaxTxAppRun64.dll
2015-01-22 08:51 - 2013-04-10 22:55 - 00227328 _____ (Brother Industries, Ltd.) C:\Windows\System32\BRCOI13Q.DLL
2015-01-22 08:51 - 2013-04-10 22:55 - 00180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL
2015-01-22 08:45 - 2015-01-22 08:45 - 00000000 ____D () C:\Users\Schoolbase1\Documents\MyWebPages
2015-01-22 08:40 - 2015-01-22 09:09 - 00026119 _____ () C:\Windows\BRRBCOM.INI
2015-01-22 08:40 - 2015-01-22 09:09 - 00013172 _____ () C:\Windows\BROMJ6720DW.INI
2015-01-22 08:31 - 2015-01-22 08:31 - 00003602 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8610
2015-01-22 08:31 - 2015-01-22 08:31 - 00002233 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8610.lnk
2015-01-22 08:31 - 2015-01-22 08:31 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-22 08:31 - 2014-07-21 14:31 - 00763912 ____N (Hewlett-Packard Development Company, LP) C:\Windows\System32\HPDiscoPM7112.dll
2015-01-22 08:20 - 2015-01-22 08:20 - 00003610 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 7520 series
2015-01-22 08:20 - 2015-01-22 08:20 - 00000000 ____D () C:\ProgramData\Visan
2015-01-22 08:20 - 2015-01-22 08:20 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2015-01-22 08:20 - 2015-01-22 08:20 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2015-01-22 08:19 - 2015-01-22 08:19 - 00002281 _____ () C:\Users\Public\Desktop\HP Photosmart 7520 series.lnk
2015-01-22 08:19 - 2012-10-17 02:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\System32\HPDiscoPMBC11.dll
2015-01-21 09:14 - 2015-01-21 09:14 - 00001654 _____ () C:\Users\Schoolbase1\Desktop\SELFMONITORIN55826 - Shortcut.lnk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-16 11:35 - 2014-12-11 06:49 - 00000000 ____D () C:\Windows\System32\appraiser
2015-04-16 11:35 - 2014-11-03 21:33 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-16 11:35 - 2014-05-07 01:00 - 00000000 ___SD () C:\Windows\System32\CompatTel
2015-04-16 11:35 - 2013-11-14 12:04 - 00000000 ____D () C:\Program Files\VueScan
2015-04-16 11:35 - 2013-11-14 11:56 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\IDM
2015-04-16 11:35 - 2013-11-14 11:56 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-04-16 11:35 - 2012-10-29 17:07 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Local\Akamai
2015-04-16 11:35 - 2012-10-01 08:59 - 00000000 ____D () C:\users\Schoolbase1
2015-04-16 11:35 - 2012-09-24 09:05 - 00000000 ____D () C:\ProgramData\Intel
2015-04-16 11:35 - 2012-09-24 08:05 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-04-16 11:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2015-04-16 11:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 11:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 11:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 11:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-16 11:34 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2015-04-16 11:32 - 2014-11-06 23:02 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-16 11:32 - 2014-11-03 21:30 - 00000000 ____D () C:\ProgramData\Avira
2015-04-16 11:32 - 2014-11-03 21:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-15 15:09 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-15 06:33 - 2013-11-14 11:56 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\DMCache
2015-04-15 06:31 - 2012-10-03 08:31 - 485442560 _____ () C:\Users\Schoolbase1\Outlook.pst
2015-04-15 06:25 - 2013-12-05 12:17 - 00000967 _____ () C:\Users\Schoolbase1\Desktop\greenwood.ws
2015-04-15 06:02 - 2013-04-09 05:15 - 00000000 ____D () C:\NEW
2015-04-15 00:17 - 2013-07-11 01:05 - 00000000 ____D () C:\Windows\System32\MRT
2015-04-14 10:58 - 2012-10-03 10:03 - 00000900 _____ () C:\Users\Schoolbase1\Desktop\as400.WS
2015-04-13 06:24 - 2012-10-03 10:03 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Local\CrashDumps
2015-04-13 06:18 - 2014-11-06 23:03 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-10 13:05 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\System32\FxsTmp
2015-04-09 05:12 - 2013-10-24 15:54 - 00002555 _____ () C:\Users\Schoolbase1\AppData\Roaming\SAS7_000.DAT
2015-04-06 05:56 - 2014-08-28 05:52 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Local\Adobe
2015-03-23 06:11 - 2014-11-03 21:31 - 00000000 ____D () C:\Users\Schoolbase1\AppData\Roaming\Avira
 
Some content of TEMP:
====================
C:\Users\Schoolbase1\AppData\Local\Temp\5.6.1.374_Full.exe
C:\Users\Schoolbase1\AppData\Local\Temp\avgnt.exe
C:\Users\Schoolbase1\AppData\Local\Temp\G2MInstallerExtractor.exe
C:\Users\Schoolbase1\AppData\Local\Temp\GLF4514.tmp.EXE
C:\Users\Schoolbase1\AppData\Local\Temp\NeatExecAsUser64.exe
C:\Users\Schoolbase1\AppData\Local\Temp\processcheck.exe
C:\Users\Schoolbase1\AppData\Local\Temp\SetACL.exe
C:\Users\Schoolbase1\AppData\Local\Temp\VistaTools64.dll
C:\Users\Schoolbase1\AppData\Local\Temp\_is52B1.exe
C:\Users\Schoolbase1\AppData\Local\Temp\_is5CC0.exe
C:\Users\Schoolbase1\AppData\Local\Temp\_isB1A5.exe
C:\Users\Schoolbase1\AppData\Local\Temp\_isFEA9.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
Restore point made on: 2015-03-11 14:54:12
Restore point made on: 2015-03-11 14:54:53
Restore point made on: 2015-03-11 14:55:52
Restore point made on: 2015-03-13 14:01:05
Restore point made on: 2015-03-18 14:49:05
Restore point made on: 2015-03-23 06:09:55
Restore point made on: 2015-04-01 09:58:25
Restore point made on: 2015-04-06 09:22:54
Restore point made on: 2015-04-06 11:26:49
Restore point made on: 2015-04-07 08:33:00
Restore point made on: 2015-04-07 12:48:08
Restore point made on: 2015-04-08 06:35:13
Restore point made on: 2015-04-08 06:36:02
Restore point made on: 2015-04-08 09:45:06
Restore point made on: 2015-04-08 12:53:47
Restore point made on: 2015-04-10 13:15:45
Restore point made on: 2015-04-11 13:02:56
Restore point made on: 2015-04-11 13:33:00
Restore point made on: 2015-04-13 06:17:50
Restore point made on: 2015-04-13 06:23:12
Restore point made on: 2015-04-13 09:06:02
Restore point made on: 2015-04-14 08:38:59
Restore point made on: 2015-04-14 08:49:13
Restore point made on: 2015-04-14 12:24:01
Restore point made on: 2015-04-14 12:49:19
Restore point made on: 2015-04-15 00:00:40
Restore point made on: 2015-04-15 00:01:33
Restore point made on: 2015-04-15 00:02:11
Restore point made on: 2015-04-15 00:06:18
Restore point made on: 2015-04-15 00:18:12
Restore point made on: 2015-04-15 00:18:32
Restore point made on: 2015-04-15 00:19:52
Restore point made on: 2015-04-15 00:39:19
Restore point made on: 2015-04-15 06:32:53
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {88e92c21-066d-11e2-8779-d4bed9649452}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {88e92c23-066d-11e2-8779-d4bed9649452}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {88e92c21-066d-11e2-8779-d4bed9649452}
nx                      OptIn
bootlog                 No
 
Windows Boot Loader
-------------------
identifier              {88e92c23-066d-11e2-8779-d4bed9649452}
device                  ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{88e92c24-066d-11e2-8779-d4bed9649452}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{88e92c24-066d-11e2-8779-d4bed9649452}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {88e92c21-066d-11e2-8779-d4bed9649452}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {88e92c24-066d-11e2-8779-d4bed9649452}
description             Ramdisk Options
ramdisksdidevice        partition=Y:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 22%
Total physical RAM: 3977.02 MB
Available physical RAM: 3088.55 MB
Total Pagefile: 3975.21 MB
Available Pagefile: 3121.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:454.03 GB) (Free:328.28 GB) NTFS
Drive e: (GSP1RMCPRXFREO_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
Drive f: () (Removable) (Total:14.98 GB) (Free:14.86 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:11.69 GB) (Free:4.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 9E900465)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: C2EDBDDE)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
 
 
LastRegBack: 2012-10-03 11:38
 
==================== End Of Log ============================

Edited by hamluis, 16 April 2015 - 04:35 PM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 21 April 2015 - 04:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/573468 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 26 April 2015 - 04:40 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users