Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Farbar and OTL have identified issues I can only mess up more on my own


  • Please log in to reply
1 reply to this topic

#1 chriffan

chriffan

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 27 October 2016 - 04:15 AM

I've ran several different scanners, rootkit n malware tools which all found nothing. I started getting BSOD's regularly from kernel data input errors, which I thought were fixed, to multiple Firefox freeze ups and crashes, to constant scan drive for errors messages. After running SFC in safe mode, which found corrupt files it couldn't repair, I ran DISM scanhealth, which reported it was a fixable. Next I ran DISM Restorehealth and on reboot said it couldn't fix it, the windows 8.1 watermark in the bottom right of the desktop and periodic blue screen asking to activate my version of Windows. The last chkdsk in safe mode using "Windows All in One Repair" software was slowed and hampered with a constant rebooting desktop screen and a windows warning box that would immediately reopen on every attempt to close it. Once the chkdsk was done I rebooted to a dark purple screen, normally green, which took much longer than usual to go to the desktop.

 

As a member of the Hell no to Windows 10 club, I realize I may have messed up uninstalling updates mixed with telemetry, not installing dubious or unexplained updates and refusing to install the current rollups of security mixed with telemetry or problematic patches. Fine, I'll visit the other forum for help with those issues once any potential infection is removed.

 

Here are the Farbar scans:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2016
Ran by steve (administrator) on GW01 (27-10-2016 03:53:45)
Running from C:\Users\steve\Desktop
Loaded Profiles: steve (Available Profiles: steve)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(UltimateOutsider) C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [400384 2015-03-12] (Seagate)
HKLM\...\Run: [GwxControlPanelMonitor] => C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [4596296 2016-04-02] (UltimateOutsider)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1042912 2016-10-13] (DivX, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-06-23] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  No File
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  No File
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{699D9D75-EC47-4094-9A1F-C4DD8DEE0FE1}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-26] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-26] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

FireFox:
========
FF ProfilePath: C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default [2016-10-27]
FF Extension: (Adguard AdBlocker) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\adguardadblocker@adguard.com.xpi [2016-10-27]
FF Extension: (YouTube™ HD Plus) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\jid1-wkCmfgboni3B1Q@jetpack.xpi [2016-05-10]
FF Extension: (Thumbnail Zoom Plus) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2016-09-29]
FF Extension: (Youtube Zero Annotations) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\YoutubeZeroAnnotations@China-Cheats.com.xpi [2016-09-29]
FF Extension: (FlashGot) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-17]
FF Extension: (NoScript) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-19]
FF Extension: (gtranslate) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2016-08-04]
FF Extension: (Greasemonkey) - C:\Users\steve\AppData\Roaming\Mozilla\Firefox\Profiles\b584bszs.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-27] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-26] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-27] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-09-27] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-04-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-04-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-04-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-04-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-04-19] (Apple Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S3 DeviceFastLaneService; C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-04-03] (Dritek System INC.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-06-23] (Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [4608 2015-12-08] (Windows ® Codename Longhorn DDK provider)
S3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63al.sys [5170176 2013-07-01] (Broadcom Corporation)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 epp; C:\EEK\BIN64\epp.sys [116944 2016-06-30] (Emsisoft Ltd)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-04-03] (Dritek System Inc.)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2015-06-10] (Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [183224 2015-06-10] (Acronis)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard64.sys [X]

========================== Drivers MD5 =======================

C:\WINDOWS\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\WINDOWS\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\WINDOWS\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0
C:\WINDOWS\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\WINDOWS\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\WINDOWS\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\WINDOWS\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\WINDOWS\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\WINDOWS\system32\drivers\afd.sys A460C3AF3755A2A79A3C8EFE72E147B5
C:\WINDOWS\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\WINDOWS\System32\DRIVERS\ahcache.sys F0CB6DB513CAC393D04A0FCE0A59E1BF
C:\WINDOWS\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\WINDOWS\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\WINDOWS\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\WINDOWS\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\WINDOWS\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\WINDOWS\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E
C:\WINDOWS\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\WINDOWS\system32\DRIVERS\asyncmac.sys 3DB7721F06BC2FEDB25029EA23AB27DA
C:\WINDOWS\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\WINDOWS\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\WINDOWS\System32\drivers\b57xdbd.sys 0630C8915B747E88E825CE7F73B66A5D
C:\WINDOWS\System32\drivers\b57xdmp.sys CA8457E528E13B38F8DC3B86B6BA4C6B
C:\WINDOWS\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\WINDOWS\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\WINDOWS\system32\DRIVERS\bbcap.sys 849EA7A204F9F77E7B2ADB8699F7BFC8
C:\WINDOWS\system32\DRIVERS\bcmwl63al.sys 34CFED0DFCC0FECF4B5F817D54904E9B
C:\WINDOWS\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\WINDOWS\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\WINDOWS\System32\drivers\bScsiMSa.sys 0E9B28782D0E5DE7C25207432B791B33
C:\WINDOWS\System32\drivers\bScsiSDa.sys 8F62F985BDD2F333A3EE34D54894363D
C:\WINDOWS\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\WINDOWS\System32\drivers\bthhfenum.sys 272A62B660A48AEF366F8A1836CED19F
C:\WINDOWS\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\WINDOWS\System32\drivers\bthmodem.sys EF4B9E7C9AD88C00C18A12B0D22D1894
C:\WINDOWS\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\WINDOWS\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\WINDOWS\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\WINDOWS\System32\drivers\CLFS.sys 8EB7E70C2D348FE2476A2E3F2D585E3D
C:\WINDOWS\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\WINDOWS\System32\Drivers\cng.sys 5CBF8B3E27D824D2AA2A34AFB406F1D0
C:\WINDOWS\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\WINDOWS\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\WINDOWS\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA
C:\WINDOWS\System32\Drivers\dfsc.sys FDE50F8CBFC986086FE47D3D582F80BE
C:\WINDOWS\System32\drivers\disk.sys 8B1E62881D5AC68E673CD94B136B34AC
C:\WINDOWS\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\WINDOWS\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\WINDOWS\System32\drivers\dxgkrnl.sys F74B839FA0F4E6060CA1DA6B8DA17941
C:\WINDOWS\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\WINDOWS\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\EEK\BIN64\epp.sys 8783EDE26F315555EFE697239D337910
C:\WINDOWS\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\WINDOWS\system32\DRIVERS\ETD.sys BBEFD1442896352FBACEC3319959B278
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\WINDOWS\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\WINDOWS\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\WINDOWS\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\WINDOWS\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\WINDOWS\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A
C:\WINDOWS\System32\DRIVERS\fltsrv.sys C06AF3D1E7CA6868A6A3064CE6907C4A
C:\WINDOWS\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\WINDOWS\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE
C:\WINDOWS\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\WINDOWS\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\WINDOWS\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\WINDOWS\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\WINDOWS\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\WINDOWS\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\WINDOWS\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA
C:\WINDOWS\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\WINDOWS\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\WINDOWS\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\WINDOWS\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\WINDOWS\System32\drivers\HTTP.sys E87A6D3B8FECD5B93BC0CFBB48C27970
C:\WINDOWS\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\WINDOWS\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\WINDOWS\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\WINDOWS\System32\drivers\iaStorA.sys 6C024B3AE192D72B216166802AF345DD
C:\WINDOWS\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\WINDOWS\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 79AE3CC82CA1563A4B392207997ACE7C
C:\WINDOWS\system32\drivers\RTKVHD64.sys 9CC645EB9697AA4F2D5A39835C80A0A2
C:\WINDOWS\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\WINDOWS\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\WINDOWS\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2
C:\WINDOWS\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\WINDOWS\System32\drivers\IPMIDrv.sys C800DCD904016B2BF6AB541083770A3A
C:\WINDOWS\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\WINDOWS\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\WINDOWS\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\WINDOWS\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E
C:\WINDOWS\system32\DRIVERS\k57nd60a.sys 45369E037410609D769852A1CE46A184
C:\WINDOWS\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE
C:\WINDOWS\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72
C:\WINDOWS\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\WINDOWS\System32\Drivers\ksecdd.sys 304DA394D958BC3B62AF6DF514005B01
C:\WINDOWS\System32\Drivers\ksecpkg.sys 3D4AE520CD6F6FFE549DD195C1F515BE
C:\WINDOWS\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\WINDOWS\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\WINDOWS\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\WINDOWS\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\WINDOWS\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\WINDOWS\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\WINDOWS\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\WINDOWS\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\WINDOWS\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\WINDOWS\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\WINDOWS\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\WINDOWS\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\WINDOWS\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930
C:\WINDOWS\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA
C:\WINDOWS\System32\drivers\mountmgr.sys 9A788037D768809DFD677F4BA08A224A
C:\WINDOWS\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC
C:\WINDOWS\system32\drivers\mrxdav.sys D2AC8F07995CE6CD18848C129435B481
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 3AF30CEB99E581E2FADA0B5FC4B551D8
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 15D7AF1A26CCEBA32DF21A8E2098F463
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 0790EEB1EC199F8BE8259E47B373ED23
C:\WINDOWS\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\WINDOWS\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\WINDOWS\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\WINDOWS\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\WINDOWS\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\WINDOWS\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\WINDOWS\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\WINDOWS\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\WINDOWS\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\WINDOWS\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\WINDOWS\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\WINDOWS\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\WINDOWS\System32\Drivers\mup.sys 438EA7A2D8D4F9B8AFB64748ACA70BA8
C:\WINDOWS\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\WINDOWS\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27
C:\WINDOWS\System32\drivers\ndis.sys 6D3A2565E01B3E4B0F1BEDB0D4B00B3F
C:\WINDOWS\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\WINDOWS\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7
C:\WINDOWS\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\WINDOWS\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\WINDOWS\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\Windows\System32\Drivers\NDProxy.sys B8F36CBC72FC5C8B8A30AD850165EA8E
C:\WINDOWS\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\WINDOWS\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A
C:\WINDOWS\System32\DRIVERS\netbt.sys 9DC17B7D9D84C37C102D379FCC7D4942
C:\WINDOWS\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\WINDOWS\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\WINDOWS\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541
C:\Windows\System32\Drivers\Ntfs.sys 9980B262DBE439AE6BDC91AA985F19EE
C:\windows\system32\drivers\NTIDrvr.sys 64DDD0DEE976302F4BD93E5EFCC2F013
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\WINDOWS\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\WINDOWS\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\WINDOWS\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\WINDOWS\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\WINDOWS\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\WINDOWS\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\WINDOWS\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\WINDOWS\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\WINDOWS\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\WINDOWS\System32\drivers\pdc.sys ED54A75050211DC77F9B98C41E026858
C:\WINDOWS\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\WINDOWS\system32\DRIVERS\raspptp.sys E075CC071022BD4E9BE7C024717C0E0A
C:\WINDOWS\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys 138DBAE80F390B22297ACD861BDA996E
C:\WINDOWS\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5
C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys DD3FD48D69F5FBBB21D46D1514C1C2DB
C:\WINDOWS\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\WINDOWS\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 3EE5097945A7F680E320953271EB2D4F
C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 235624C147E3CB4C288D5D3D8E8D64A2
C:\WINDOWS\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\WINDOWS\system32\DRIVERS\rassstp.sys 41F631007A158FEBB67F0E2AD1601BBA
C:\WINDOWS\System32\DRIVERS\rdbss.sys D67ED4AB59D1EF66B05AD1A81AC28B26
C:\WINDOWS\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\WINDOWS\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\WINDOWS\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\WINDOWS\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys 615DFD97DEA56CE1C3A52185A3038FF8
C:\WINDOWS\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\WINDOWS\system32\DRIVERS\rtwlane.sys 097AA0B75675862070248796E1CC04D1
C:\WINDOWS\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\WINDOWS\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\WINDOWS\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1
C:\WINDOWS\System32\drivers\sdbus.sys C54B6B2170BF628FD42F799A66956D75
C:\WINDOWS\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\WINDOWS\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\WINDOWS\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\WINDOWS\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\WINDOWS\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1
C:\WINDOWS\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\WINDOWS\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\WINDOWS\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\WINDOWS\System32\DRIVERS\snapman.sys E3E56CAF0472163871B922FC7CBC9654
C:\WINDOWS\System32\drivers\spaceport.sys B45AE0970B2D66CCE756DE6989E23EEC
C:\WINDOWS\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\WINDOWS\System32\DRIVERS\srv.sys 36B082C7A764A34FB1DC72D975870B61
C:\WINDOWS\System32\DRIVERS\srv2.sys F5849909D4B29B4E3D4445F943E5C7E3
C:\WINDOWS\System32\DRIVERS\srvnet.sys FABC49666708EA562549E78E6FBF3191
C:\WINDOWS\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\WINDOWS\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\WINDOWS\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\WINDOWS\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\WINDOWS\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\WINDOWS\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\WINDOWS\System32\drivers\tcpip.sys 1C8560E3A37A9D4F25B7769C3E3D4163
C:\WINDOWS\system32\DRIVERS\tcpip.sys 1C8560E3A37A9D4F25B7769C3E3D4163
C:\WINDOWS\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\WINDOWS\system32\DRIVERS\tdrpman.sys AC28A6FCA485821499FF018695CEDE16
C:\WINDOWS\system32\DRIVERS\tdx.sys E0BD2D83875464FEEEB242CBA8B7E073
C:\WINDOWS\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\WINDOWS\System32\DRIVERS\tib.sys DE604462206F7D8C203F767F425FCA8D
C:\WINDOWS\System32\DRIVERS\tib_mounter.sys 8C750FE6DE38AF13506B99EC2F519F79
C:\WINDOWS\system32\drivers\tpm.sys 80A2FC1A089A71F2DBE5D8394FFB009F
C:\WINDOWS\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\WINDOWS\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\WINDOWS\system32\DRIVERS\tunnel.sys E85916632CD3B9E9B546968DB950BF42
C:\WINDOWS\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\WINDOWS\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\windows\system32\drivers\UBHelper.sys 2E22C1FD397A5A9FFEF55E9D1FC96C00
C:\WINDOWS\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49
C:\WINDOWS\System32\DRIVERS\udfs.sys C61EAF8E1E4B2F62BA4FDF457440B2C6
C:\WINDOWS\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\WINDOWS\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\WINDOWS\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\WINDOWS\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\WINDOWS\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\WINDOWS\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\WINDOWS\System32\drivers\usbehci.sys C996CBEF922B5653A01E3F50DDCE2F86
C:\WINDOWS\System32\drivers\usbhub.sys CD81683F4553677B9BF5163A922153EB
C:\WINDOWS\System32\drivers\UsbHub3.sys 5C90D5379B53590FBB24BBAD4FA682EE
C:\WINDOWS\System32\drivers\usbohci.sys A0F0484C97D6441ED6A75D7426ECCC9E
C:\WINDOWS\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\WINDOWS\System32\drivers\USBSTOR.SYS 9D168BFA334D47BE404367EB58D4E130
C:\WINDOWS\System32\drivers\usbuhci.sys FC974B03C8B87455F44F734C8F31A3C8
C:\WINDOWS\System32\Drivers\usbvideo.sys 5C8F604F6DC74177CDD8372D7B1ADFF0
C:\WINDOWS\System32\drivers\USBXHCI.SYS 44603DA5A87FB491EF59C889EBBB4DDB
C:\WINDOWS\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\WINDOWS\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\WINDOWS\System32\drivers\vhdmp.sys 5DB4AFA10A488EC4DDB3DA09B0425BE5
C:\WINDOWS\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\WINDOWS\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\WINDOWS\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\WINDOWS\System32\drivers\volmgr.sys 436E1A724E7E683F6B612D3D58F04241
C:\WINDOWS\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\WINDOWS\System32\drivers\volsnap.sys 17F7B0F2298D97F4B6C7A69511033D3D
C:\WINDOWS\System32\drivers\vpci.sys DAC438FB5FF85A9E72806E2341D5D732
C:\WINDOWS\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\WINDOWS\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\WINDOWS\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\WINDOWS\system32\DRIVERS\vwififlt.sys 35BF5C5F5E3C9902C98978C7640574DA
C:\WINDOWS\system32\DRIVERS\vwifimp.sys 65ED7B9CFEA893DF7748D5FF692690DE
C:\WINDOWS\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\WINDOWS\system32\DRIVERS\wanarp.sys 23006D660C0E54BF1CE8253E15F5E995
C:\WINDOWS\system32\DRIVERS\wanarp.sys 23006D660C0E54BF1CE8253E15F5E995
C:\WINDOWS\System32\drivers\WdBoot.sys 81285DDC994F03379DB46419300B2DCB
C:\WINDOWS\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\WINDOWS\System32\drivers\WdFilter.sys 26B8FED3F3B85F5F0C4BD03FD00B9941
C:\WINDOWS\System32\Drivers\WdNisDrv.sys CE67080F00E0AF32755096CEA6430ABA
C:\WINDOWS\System32\DRIVERS\wfplwfs.sys 715ABA3DD164D06457A2A3C92F6EA9D5
C:\WINDOWS\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620
C:\WINDOWS\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\WINDOWS\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\WINDOWS\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\WINDOWS\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-27 03:53 - 2016-10-27 03:54 - 00033422 _____ C:\Users\steve\Desktop\FRST.txt
2016-10-27 02:24 - 2016-10-27 03:09 - 00000000 ____D C:\Users\steve\Desktop\october logs
2016-10-26 14:12 - 2016-10-26 14:12 - 00000000 ____D C:\Users\steve\AppData\Local\DDMSettings
2016-10-26 07:12 - 2016-10-26 07:13 - 00179290 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt
2016-10-26 06:51 - 2016-10-26 06:51 - 00001049 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-10-26 05:12 - 2016-10-26 05:12 - 00001045 _____ C:\Users\Public\Desktop\DivX Player.lnk
2016-10-24 22:20 - 2016-10-24 22:21 - 00581454 _____ C:\TDSSKiller.3.1.0.11_24.10.2016_22.20.13_log.txt
2016-10-24 22:18 - 2016-10-24 22:18 - 00007074 _____ C:\TDSSKiller.3.1.0.11_24.10.2016_22.18.20_log.txt
2016-10-24 16:52 - 2016-10-26 18:22 - 00315488 _____ C:\WINDOWS\ntbtlog.txt
2016-10-24 10:29 - 2016-10-24 10:29 - 00000000 __SHD C:\found.021
2016-10-24 02:41 - 2016-10-24 02:41 - 00001100 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2016-10-24 02:41 - 2016-10-24 02:41 - 00000000 ____D C:\ProgramData\Western Digital
2016-10-24 02:41 - 2016-10-24 02:41 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-24 02:41 - 2016-10-24 02:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2016-10-24 02:41 - 2016-10-24 02:41 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-10-24 01:45 - 2016-10-24 01:45 - 04999696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-23 04:19 - 2016-10-23 04:19 - 00005429 _____ C:\Users\steve\Desktop\how to handle rollups to get he security pt only -from bleeping computer.txt
2016-10-23 00:59 - 2016-10-23 00:59 - 00001378 _____ C:\Users\Public\Desktop\FlashBack Express Recorder.lnk
2016-10-23 00:59 - 2016-10-23 00:59 - 00001368 _____ C:\Users\Public\Desktop\FlashBack Express Player.lnk
2016-10-23 00:59 - 2016-10-23 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software
2016-10-21 20:19 - 2016-10-21 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-19 08:10 - 2016-10-19 08:12 - 00585410 _____ C:\TDSSKiller.3.1.0.11_19.10.2016_08.10.13_log.txt
2016-10-19 08:08 - 2016-10-19 08:08 - 00009146 _____ C:\TDSSKiller.3.1.0.11_19.10.2016_08.08.05_log.txt
2016-10-15 19:20 - 2016-10-15 19:20 - 00000000 __SHD C:\found.020
2016-10-11 04:57 - 2016-10-11 04:57 - 00001173 _____ C:\Users\steve\Desktop\GwxControlPanelLog.txt
2016-10-03 00:30 - 2016-10-03 00:30 - 00365536 _____ (DivX, LLC) C:\WINDOWS\SysWOW64\DivXControlPanelApplet.cpl
2016-10-02 00:58 - 2016-10-02 01:01 - 00007320 _____ C:\Users\steve\Desktop\! read ! -scripts n tools w interesting article on the changing terms of the W10 EULA.txt
2016-10-01 09:36 - 2016-10-01 09:36 - 00000000 ____D C:\Users\steve\AppData\Local\Microsoft_Corporation

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-27 03:53 - 2016-05-02 10:09 - 00000000 ____D C:\FRST
2016-10-27 03:36 - 2013-08-22 22:49 - 00000000 ____D C:\Users\steve\AppData\Local\Adobe
2016-10-27 03:36 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-27 03:35 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-27 03:11 - 2016-09-23 06:49 - 00000000 ____D C:\Users\steve\Desktop\FRST-OlderVersion
2016-10-27 03:11 - 2016-05-02 10:02 - 02407936 _____ (Farbar) C:\Users\steve\Desktop\FRST64.exe
2016-10-27 03:11 - 2013-07-16 11:51 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2198574098-558535509-1888455575-1001
2016-10-27 03:10 - 2016-07-29 19:55 - 00004346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-27 03:07 - 2013-10-14 09:40 - 00000000 ____D C:\Users\steve\AppData\Local\CrashDumps
2016-10-27 03:00 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-27 02:31 - 2015-05-15 05:39 - 00000000 ___RD C:\Users\steve\Desktop\Shortcuts n Scan Tools
2016-10-27 02:06 - 2014-09-09 21:49 - 00006813 _____ C:\Users\steve\Documents\comp -web issues n fixes.txt
2016-10-27 01:42 - 2016-07-22 09:30 - 00179712 ___SH C:\Users\steve\Desktop\Thumbs.db
2016-10-27 00:37 - 2016-09-04 03:20 - 00266756 ____N C:\WINDOWS\Minidump\102716-20421-01.dmp
2016-10-27 00:37 - 2014-12-08 12:15 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-26 23:23 - 2014-10-26 21:49 - 00000000 ____D C:\Users\steve
2016-10-26 23:08 - 2016-09-04 03:20 - 00282600 ____N C:\WINDOWS\Minidump\102616-28250-01.dmp
2016-10-26 22:34 - 2016-08-05 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-26 22:34 - 2016-08-05 20:42 - 00000000 ____D C:\Program Files\Java
2016-10-26 18:19 - 2015-05-05 08:22 - 00000000 ____D C:\Users\steve\AppData\Roaming\vlc
2016-10-26 17:02 - 2014-06-04 21:09 - 00000000 ____D C:\Users\steve\AppData\Roaming\Free Download Manager
2016-10-26 14:32 - 2016-04-22 20:13 - 00000000 ____D C:\Users\steve\AppData\LocalLow\boost_interprocess
2016-10-26 13:27 - 2016-09-04 03:20 - 00283568 ____N C:\WINDOWS\Minidump\102616-23828-01.dmp
2016-10-26 12:29 - 2016-04-22 15:16 - 00193024 ___SH C:\Users\steve\Documents\Thumbs.db
2016-10-26 10:41 - 2013-08-17 02:16 - 00000000 ____D C:\Users\steve\AppData\Roaming\Audacity
2016-10-26 07:13 - 2016-06-05 06:13 - 00003646 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-10-26 07:13 - 2016-06-05 06:13 - 00002142 _____ C:\Users\steve\Desktop\Tweaking.com - Windows Repair.lnk
2016-10-26 06:46 - 2016-08-05 20:43 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-10-26 05:43 - 2016-07-26 04:43 - 11579432 _____ (SurfRight B.V.) C:\Users\steve\HitmanPro_x64.exe
2016-10-26 05:39 - 2016-09-04 03:20 - 00283056 ____N C:\WINDOWS\Minidump\102616-96156-01.dmp
2016-10-26 05:12 - 2016-06-23 19:06 - 00001635 _____ C:\Users\steve\Desktop\DivX Movies.lnk
2016-10-26 05:12 - 2016-04-22 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2016-10-26 05:12 - 2016-04-22 20:01 - 00000000 ____D C:\Program Files (x86)\DivX
2016-10-26 05:12 - 2016-04-01 14:49 - 00003640 _____ C:\WINDOWS\System32\Tasks\DivXUpdate
2016-10-26 05:12 - 2014-05-19 18:23 - 00000000 ____D C:\ProgramData\DivX
2016-10-26 05:11 - 2016-04-22 20:03 - 00001070 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2016-10-26 05:11 - 2014-05-19 18:29 - 00000000 ____D C:\Users\steve\AppData\Roaming\DivX
2016-10-25 15:37 - 2014-08-20 16:28 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-24 23:42 - 2016-09-04 03:20 - 00287696 ____N C:\WINDOWS\Minidump\102416-23828-01.dmp
2016-10-24 22:19 - 2016-05-02 09:55 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-10-24 22:18 - 2016-03-24 05:39 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-10-24 22:18 - 2012-12-27 05:10 - 00000000 ____D C:\ProgramData\Temp
2016-10-24 21:42 - 2014-05-20 13:53 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-24 21:02 - 2016-07-29 03:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-10-24 21:02 - 2015-11-08 10:24 - 00000000 ____D C:\Program Files\RogueKiller
2016-10-24 21:02 - 2014-07-20 07:36 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-10-24 17:21 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-24 16:47 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-10-24 16:15 - 2016-09-04 03:20 - 00244528 ____N C:\WINDOWS\Minidump\102416-18328-01.dmp
2016-10-24 10:11 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\spool
2016-10-24 10:06 - 2016-09-04 03:20 - 00283568 ____N C:\WINDOWS\Minidump\102416-25953-01.dmp
2016-10-24 02:41 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Inf
2016-10-24 02:36 - 2016-09-04 03:20 - 00284592 ____N C:\WINDOWS\Minidump\102416-24718-01.dmp
2016-10-24 01:47 - 2015-12-10 21:11 - 00000000 ____D C:\Users\steve\Desktop\misc notes n   logs
2016-10-24 01:45 - 2016-09-04 03:20 - 00283056 ____N C:\WINDOWS\Minidump\102416-50968-01.dmp
2016-10-23 08:19 - 2016-04-19 10:11 - 00000000 ____D C:\Users\steve\AppData\Roaming\dvdcss
2016-10-23 06:39 - 2016-07-30 10:28 - 00001911 _____ C:\Users\steve\Desktop\fixes, info n removal of W10 folders n files.txt
2016-10-23 02:54 - 2016-02-08 05:57 - 00000000 ____D C:\Users\steve\Documents\FlashBack Movies
2016-10-23 01:52 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-23 00:57 - 2016-05-04 16:27 - 00000000 ____D C:\Users\steve\Documents\FlashBack Express 5 Updates
2016-10-21 21:29 - 2015-01-18 11:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 19:54 - 2015-12-05 02:51 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-10-21 12:24 - 2016-07-26 06:10 - 00000000 ____D C:\EEK
2016-10-21 11:01 - 2016-05-22 10:45 - 00000000 ____D C:\AdwCleaner
2016-10-18 20:19 - 2016-08-12 23:16 - 00000000 ____D C:\Users\steve\Desktop\mbar
2016-10-18 20:19 - 2014-07-25 03:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-18 19:57 - 2014-05-20 13:52 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-18 08:33 - 2016-05-02 02:40 - 00012288 _____ C:\Users\steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-14 00:48 - 2013-08-06 16:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-14 00:42 - 2013-07-29 02:40 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-13 17:23 - 2016-04-14 16:40 - 00024364 _____ C:\Users\steve\Desktop\VeeHD linx.txt
2016-10-11 22:07 - 2016-06-06 17:23 - 00000000 ____D C:\Users\steve\Desktop\mini dmp and scans from windows n 3rd party tools logs
2016-10-11 05:00 - 2015-05-11 15:53 - 00000000 ____D C:\Users\steve\Documents\BB FlashBack Movies
2016-10-11 03:46 - 2015-05-11 15:51 - 00000000 ____D C:\ProgramData\Blueberry
2016-10-11 03:45 - 2015-05-18 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\C
2016-10-10 08:20 - 2016-08-04 08:28 - 00000000 ____D C:\Users\steve\Desktop\frbar scans aug
2016-10-07 17:43 - 2016-08-14 23:54 - 00001126 _____ C:\Users\steve\Desktop\drive contents.txt
2016-10-02 09:21 - 2015-03-26 22:05 - 00010718 _____ C:\Users\steve\Desktop\Quick Access to Sites_01.html
2016-10-02 09:21 - 2015-03-26 22:04 - 00010718 _____ C:\Users\steve\Desktop\Quick Access to Sites_01.txt
2016-10-01 10:41 - 2014-08-08 12:36 - 00001687 _____ C:\Users\steve\Documents\!!!! pwords 4 web.txt
2016-09-30 22:01 - 2013-07-16 11:44 - 00000000 ____D C:\Users\steve\AppData\Local\Packages
2016-09-30 20:15 - 2014-09-24 05:55 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-30 20:15 - 2014-09-24 05:55 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-30 05:46 - 2016-07-23 19:21 - 00000000 ____D C:\Users\steve\Desktop\W10 info, logs, n tools 2 avoid

==================== Files in the root of some directories =======

2016-08-14 14:24 - 2016-08-14 14:24 - 26496761 _____ (Audacity Team                                               ) C:\Program Files (x86)\audacity-win-2.1.2.exe
2015-10-07 01:49 - 2015-10-07 01:50 - 9957947 _____ (                                                            ) C:\Program Files (x86)\ffmpeg-win-2.2.2.exe
2015-12-23 03:30 - 2015-12-23 03:30 - 11543552 _____ () C:\Program Files (x86)\wmm6_win7_64bit.msi
2016-05-02 02:40 - 2016-10-18 08:33 - 0012288 _____ () C:\Users\steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-07 11:35 - 2014-12-07 11:35 - 0000036 _____ () C:\Users\steve\AppData\Local\housecall.guid.cache
2016-05-31 08:13 - 2016-05-31 08:15 - 0019074 _____ () C:\Users\steve\AppData\Local\HWVendorDetection.log
2013-12-26 16:36 - 2016-07-31 17:50 - 0007623 _____ () C:\Users\steve\AppData\Local\resmon.resmoncfg
2016-01-07 12:39 - 2016-01-14 20:48 - 0000020 ____H () C:\Users\steve\AppData\Local\xftredahs.dat

Files to move or delete:
====================
C:\Users\steve\directx_mar2009_redist.exe
C:\Users\steve\DivXInstaller.exe
C:\Users\steve\EmsisoftEmergencyKit.exe
C:\Users\steve\erunt-setup.exe
C:\Users\steve\fdminst.exe
C:\Users\steve\Firefox Setup Stub 48.0.exe
C:\Users\steve\GwxControlPanelSetup.exe
C:\Users\steve\HitmanPro_x64.exe
C:\Users\steve\jre-8u101-windows-x64.exe
C:\Users\steve\PSISetup.exe
C:\Users\steve\Silverlight_x64.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
timeout                 2

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {ab285d1f-ee2b-11e2-be6f-2cd05a3daae5}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {ab285d1c-ee2b-11e2-be6f-2cd05a3daae5}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ab285d1d-ee2b-11e2-be6f-2cd05a3daae5}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ab285d1d-ee2b-11e2-be6f-2cd05a3daae5}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {ab285d21-ee2b-11e2-be6f-2cd05a3daae5}
integrityservices       Enable
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {ab285d1f-ee2b-11e2-be6f-2cd05a3daae5}
nx                      OptIn
bootmenupolicy          Standard
bootlog                 No

Windows Boot Loader
-------------------
identifier              {ab285d21-ee2b-11e2-be6f-2cd05a3daae5}
device                  ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ab285d22-ee2b-11e2-be6f-2cd05a3daae5}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ab285d22-ee2b-11e2-be6f-2cd05a3daae5}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {80679c4f-9c84-11e2-99f8-df427a26fc5d}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {ab285d1c-ee2b-11e2-be6f-2cd05a3daae5}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Resume from Hibernate
---------------------
identifier              {ab285d1f-ee2b-11e2-be6f-2cd05a3daae5}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {ab285d21-ee2b-11e2-be6f-2cd05a3daae5}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {ab285d1d-ee2b-11e2-be6f-2cd05a3daae5}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier              {ab285d1e-ee2b-11e2-be6f-2cd05a3daae5}
description             Windows Setup
ramdisksdidevice        partition=C:
ramdisksdipath          \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Device options
--------------
identifier              {ab285d22-ee2b-11e2-be6f-2cd05a3daae5}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume5
ramdisksdipath          \Recovery\WindowsRE\boot.sdi



LastRegBack: 2016-10-26 21:29

==================== End of FRST.txt ============================

 

Attached File  FRST Addition log 10-27-2016.txt   34.03KB   1 downloads

 

  Thanks

 



BC AdBot (Login to Remove)

 


#2 chriffan

chriffan
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 29 October 2016 - 12:48 PM

Thanks I had a hard drive crash so please close the topic. Thank you




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users