Results 1 to 10 of 14

Thread: PC has been taken over and held for ransom through Microsoft Windows 10 ISO download

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Member
    Join Date
    Oct 2009
    Posts
    87

    Default PC has been taken over and held for ransom through Microsoft Windows 10 ISO download

    Hi,

    I am running Windows 10 , which was Windows 7, which started off as Windows Vista.

    Recently, I have been having a few issues with Windows 10 crashing, so yesterday I ran the sfc scannow and restore health command.

    Corrupt files were found, but Windows wanted the source files. I went online to find info on this and I discovered that I needed an ISO of my exact version and build.

    So, today I went onto Microsoft's Windows 10 ISO download page to find the version. I couldn't so I went to the support tab to ask the community. However, there was also a link for live chat so I clicked it to get a fast answer.

    To cut a long story short, it wasn't Microsoft, someone hacked my PC, took over my mouse and a window popped up saying we have put a virus on your PC pay money on this number to remove it.

    I powered the PC down and tried to do a restore, but I can't, all my restore punts are gone and the PC won't reset while keeping my files. I have loads on there too.

    I have not connected that PC to the internet since because I presume it will get connected to them.

    The PC will switch on and I can access my files it seems, but I just cannot do anything to repair it.

    I presume anything I do will have to be by USB now. Is there any instructions on how to make the logs for you without being connected to the internet please?

    Thanks.

    Hi,

    I used a USB to download registry backup tool Farbar and aswMBR. Please note the computer 'was not' connected to the internet when I ran any of these tools so the database was not been updated.

    Can somebody at Spybot please tell Microsoft about the fact their live chat is being taken over? I have looked for an email address but I can't find one.

    I got to the page with the live chat taken from the support tab on the main Windows 10 ISO download page. There are 2 options if I remember, community support or live chat - I clicked live chat and that's when it all went wrong.

    Thanks.


    Log Files from USB

    ##################

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
    Ran by User (administrator) on DANIELBYE (15-02-2016 13:53:26)
    Running from C:\Users\User\Desktop
    Loaded Profiles: User (Available Profiles: User & Classic .NET AppPool & DefaultAppPool)
    Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
    (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
    (Microsoft Corporation) C:\Windows\System32\snmp.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Oracle Corporation) C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
    HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [723392 2015-12-03] (McAfee, Inc.)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-01] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
    HKU\S-1-5-21-224342428-1839300246-3282489254-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-14] (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{64c5f559-ddf6-4316-89d8-b884db216ead}: [DhcpNameServer] 192.168.0.1

    Internet Explorer:
    ==================
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-25] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-25] (Oracle Corporation)
    IE Session Restore: HKU\S-1-5-21-224342428-1839300246-3282489254-1001 -> is enabled.
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
    DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-08] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-08] (McAfee, Inc.)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-08] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-08] (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-12-03] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-12-03] (McAfee, Inc.)

    FireFox:
    ========
    FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sop2y0b2.default
    FF Homepage: hxxp://www.sky.com/
    FF Session Restore: -> is enabled.
    FF Keyword.URL: hxxps://uk.search.yahoo.com/search?fr=mcafee&type=A111GB693&p=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
    FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-25] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-25] (Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [No File]
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-24] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-24] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-24] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-24] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-24] (Apple Inc.)
    FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sop2y0b2.default\searchplugins\McSiteAdvisor.xml [2016-02-15]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-08-17]
    FF Extension: Zotero Word for Windows Integration - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sop2y0b2.default\extensions\zoteroWinWordIntegration@zotero.org [2015-12-31]
    FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
    FF Extension: Visual Studio Test Helper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sop2y0b2.default\Extensions\visualstudiotesthelper@microsoft.com [2012-01-22] [not signed]
    FF Extension: Zotero - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sop2y0b2.default\Extensions\zotero@chnm.gmu.edu.xpi [2015-12-18]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => not found
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-01-08] [not signed]

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxps://www.google.com/"
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (SiteAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-22]
    CHR Extension: (Capture Webpage Screenshot Entirely. FireShot) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-01-15]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-20]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-11]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-11]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
    S4 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
    S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2571352 2016-01-05] (Dell Inc.)
    S4 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201816 2016-01-05] (Dell Inc.)
    S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
    S4 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    S4 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-02-08] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-12-03] (McAfee, Inc.)
    S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    S4 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    S4 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
    S4 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    S4 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
    R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [84624 2013-06-10] (Microsoft Corporation)
    S4 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
    S4 MYSQL56; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [13067264 2015-09-18] () [File not signed]
    R2 SNMP; C:\Windows\System32\snmp.exe [51712 2015-11-14] (Microsoft Corporation)
    R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [46080 2015-11-14] (Microsoft Corporation)
    S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
    S4 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-01-12] (Dell Inc.)
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
    R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
    R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
    R3 HPMo4DE3; C:\Windows\System32\drivers\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
    R3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
    R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
    S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
    R3 seehcri; C:\Windows\System32\drivers\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
    R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
    S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
    U3 idsvc; no ImagePath
    S3 PcdrNdisuio; \SystemRoot\syswow64\drivers\pcdrndisuio.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-15 19:27 - 2016-02-15 19:27 - 00000000 _____ C:\Recovery.txt
    2016-02-15 19:20 - 2016-02-15 19:20 - 00000000 ___HD C:\$Windows.~BT
    2016-02-15 19:19 - 2016-02-15 12:59 - 00000000 ___HD C:\$SysReset
    2016-02-15 13:53 - 2016-02-15 13:54 - 00019920 _____ C:\Users\User\Desktop\FRST.txt
    2016-02-15 13:52 - 2016-02-15 13:53 - 00000000 ____D C:\FRST
    2016-02-15 13:51 - 2016-02-15 13:51 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-DANIELBYE-Windows-10-Home-(64-bit).dat
    2016-02-15 13:51 - 2016-02-15 13:51 - 00000000 ____D C:\RegBackup
    2016-02-15 13:49 - 2016-02-15 13:49 - 00000000 ____D C:\Users\User\Desktop\tweaking.com_registry_backup_portable
    2016-02-15 13:25 - 2016-02-15 13:25 - 05198336 _____ (AVAST Software) C:\Users\User\Desktop\aswMBR.exe
    2016-02-15 13:25 - 2016-02-15 13:25 - 02370560 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
    2016-02-15 13:24 - 2016-02-15 13:24 - 02118566 _____ C:\Users\User\Desktop\tweaking.com_registry_backup_portable.zip
    2016-02-15 11:00 - 2016-02-15 11:11 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue RC - fc1a7bf7-ad5c-41a1-8403-6c5326cb201a
    2016-02-15 10:58 - 2016-02-15 10:58 - 00002330 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support.lnk
    2016-02-15 10:58 - 2016-02-15 10:58 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Rescue Applet
    2016-02-15 10:29 - 2016-02-15 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2016-02-14 17:07 - 2016-02-14 17:07 - 641218685 _____ C:\WINDOWS\MEMORY.DMP
    2016-02-14 17:07 - 2016-02-14 17:07 - 00000000 ____D C:\WINDOWS\Minidump
    2016-02-14 12:02 - 2016-02-14 12:32 - 00000000 ____D C:\ProgramData\SupportAssistAgent
    2016-02-14 12:02 - 2016-02-14 12:02 - 00003922 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2016-02-14 12:02 - 2016-02-14 12:02 - 00000000 __HDC C:\ProgramData\{010DD54D-6F97-418D-BC47-2089F30A0075}
    2016-02-12 10:35 - 2016-02-12 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-02-10 16:29 - 2016-02-10 16:29 - 00003742 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-02-10 16:20 - 2016-02-10 16:20 - 00004124 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
    2016-02-10 16:20 - 2016-02-10 16:20 - 00003560 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
    2016-02-10 16:20 - 2016-02-10 16:20 - 00003414 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
    2016-02-10 16:20 - 2016-02-10 16:20 - 00003294 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
    2016-02-10 16:19 - 2016-02-10 16:19 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
    2016-02-10 16:19 - 2016-02-10 16:19 - 00000000 ____D C:\Program Files\Dell Support Center
    2016-02-10 16:05 - 2016-02-10 16:05 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect
    2016-02-10 14:57 - 2016-01-29 06:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-02-10 14:57 - 2016-01-29 06:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-02-10 14:57 - 2016-01-27 06:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2016-02-10 14:57 - 2016-01-27 06:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-02-10 14:57 - 2016-01-27 06:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-02-10 14:57 - 2016-01-27 06:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-02-10 14:57 - 2016-01-27 06:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-02-10 14:57 - 2016-01-27 05:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-02-10 14:57 - 2016-01-27 05:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-02-10 14:57 - 2016-01-27 05:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2016-02-10 14:57 - 2016-01-27 05:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2016-02-10 14:57 - 2016-01-27 05:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2016-02-10 14:57 - 2016-01-27 05:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2016-02-10 14:57 - 2016-01-27 05:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
    2016-02-10 14:57 - 2016-01-27 05:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2016-02-10 14:57 - 2016-01-27 05:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2016-02-10 14:57 - 2016-01-27 05:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2016-02-10 14:57 - 2016-01-27 05:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-02-10 14:57 - 2016-01-27 05:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-02-10 14:57 - 2016-01-27 05:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-02-10 14:57 - 2016-01-27 05:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
    2016-02-10 14:57 - 2016-01-27 05:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2016-02-10 14:57 - 2016-01-27 05:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-02-10 14:57 - 2016-01-27 05:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-02-10 14:57 - 2016-01-27 05:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
    2016-02-10 14:57 - 2016-01-27 05:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
    2016-02-10 14:57 - 2016-01-27 05:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2016-02-10 14:57 - 2016-01-27 05:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
    2016-02-10 14:57 - 2016-01-27 05:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-02-10 14:57 - 2016-01-27 05:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
    2016-02-10 14:57 - 2016-01-27 05:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
    2016-02-10 14:57 - 2016-01-27 05:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
    2016-02-10 14:57 - 2016-01-27 05:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-02-10 14:57 - 2016-01-27 05:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-02-10 14:57 - 2016-01-27 05:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2016-02-10 14:57 - 2016-01-27 05:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-02-10 14:57 - 2016-01-27 05:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
    2016-02-10 14:57 - 2016-01-27 05:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
    2016-02-10 14:57 - 2016-01-27 05:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2016-02-10 14:57 - 2016-01-27 04:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
    2016-02-10 14:57 - 2016-01-27 04:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-02-10 14:57 - 2016-01-27 04:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-02-10 14:57 - 2016-01-27 04:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-02-10 14:57 - 2016-01-27 04:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-02-10 14:57 - 2016-01-27 04:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2016-02-10 14:57 - 2016-01-27 04:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-02-10 14:57 - 2016-01-27 04:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-02-10 14:57 - 2016-01-27 04:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2016-02-10 14:57 - 2016-01-27 04:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-02-10 14:57 - 2016-01-27 04:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-02-10 14:57 - 2016-01-27 04:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
    2016-02-10 14:57 - 2016-01-27 04:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-02-10 14:57 - 2016-01-27 04:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-02-10 14:57 - 2016-01-27 04:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-02-10 14:57 - 2016-01-27 04:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-02-10 14:57 - 2016-01-27 04:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-02-10 14:57 - 2016-01-27 04:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-02-10 14:57 - 2016-01-27 04:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-02-10 14:57 - 2016-01-27 04:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-02-10 14:57 - 2016-01-27 04:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
    2016-02-10 14:56 - 2016-01-27 05:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
    2016-02-10 14:56 - 2016-01-27 05:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
    2016-02-10 14:56 - 2016-01-27 05:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
    2016-02-10 14:56 - 2016-01-27 05:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
    2016-02-10 14:56 - 2016-01-27 04:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-01-28 09:52 - 2016-01-16 06:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2016-01-28 09:52 - 2016-01-16 06:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2016-01-28 09:51 - 2016-01-16 06:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
    2016-01-28 09:51 - 2016-01-16 06:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-01-28 09:51 - 2016-01-16 06:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-01-28 09:51 - 2016-01-16 06:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-01-28 09:51 - 2016-01-16 06:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2016-01-28 09:51 - 2016-01-16 06:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-01-28 09:51 - 2016-01-16 06:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
    2016-01-28 09:51 - 2016-01-16 06:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2016-01-28 09:51 - 2016-01-16 06:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2016-01-28 09:51 - 2016-01-16 06:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2016-01-28 09:51 - 2016-01-16 06:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2016-01-28 09:51 - 2016-01-16 06:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
    2016-01-28 09:51 - 2016-01-16 06:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
    2016-01-28 09:51 - 2016-01-16 06:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2016-01-28 09:51 - 2016-01-16 06:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-01-28 09:51 - 2016-01-16 06:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2016-01-28 09:51 - 2016-01-16 06:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2016-01-28 09:51 - 2016-01-16 06:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2016-01-28 09:51 - 2016-01-16 06:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2016-01-28 09:51 - 2016-01-16 06:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2016-01-28 09:51 - 2016-01-16 05:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
    2016-01-28 09:51 - 2016-01-16 05:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-01-28 09:51 - 2016-01-16 05:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-01-28 09:51 - 2016-01-16 05:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
    2016-01-28 09:51 - 2016-01-16 05:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
    2016-01-28 09:51 - 2016-01-16 05:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
    2016-01-28 09:51 - 2016-01-16 05:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-01-28 09:51 - 2016-01-16 05:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
    2016-01-28 09:51 - 2016-01-16 05:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2016-01-28 09:51 - 2016-01-16 05:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
    2016-01-28 09:51 - 2016-01-16 05:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
    2016-01-28 09:51 - 2016-01-16 05:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
    2016-01-28 09:51 - 2016-01-16 05:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
    2016-01-28 09:51 - 2016-01-16 05:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-01-28 09:51 - 2016-01-16 05:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-01-28 09:51 - 2016-01-16 05:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
    2016-01-28 09:51 - 2016-01-16 05:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
    2016-01-28 09:51 - 2016-01-16 05:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-01-28 09:51 - 2016-01-16 05:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2016-01-28 09:51 - 2016-01-16 05:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-01-28 09:51 - 2016-01-16 05:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
    2016-01-28 09:51 - 2016-01-16 05:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-01-28 09:51 - 2016-01-16 05:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
    2016-01-28 09:51 - 2016-01-16 05:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2016-01-28 09:51 - 2016-01-16 05:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
    2016-01-28 09:51 - 2016-01-16 05:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
    2016-01-28 09:51 - 2016-01-16 05:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2016-01-28 09:51 - 2016-01-16 05:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2016-01-28 09:51 - 2016-01-16 05:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
    2016-01-28 09:51 - 2016-01-16 05:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2016-01-28 09:51 - 2016-01-16 05:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
    2016-01-28 09:51 - 2016-01-16 05:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
    2016-01-28 09:51 - 2016-01-16 05:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2016-01-28 09:51 - 2016-01-16 05:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
    2016-01-28 09:51 - 2016-01-16 05:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
    2016-01-28 09:51 - 2016-01-16 05:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
    2016-01-28 09:51 - 2016-01-16 05:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-01-28 09:51 - 2016-01-16 05:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
    2016-01-28 09:51 - 2016-01-16 05:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
    2016-01-28 09:51 - 2016-01-16 05:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-01-28 09:51 - 2016-01-16 05:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-01-28 09:51 - 2016-01-16 05:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2016-01-28 09:51 - 2016-01-16 05:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2016-01-28 09:51 - 2016-01-16 05:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
    2016-01-28 09:51 - 2016-01-16 05:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2016-01-28 09:51 - 2016-01-16 05:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-01-28 09:51 - 2016-01-16 05:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-01-28 09:51 - 2016-01-16 05:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
    2016-01-28 09:51 - 2016-01-16 05:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
    2016-01-28 09:51 - 2016-01-16 05:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2016-01-28 09:51 - 2016-01-16 05:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
    2016-01-28 09:51 - 2016-01-16 05:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2016-01-28 09:51 - 2016-01-16 05:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2016-01-28 09:51 - 2016-01-16 05:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
    2016-01-28 09:51 - 2016-01-16 05:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
    2016-01-28 09:51 - 2016-01-16 05:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2016-01-28 09:51 - 2016-01-16 05:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2016-01-28 09:51 - 2016-01-16 05:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2016-01-28 09:51 - 2016-01-16 05:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
    2016-01-28 09:51 - 2016-01-16 05:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2016-01-28 09:51 - 2016-01-16 05:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
    2016-01-28 09:51 - 2016-01-16 05:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
    2016-01-28 09:51 - 2016-01-16 05:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
    2016-01-28 09:51 - 2016-01-16 05:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2016-01-28 09:51 - 2016-01-16 05:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2016-01-28 09:51 - 2016-01-16 05:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2016-01-28 09:51 - 2016-01-16 05:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2016-01-28 09:51 - 2016-01-16 05:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2016-01-28 09:51 - 2016-01-16 05:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-01-28 09:51 - 2016-01-16 05:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-01-28 09:51 - 2016-01-16 05:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-01-28 09:51 - 2016-01-16 05:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-01-28 09:51 - 2016-01-16 05:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
    2016-01-28 09:51 - 2016-01-16 05:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
    2016-01-28 09:51 - 2016-01-16 05:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2016-01-28 09:51 - 2016-01-16 05:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2016-01-28 09:51 - 2016-01-16 05:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
    2016-01-28 09:51 - 2016-01-16 05:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2016-01-28 09:51 - 2016-01-16 05:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2016-01-28 09:51 - 2016-01-16 05:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2016-01-28 09:51 - 2016-01-16 05:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-01-28 09:51 - 2016-01-16 05:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2016-01-28 09:51 - 2016-01-16 05:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2016-01-28 09:51 - 2016-01-16 05:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-01-28 09:51 - 2016-01-16 05:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2016-01-28 09:51 - 2016-01-16 05:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-15 13:50 - 2015-11-14 13:55 - 01112788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-02-15 13:50 - 2015-10-30 07:21 - 00000000 ____D C:\WINDOWS\INF
    2016-02-15 13:47 - 2014-07-21 10:03 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-02-15 12:47 - 2013-05-02 17:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-02-15 12:44 - 2009-10-28 15:13 - 00000000 ___SD C:\Users\User\Documents\My Web Sites
    2016-02-15 12:35 - 2014-07-21 10:03 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-02-15 11:54 - 2012-12-09 21:11 - 00000000 ____D C:\Users\User\Documents\Visual Studio 2012
    2016-02-15 11:49 - 2015-11-14 14:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-02-15 11:01 - 2015-10-30 07:11 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-02-15 10:59 - 2009-11-18 16:30 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E79AB2EC-E571-4F27-9DC3-54E9C63B7415}
    2016-02-15 10:36 - 2015-10-30 07:24 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-02-15 10:36 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-02-14 17:49 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\rescache
    2016-02-14 12:02 - 2009-04-22 09:39 - 00000000 ____D C:\Program Files (x86)\Dell
    2016-02-12 15:52 - 2015-09-10 05:42 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-02-12 15:50 - 2012-05-03 19:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-02-12 15:49 - 2015-10-30 06:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2016-02-12 15:48 - 2015-10-30 09:07 - 00000000 ____D C:\Program Files\Windows Journal
    2016-02-11 16:03 - 2013-08-10 12:11 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-02-11 15:54 - 2010-10-19 10:45 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-02-11 14:37 - 2014-07-21 10:04 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-02-11 14:37 - 2014-07-21 10:04 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-02-10 16:49 - 2015-10-30 06:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-02-10 16:30 - 2014-07-21 10:03 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-02-10 16:28 - 2010-12-13 20:32 - 00000000 ____D C:\Users\User\AppData\Roaming\PCDr
    2016-02-10 16:27 - 2009-04-22 09:38 - 00000000 ____D C:\ProgramData\PCDr
    2016-02-10 16:19 - 2009-04-22 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
    2016-02-10 16:05 - 2009-05-22 13:50 - 00000000 ____D C:\ProgramData\Dell
    2016-02-10 15:53 - 2015-11-14 13:56 - 00000000 ____D C:\Users\DefaultAppPool
    2016-02-10 15:53 - 2015-11-14 13:56 - 00000000 ____D C:\Users\Classic .NET AppPool
    2016-02-10 15:52 - 2015-10-30 09:07 - 00000000 ____D C:\WINDOWS\ShellNew
    2016-02-10 15:52 - 2015-10-30 07:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-02-10 15:52 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
    2016-02-10 15:52 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\system32\setup
    2016-02-10 15:52 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\system32\icsxml
    2016-02-10 15:52 - 2015-07-15 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-02-10 15:52 - 2013-11-11 15:42 - 00000000 ____D C:\ProgramData\Oracle
    2016-02-10 15:52 - 2013-04-22 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2016-02-10 15:52 - 2013-04-22 09:24 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
    2016-02-10 15:52 - 2012-04-29 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
    2016-02-10 15:52 - 2009-11-16 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
    2016-02-10 15:42 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\registration
    2016-02-10 15:40 - 2013-04-18 13:01 - 00000000 ____D C:\Users\User\Documents\Bigint
    2016-02-10 15:38 - 2009-10-27 20:26 - 00000000 ____D C:\Program Files\Microsoft SQL Server
    2016-02-10 15:37 - 2009-10-29 00:20 - 00000000 ____D C:\Program Files (x86)\Java
    2016-02-10 15:37 - 2009-10-27 20:25 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
    2016-02-10 15:24 - 2009-12-09 18:54 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
    2016-02-10 14:43 - 2015-08-28 15:58 - 00000000 ____D C:\Users\User\.oracle_jre_usage
    2016-02-05 10:40 - 2010-08-27 13:36 - 00000000 ____D C:\Users\User\Documents\Career
    2016-02-05 10:38 - 2013-04-22 09:24 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
    2016-02-03 19:01 - 2015-10-30 07:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-02-03 19:01 - 2015-10-30 07:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2016-02-03 17:19 - 2010-05-04 01:21 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
    2016-02-01 13:42 - 2013-05-13 10:49 - 00000000 ____D C:\Users\User\Documents\PC_Errors
    2016-01-28 16:30 - 2010-01-07 16:17 - 00000000 ____D C:\Users\User\Documents\PC Tips and logins
    2016-01-28 13:37 - 2012-02-11 22:33 - 00000000 ____D C:\ProgramData\McAfee
    2016-01-28 10:41 - 2012-09-04 20:26 - 00000000 ____D C:\Users\User\Documents\Personal
    2016-01-28 10:02 - 2015-10-30 07:24 - 00000000 ___SD C:\WINDOWS\system32\F12
    2016-01-28 10:02 - 2015-10-30 07:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
    2016-01-28 10:02 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2016-01-28 10:02 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\system32\oobe
    2016-01-28 10:02 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-01-28 10:02 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-01-25 14:49 - 2010-10-11 22:18 - 00075688 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-01-25 13:46 - 2015-07-15 13:56 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

    ==================== Files in the root of some directories =======

    2010-05-10 21:25 - 2010-05-10 21:24 - 0018638 _____ () C:\Program Files\AJAX_Architecture_at_client.png
    2010-05-10 21:25 - 2010-05-10 21:24 - 0018638 _____ () C:\Program Files\AJAX_Architecture_at_server.png
    2012-12-29 15:36 - 2012-12-29 15:36 - 0000288 _____ () C:\Users\User\AppData\Roaming\.backup.dm
    2011-12-23 13:21 - 2013-11-16 15:41 - 0034816 ___SH () C:\Users\User\AppData\Roaming\Thumbs.db
    2009-11-12 19:58 - 2009-11-12 19:59 - 0023604 _____ () C:\Users\User\AppData\Roaming\UserTile.png
    2015-09-11 11:31 - 2015-10-06 12:54 - 0000600 _____ () C:\Users\User\AppData\Local\PUTTY.RND
    2012-02-18 21:20 - 2015-09-02 14:38 - 0007597 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-02-11 15:45

    ==================== End of FRST.txt ============================

    #########################

    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2016-02-15 14:02:10
    -----------------------------
    14:02:10.012 OS Version: Windows x64 6.2.9200
    14:02:10.012 Number of processors: 8 586 0x1A04
    14:02:10.012 ComputerName: DANIELBYE UserName: User
    14:02:11.543 Initialize success
    14:02:11.746 VM: initialized successfully
    14:02:11.746 VM: Intel CPU supported
    14:02:21.231 VM: disk I/O iaStorAV.sys
    14:02:39.802 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002e
    14:02:39.802 Disk 0 Vendor: Intel___ 1.0. Size: 953875MB BusType: 8
    14:02:39.989 Disk 0 MBR read successfully
    14:02:39.989 Disk 0 MBR scan
    14:02:39.989 Disk 0 Windows 7 default MBR code
    14:02:39.989 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 78 MB offset 63
    14:02:40.005 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 161792
    14:02:40.005 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 937985 MB offset 31619072
    14:02:40.052 Disk 0 Partition 4 00 27 Hidden NTFS WinRE NTFS 450 MB offset 1952612352
    14:02:40.115 Disk 0 scanning C:\WINDOWS\system32\drivers
    14:02:53.914 Service scanning
    14:03:08.419 Modules scanning
    14:03:08.419 Disk 0 trace - called modules:
    14:03:08.435 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorAV.sys
    14:03:08.450 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00186f85060]
    14:03:08.450 3 CLASSPNP.SYS[fffff8017df07d95] -> nt!IofCallDriver -> [0xffffe001855f6dd0]
    14:03:08.450 5 ACPI.sys[fffff8017ce21361] -> nt!IofCallDriver -> \Device\0000002e[0xffffe001855ff060]
    14:03:08.450 Disk 0 statistics 20948/0/0 @ 0.89 MB/s
    14:03:08.450 Scan finished successfully
    14:04:25.216 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
    14:04:25.263 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"





    ###########################

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
    Ran by User (2016-02-15 13:55:50)
    Running from C:\Users\User\Desktop
    Windows 10 Home (X64) (2015-11-14 14:55:24)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-224342428-1839300246-3282489254-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-224342428-1839300246-3282489254-503 - Limited - Disabled)
    Guest (S-1-5-21-224342428-1839300246-3282489254-501 - Limited - Disabled)
    User (S-1-5-21-224342428-1839300246-3282489254-1001 - Administrator - Enabled) => C:\Users\User

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
    FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)
    Acrobat.com (x32 Version: 2.3.0 - Adobe Systems Incorporated) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    ATI Catalyst Install Manager (HKLM\...\{B194254C-74AD-D391-88B8-13BE11B7987E}) (Version: 3.0.691.0 - ATI Technologies, Inc.)
    Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    ccc-core-static (x32 Version: 2008.0917.337.4556 - ATI) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Crimson Editor SVN263 (HKLM-x32\...\Crimson Editor SVN263) (Version: SVN263 - Emerald Editor Community)
    Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
    CX4300_5500_DX4400 manual (HKLM-x32\...\CX4300_5500_DX4400 manual) (Version: - )
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
    Dell Data Vault (Version: 4.3.7.0 - Dell Inc.) Hidden
    Dell Driver Download Manager (HKU\S-1-5-21-224342428-1839300246-3282489254-1001\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6745.47 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{A62A2F03-3006-40CA-A3FA-C1086B2FEF5D}) (Version: 1.2.0.94 - Dell)
    Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
    Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
    EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
    EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
    EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
    EPSON Easy Photo Print (HKLM-x32\...\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}) (Version: 1.4.2.0 - )
    EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
    EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
    EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
    Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
    FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
    GDR 5520 for SQL Server 2008 (KB2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
    GDR 5538 for SQL Server 2008 (KB3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
    iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
    iisnode for iis express 7.x (HKLM-x32\...\{3965F475-7CCF-46CB-A1D3-64CC6A778BCD}) (Version: 0.1.19.0 - Microsoft Corporation)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Network Connections 13.1.33.0 (HKLM\...\PROSetDX) (Version: 13.1.33.0 - Intel)
    Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
    iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
    Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
    JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
    LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
    McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6136 - McAfee, Inc.)
    McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.170 - McAfee, Inc.)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft Access 2010 (HKLM-x32\...\Office14.AccessR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Advertising SDK for Windows Phone - ENU (HKLM-x32\...\{656458ED-DA77-4C82-AF2F-1640C191A2A7}) (Version: 5.2.819.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 - VWD Express 2010 Tools Update (HKLM-x32\...\{21E7A706-31FF-46AA-A294-FA4A8917B59F}) (Version: 3.0.20406.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages - VWD Express 2010 Tools (HKLM-x32\...\{3CFFC382-6C23-42CB-8B1E-625F9F84E362}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages 2 (HKLM-x32\...\{cb29be6c-39c4-493e-9da7-d585d5353714}) (Version: 2.0.20715.0 - Microsoft Corporation)
    Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
    Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.30816.0) (Version: 4.0.30816.0 - Microsoft Corporation)
    Microsoft Expression Blend 4 Add-in for Adobe FXG Import (HKLM-x32\...\{EFBBD030-48F0-43B3-A8AD-789894DAD0B5}) (Version: 1.0.20817.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for Windows Phone 7 (HKLM-x32\...\{69E11501-75F7-4ACE-8103-52513DDCFE26}) (Version: 2.0.20901.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for Windows Phone OS 7.1 (HKLM-x32\...\{12B8E200-99CC-4203-A8D1-4145FC4D0192}) (Version: 2.0.30816.0 - Microsoft Corporation)
    Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1639.0) (Version: 4.0.1639.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F940D859-DDB5-4067-82E2-3C8D02F8E09F}) (Version: 4.0.1653.0 - Microsoft Corporation)
    Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1303.0) (Version: 4.0.1303.0 - Microsoft Corporation)
    Microsoft Expression Web 4 Service Pack 2 (HKLM-x32\...\{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}) (Version: - Microsoft Corporation)
    Microsoft F# Runtime for Silverlight 4 (HKLM-x32\...\{27B6D024-FD7E-4A88-BC17-5AFBE33EC072}) (Version: 2.0.0.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{E016AA48-A21B-4728-9BD0-E3AAE23BEE5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{3965C9F9-9B9A-4391-AC4B-8388210D3AA0}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Setup (English) (HKLM\...\{977887EC-1C9B-47FA-8489-88E5E7F43D5E}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{3D3F1CCD-2C87-4DDD-9B8C-CC0EB429E04D}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{A67C75DE-BED6-4F1B-97EB-30CD1D40FFED}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{59DE4D1C-690E-4397-8A44-B684934E863C}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{7FE9A69F-6D91-4E2E-86B5-E2EB27AE6041}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 Scripting Tools ENU CTP1 (HKLM-x32\...\{82284382-30E3-4DED-980B-746278DA6CC2}) (Version: 4.0.8854.1 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 Web Tools ENU (HKLM-x32\...\{A51500FE-6408-4305-B071-B961F691A4CE}) (Version: 4.0.8482.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools – Build Utilities (HKLM-x32\...\{84D4753E-A5F3-459A-BC8E-5DCF834CBEA4}) (Version: 10.2.11213.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - Database Projects (HKLM-x32\...\{26b77594-273e-438e-936a-2ec531c0158e}) (Version: 10.2.11213.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.50730.0) (HKLM-x32\...\{E160BE54-CD8A-4B26-A322-137CDF997D5F}) (Version: 11.1.50730.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools (HKLM-x32\...\{3C2441C2-1644-40BA-8491-9518BD34D6C4}) (Version: 10.2.11213.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools 2012 (HKLM-x32\...\{14440351-90c3-4157-b70f-c4430ea882d6}) (Version: 11.1.50730.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.31009.1) (HKLM-x32\...\{6D3F8FA8-A8EF-4200-8F61-68E3D0C42F8F}) (Version: 11.1.31009.1 - Microsoft Corporation)
    Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
    Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{C9F697B9-FAC8-4B76-9D3D-40FA3BFA4F9E}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{CD5AAE18-1DF8-4D7B-8B99-9071D7D36126}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{DEB263CA-0386-4648-8382-FB78DBFA2C5F}) (Version: 11.2.5058.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Web - ENU (HKLM-x32\...\{0845d9ea-46e3-4ac6-af9d-2e3e8e386d80}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{17c2e197-cf26-443b-8beb-53151940df3f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Web Deploy 2.0 (HKLM\...\{5134B35A-B559-4762-94A4-FD4918977953}) (Version: 2.0.1070 - Microsoft Corporation)
    Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
    Microsoft WebMatrix 3 (HKLM-x32\...\{4C1CB8FA-89A5-476A-89B6-C69BDC668A9F}) (Version: 2.0.1932 - Microsoft Corporation)
    Microsoft Windows Phone Developer Tools - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Express for Windows Phone - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Microsoft XNA Game Studio 4.0 Refresh (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.30901.0 - Microsoft Corporation)
    Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation)
    Mozilla Firefox 44.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-GB)) (Version: 44.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
    MySQL Connector C++ 1.1.6 (HKLM\...\{80EE5F65-5553-47A1-B6A9-8BF3211D21A3}) (Version: 1.1.6 - Oracle and/or its affiliates)
    MySQL Connector J (HKLM-x32\...\{08BE0787-D0CE-4240-93EF-D73DA099A285}) (Version: 5.1.37 - Oracle Corporation)
    MySQL Connector Net 6.9.7 (HKLM-x32\...\{2C148B86-FF80-49A7-BA18-E4CEF6464AE6}) (Version: 6.9.7 - Oracle)
    MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
    MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
    MySQL Documents 5.6 (HKLM-x32\...\{4D17B5C1-7388-4647-9A24-D5FDD173D4EA}) (Version: 5.6.27 - Oracle Corporation)
    MySQL Examples and Samples 5.6 (HKLM-x32\...\{3E1DCC2B-8A78-4E91-B2EC-9DCFE25D41FA}) (Version: 5.6.27 - Oracle Corporation)
    MySQL for Visual Studio 1.2.4 (HKLM-x32\...\{32D9A474-FAFC-4E77-B804-055595D5B9E9}) (Version: 1.2.4 - Oracle)
    MySQL Installer - Community (HKLM-x32\...\{14E622E3-878B-4C66-AB07-49CB19FCCE73}) (Version: 1.4.11.0 - Oracle Corporation)
    MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
    MySQL Server 5.6 (HKLM\...\{861A680B-2084-444B-BE8D-89E153BEEEE3}) (Version: 5.6.27 - Oracle Corporation)
    node.js (HKLM-x32\...\{BD99B630-E3FF-4DB5-AA19-BC9990021429}) (Version: 0.6.20 - Joyent, Inc)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
    Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
    Secure Download Manager (HKLM-x32\...\{4A5667B2-5D13-46C2-85B5-9D46A6096F61}) (Version: 3.1.0 - Kivuto Solutions Inc.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
    Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    Skins (x32 Version: 2008.0917.337.4556 - ATI) Hidden
    Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
    SQL Server 2012 Common Files (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Management Studio (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
    Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
    VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
    Visual C++ 2008 IA64 Runtime - v9.0.30729.01 (HKLM-x32\...\{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
    Visual C++ 2008 x64 Runtime - v9.0.30729.01 (HKLM-x32\...\{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
    Visual C++ 2008 x86 Runtime - v9.0.30729.4148 (HKLM-x32\...\{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Visual C++ 2008 x86 Runtime - v9.0.30729.5570 (HKLM-x32\...\{A2425E6C-8A37-3D63-A3A7-8ED5355FDF0B}.vc_x86runtime_30729_5570) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Visual C++ 2008 x86 Runtime - v9.0.30729.6161 (HKLM-x32\...\{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}.vc_x86runtime_30729_6161) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
    Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
    Visual Studio 2010 SP1 Tools for SQL Server Compact 4.0 ENU (HKLM-x32\...\{D25C502E-FF51-424C-8C38-8596FE47D0CD}) (Version: 4.0.8482.1 - Microsoft Corporation)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    Visual Studio 2012 Update 5 (KB2707250) (HKLM-x32\...\{6d052d71-b953-48cd-8a75-3462b00efeb7}) (Version: 11.0.61219 - Microsoft Corporation)
    Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20602 (HKLM-x32\...\{ce404cfb-7e03-4ad5-a518-45dbb0a48a34}) (Version: 1.0.9200.20602 - Microsoft Corporation)
    WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
    WCF Data Services SDK for Windows Phone (HKLM-x32\...\{6F33C2E2-5E02-4344-90BC-ED55C48341D2}) (Version: 4.7.6.0 - Microsoft Corporation)
    WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
    Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Windows Phone Emulator x64 - ENU (HKLM\...\{C9AEABC2-1DD6-3280-9A1A-11E1E8D34AAD}) (Version: 10.0.40219 - Microsoft Corporation)
    Windows Phone SDK 7.1 - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU) (Version: 10.1.40219 - Microsoft Corporation)
    Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU (HKLM-x32\...\{A721BC43-E63E-3531-B1BF-6A405F9530BD}) (Version: 10.0.40219 - Microsoft Corporation)
    Windows Phone SDK 7.1 Assemblies (HKLM-x32\...\{9E2F2BAC-A9FD-35BC-B8E0-253FEBED0F9B}) (Version: 10.0.40219 - Microsoft Corporation)
    Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (HKLM-x32\...\{A4CC18F6-DB05-4B03-B724-4128322FA85F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-224342428-1839300246-3282489254-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {030A797E-67E2-43E6-BC28-2FA2DB9DBA7F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {06737B54-B51B-44E1-9956-14C01EA03683} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-01-12] (Dell Inc.)
    Task: {088859C0-6389-4C59-BB71-B4AD300B8765} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
    Task: {0D5161FF-E5F9-49A5-9AA0-807CDC0BACBE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {0D62EE11-9702-4BCA-9A85-6A2B1287352E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {0EB11967-C009-4A1C-8616-7D2D6E85C08C} - System32\Tasks\{30DDB06B-204D-4985-A4D2-3ECDD10E2CE7} => pcalua.exe -a C:\Users\User\Downloads\vs_vmsdk.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {0FC54AC5-2982-4D58-B2A4-22C24E6C0046} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
    Task: {103B040B-54DE-44E7-A403-42A46161CD4D} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
    Task: {155EE42C-C6C5-4923-918D-2BDA92474208} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
    Task: {1DA65D4B-DEA4-4230-B955-B71D262CAB69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
    Task: {20285DA3-083E-4041-8D8C-C8F29CCE59A4} - System32\Tasks\{61872B1F-CA41-4CA2-A969-C73E7E482262} => pcalua.exe -a C:\Users\User\Documents\S435-114.EXE -d C:\Users\User\Documents
    Task: {24950CAC-24A1-4D3F-B0D7-17A12B983D5C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
    Task: {2E0572D8-AEA9-452C-8C57-850F7A996C7B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {2E115B3A-4780-45F6-865C-21C7243ABA70} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {361ECC0A-E10C-4351-969F-C0D59940A79C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
    Task: {37B88252-ED21-4402-B2E0-69BE717B4216} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {3DB9B023-C7E1-47DF-BD0B-38FFE0C3196D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
    Task: {3DEED11A-E398-4964-A313-E5DB8DCABD08} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
    Task: {3F7D3090-CDA9-4766-BB28-CB0B199EFEC1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
    Task: {4004DD3F-CDDA-4C8E-91AC-ECD70EC02F44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
    Task: {46363FD6-E4CF-4C57-90A4-4C5A70F2593F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
    Task: {46FDDD45-96E5-49AC-90C8-0A603BF5FE66} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
    Task: {5525A287-D46C-438E-BC7E-5A27F2E5E96B} - System32\Tasks\{E8954688-625C-4D87-903C-2B881C4279C9} => pcalua.exe -a "C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FXEYODB8\jre-6u24-windows-i586-iftw[1].exe" -d C:\Users\User\Desktop
    Task: {5C2361AD-3E71-40F8-B8DB-8A9F84731FA6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {5D63AA3A-9DF6-4B21-9693-FD2D49664244} - System32\Tasks\{80225B47-001C-42D9-B0C5-3161635FC3E8} => pcalua.exe -a "C:\Program Files\Flex_SDK\flex_sdk_4.1\runtimes\player\10\win\Install Flash Player 10 Plugin.exe" -d "C:\Program Files\Flex_SDK\flex_sdk_4.1\runtimes\player\10\win"
    Task: {5D95C3AC-9AA5-46B3-AB7A-476CD2857980} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {61931E50-BA80-4043-8BA4-823EB27955C6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {645A477D-4F16-4359-A198-17B1C26CC551} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {679631B7-46FD-4ACC-A80B-A8EEBA63D938} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {6B2E0F17-899F-463C-AF68-E8A1D984E8E9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
    Task: {6C229EC4-0FA3-41F8-9DE9-4105D75B26BB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-12-29] (PC-Doctor, Inc.)
    Task: {70E450EF-9D90-451B-8ED9-47E2D41A8101} - System32\Tasks\{46769592-2AC7-416C-90CD-BF6E1098E1BC} => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
    Task: {75421467-2EEF-4EBB-B369-C452E7D26A8B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {7BBE0D62-FFCD-481B-AF53-C166E43ED41C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {7DE0570F-ED91-4D95-8E93-E3E2CA1C4D1C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
    Task: {7EBB644E-8A2A-4B4A-8AA3-EB98211D1DE1} - System32\Tasks\{DF8B4859-63E9-4800-9863-8FC3D4B20F57} => pcalua.exe -a C:\Users\User\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\User\Downloads
    Task: {8DD325A6-A704-476E-8712-370362F66CF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
    Task: {8E055CBB-DF73-4F4B-BEA1-51CB93DD3879} - System32\Tasks\{2FBE9B6C-E9C2-4B0D-A91B-3BF984CF3313} => pcalua.exe -a C:\Users\User\Downloads\VS90sp1-KB945140-ENU.exe -d C:\Users\User\Downloads
    Task: {911F5D41-7951-4281-9F6B-DF063B031E0B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-11] (Microsoft Corporation)
    Task: {91F513D4-1805-4FFB-8B24-E2CE161F1D19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
    Task: {9623606D-224F-4386-9F55-1935A903797A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {9A57E470-57AF-4BAE-95AC-227DAB43E455} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {9FDBE263-294E-4E8D-8C3F-429CA7AEED6E} - System32\Tasks\{2D01D377-86BB-450D-898B-4C157440569B} => pcalua.exe -a C:\Users\User\Downloads\S435-114.EXE -d C:\Users\User\Downloads
    Task: {A0F00067-0014-474A-869C-A7AB5C86888F} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {A1968529-18F4-4F1A-AB80-52DAB4D8A82A} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-12-29] (PC-Doctor, Inc.)
    Task: {A5D8B836-6E03-4940-A9A4-982D5B2CCA31} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {B288ECF2-4199-4D5F-95F5-3BFBF09BC79D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
    Task: {B3155FD1-2698-4280-BC7B-D7317D7C6BE9} - System32\Tasks\{C4D81C53-524C-481B-92CF-714E48760367} => pcalua.exe -a "C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual Studio 2008 Professional Edition - ENU\setup.exe"
    Task: {B437DF91-59FD-41B2-8344-B01F3F75D7AB} - System32\Tasks\{CFD2F969-5B51-407F-849A-25C9EEC553E8} => pcalua.exe -a "c:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSContentInstaller.exe" -d "C:\Program Files (x86)\Mozilla Firefox" -c "C:\Users\User\AppData\Local\Temp\Club.vsi"
    Task: {B45A355D-A938-4D75-9616-5A751203253F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
    Task: {BC23A869-AA7D-47A1-B1B6-9316BED776E1} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-08-20] (Oracle Corporation)
    Task: {BE3A6186-BC62-42C3-A54E-B536A7A684FE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {C01A9735-408B-426F-BFB8-FFFF1D95FD25} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
    Task: {CC0CD62A-1A70-44AF-8D22-438ADA94754B} - System32\Tasks\{2612925F-21C7-410D-8B6A-B3CEFBEF1D6D} => pcalua.exe -a C:\Users\User\Downloads\dotnetfx35.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {CC242ED1-AB27-4FB4-83C1-EDB4049032B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D42A4CCC-DE6F-4532-B31D-DAD2F49DC2AA} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
    Task: {E82A4644-B4EC-48A1-A630-5211E54B5488} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
    Task: {E8C372CC-52B6-40C5-861D-E7295A982F42} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
    Task: {F00875E3-AE74-4200-963F-BF5AD0331E56} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
    Task: {F359F594-4071-43BE-B133-2481B826A5DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {F443DE61-D2E9-416B-81AD-38796B2250F9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {F4E205F9-3572-43B7-885A-F63668366F26} - System32\Tasks\{E441F5C6-9424-43D0-9163-52552EE1B654} => pcalua.exe -a "C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMJTYLW3\jre-6u31-windows-i586-iftw.exe" -d C:\Users\User\Desktop
    Task: {F9D189FF-9E96-4C8F-840B-1EF939471B8A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2015-10-30 07:18 - 2015-10-30 07:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2015-12-04 11:42 - 2015-11-22 10:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-12-04 11:42 - 2015-11-22 10:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-01-30 16:18 - 2015-10-16 10:02 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
    2015-12-18 10:33 - 2015-12-07 04:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2015-12-18 10:33 - 2015-12-07 04:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2016-01-14 11:18 - 2016-01-05 01:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-01-14 11:20 - 2016-01-05 01:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-01-28 09:51 - 2016-01-16 05:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-01-28 09:51 - 2016-01-16 05:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-01-28 09:58 - 2016-01-28 09:58 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2016-01-28 09:58 - 2016-01-28 09:58 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-01-28 09:58 - 2016-01-28 09:58 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-224342428-1839300246-3282489254-1001\...\bigint.co.uk -> hxxps://bigint.co.uk
    IE trusted site: HKU\S-1-5-21-224342428-1839300246-3282489254-1001\...\dell.com -> dell.com
    IE trusted site: HKU\S-1-5-21-224342428-1839300246-3282489254-1001\...\onthehub.com -> hxxps://e5.onthehub.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 12:34 - 2015-09-05 12:45 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-224342428-1839300246-3282489254-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
    DNS Servers: Media is not connected to internet.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AERTFilters => 2
    MSCONFIG\Services: AMD External Events Utility => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: Dell Customer Connect => 2
    MSCONFIG\Services: DellDataVault => 2
    MSCONFIG\Services: DellDataVaultWiz => 2
    MSCONFIG\Services: DellUpdate => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: HomeNetSvc => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: McAfee SiteAdvisor Service => 2
    MSCONFIG\Services: mccspsvc => 2
    MSCONFIG\Services: McNaiAnn => 2
    MSCONFIG\Services: McODS => 3
    MSCONFIG\Services: mcpltsvc => 2
    MSCONFIG\Services: McProxy => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: MSK80Service => 2
    MSCONFIG\Services: MYSQL56 => 2
    MSCONFIG\Services: stllssvr => 3
    MSCONFIG\Services: SupportAssistAgent => 2
    MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
    MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    MSCONFIG\startupreg: DellSystemDetect => C:\Users\User\AppData\Local\Apps\2.0\8RDDVD1R.HPJ\OD5XRQDY.D2Y\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
    MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    MSCONFIG\startupreg: SkyDrive => "C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "StartCCC"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
    FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
    FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
    FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
    FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
    FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
    FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
    FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
    FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
    FirewallRules: [{3037ED93-8CA9-493C-AD99-6E644D797F6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{51F808E6-445A-489F-8F85-E09EC1A49EAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E05B7338-21F4-4B36-B8EA-FF85C891D057}] => (Allow) LPort=3306
    FirewallRules: [{B9835890-8933-4717-820B-9F257C7CEE14}] => (Allow) LPort=3306
    FirewallRules: [{39217BC6-9114-4A93-B607-BDA286681404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{88F6C212-489F-400C-9497-09351542D9A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{28E80EE7-69BF-4894-8D68-2348B4DA36DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{AB4FA468-EC0C-4B97-BF23-C114BC246480}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{87CCB871-CA26-467F-873F-5DF7694A9ECD}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
    FirewallRules: [{FF43CFF9-7D0D-4C9C-9F10-4CA78868ADE0}] => (Allow) svchost.exe
    FirewallRules: [{AB33BB27-BD52-41FC-8F3E-C56CB4A4212F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{CA8824F3-BBBE-4244-9867-6720C6895D3D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{21274BD9-45C3-41A9-A709-96F4C50F1C3E}] => (Allow) LPort=2869
    FirewallRules: [{91CC71BF-C70A-47EA-969B-3235C5D400D3}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{8D8D9B6A-1709-4EA5-B7F3-00BBBD1BA3C0}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [UDP Query User{D489A902-7510-4067-894D-5EB44C52EB6A}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [TCP Query User{5CB6E129-4920-46D0-9DC7-6F94E357F57B}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [UDP Query User{70365011-43BA-4D73-B05B-56A988716078}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
    FirewallRules: [{31690A2B-C366-4619-9EE8-E8B1C617B179}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
    FirewallRules: [{7D7FCBC3-53D2-4897-B16F-DFE89CC03CA3}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    FirewallRules: [{7B2B3B1C-2906-4CAC-9D7C-3EB8A274EEDC}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    FirewallRules: [{18FC9039-3C21-47CA-94E4-04E2253D0AA9}] => (Allow) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{282930E6-C07C-47B1-A205-7DEB0E7655A4}] => (Allow) LPort=3306
    FirewallRules: [{D4392761-59C1-4BF5-B7C9-12695A44E238}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{E31ED2EA-8E92-4F9A-A297-D87B5B7325B6}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{97589C6C-A93E-45B9-814E-E043956E5DF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{4BD7434D-8EEA-4589-AE31-A7CE4884044E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{81BB91F3-9A4D-4790-ADD6-9F79285BFD47}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{0DD5C4FE-3C7F-4135-9AC7-69E5AE449ABC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/15/2016 10:27:08 AM) (Source: Perflib) (EventID: 1023) (User: )
    Description: SQLAgent$SQLEXPRESS8

    Error: (02/15/2016 10:27:06 AM) (Source: Perflib) (EventID: 1023) (User: )
    Description: MSSQL$SQLEXPRESS8

    Error: (02/14/2016 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
    Description: The backup did not complete because of an error writing to the backup location J:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

    Error: (02/14/2016 04:54:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIELBYE)
    Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (02/14/2016 10:01:23 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DellDataVault.exe, version: 3.9.3.0, time stamp: 0x54cc079f
    Faulting module name: DellDataVault.exe, version: 3.9.3.0, time stamp: 0x54cc079f
    Exception code: 0xc0000005
    Fault offset: 0x000000000001aa84
    Faulting process id: 0x23e8
    Faulting application start time: 0xDellDataVault.exe0
    Faulting application path: DellDataVault.exe1
    Faulting module path: DellDataVault.exe2
    Report Id: DellDataVault.exe3
    Faulting package full name: DellDataVault.exe4
    Faulting package-relative application ID: DellDataVault.exe5

    Error: (02/14/2016 10:00:43 AM) (Source: Perflib) (EventID: 1023) (User: )
    Description: SQLAgent$SQLEXPRESS8

    Error: (02/14/2016 10:00:42 AM) (Source: Perflib) (EventID: 1023) (User: )
    Description: MSSQL$SQLEXPRESS8

    Error: (02/12/2016 03:56:00 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DellDataVault.exe, version: 3.9.3.0, time stamp: 0x54cc079f
    Faulting module name: DellDataVault.exe, version: 3.9.3.0, time stamp: 0x54cc079f
    Exception code: 0xc0000005
    Fault offset: 0x000000000001aa84
    Faulting process id: 0x2374
    Faulting application start time: 0xDellDataVault.exe0
    Faulting application path: DellDataVault.exe1
    Faulting module path: DellDataVault.exe2
    Report Id: DellDataVault.exe3
    Faulting package full name: DellDataVault.exe4
    Faulting package-relative application ID: DellDataVault.exe5

    Error: (02/12/2016 03:05:38 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: MSHTML.dll, version: 11.0.10586.71, time stamp: 0x5699d485
    Exception code: 0xc00000fd
    Fault offset: 0x0041d8f4
    Faulting process id: 0x1b84
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (02/12/2016 02:47:56 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.10586.20, time stamp: 0x56541caa
    Faulting module name: MSHTML.dll, version: 11.0.10586.71, time stamp: 0x5699d485
    Exception code: 0xc00000fd
    Fault offset: 0x0041d6be
    Faulting process id: 0x1d60
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5


    System errors:
    =============
    Error: (02/15/2016 01:57:24 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0x9000000026928. The name of the file is "\Users\User\SkyDrive\Documents\Documents\Bakups_DOCTRINA\25_4_Upload\Photo Gallery\Photo Gallery\App_Code". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 01:57:24 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0xa000000029aab. The name of the file is "\Users\User\SkyDrive\Documents\Documents\Development_Tools\Twitter-Bootstrap\twitter-bootstrap-v2.1.0-1-g320b75d\twitter-bootstrap-320b75d\docs\build\node_modules\hogan.js\wrappers". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 01:57:24 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0xd000000029ab1. The name of the file is "\Users\User\SkyDrive\Documents\Documents\Development_Tools\Twitter-Bootstrap\twitter-bootstrap-v2.1.0-1-g320b75d\twitter-bootstrap-320b75d\docs\components". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 01:57:07 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0x20000000545c4. The name of the file is "\Users\User\SkyDrive\Documents\Documents\JDrive_SanDiskCruzer\Removable Disk\University\BA Hons Computing in Business\Year 2\Web & Application Dev't\Week14". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 01:57:07 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0x100000005912c. The name of the file is "\Users\User\SkyDrive\Documents\Documents\Year3_Downloads_For_Sabatical\Year3\Corporate_Business_Strategy\Lectures\Lecture5". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 01:56:48 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0x600000001d6b4. The name of the file is "\Users\User\SkyDrive\Documents\LDrive_ClearMem_Stick\USB DISK\University\Steve Wade - developing database apps\WadeDatabaseExamples\SQL Tutorials". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 01:56:48 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0x500000001d975. The name of the file is "\Users\User\SkyDrive\Documents\LDrive_ClearMem_Stick\USB DISK\University - Computing in Business\Year 1 - 2008-2009\Term 1\CFI 2145 - Fundamentals of Info Systems\FIS - Assignment 1". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 12:59:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Sync Host_528df service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (02/15/2016 12:21:54 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0x200000008cb79. The name of the file is "\Users\User\Documents\Bigint\Bigint_Customers\Browndog_Designs\DeliverablesLtd\Plugins\Image_Plugins\revslider\images\dummy". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

    Error: (02/15/2016 12:21:36 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.

    A corruption was found in a file system index structure. The file reference number is 0x300000008c32d. The name of the file is "\Users\User\Documents\Bigint\Bigint_Customers\Browndog_Designs\DeliverablesLtd\Backups\24-9-14_Full_Online\public_html\wp-content\uploads\2014\05". The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".


    CodeIntegrity:
    ===================================
    Date: 2016-02-14 16:56:43.144
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-02-12 15:52:26.658
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-02-12 10:24:03.203
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-01-28 10:10:09.278
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-01-15 13:52:13.507
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-01-12 13:12:23.173
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-01-08 11:02:42.616
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-12-31 13:19:45.175
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-12-31 11:37:08.656
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-12-31 11:05:36.596
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
    Percentage of memory in use: 35%
    Total physical RAM: 6135.14 MB
    Available physical RAM: 3932.36 MB
    Total Virtual: 12279.14 MB
    Available Virtual: 10227.39 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:916 GB) (Free:793.72 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:8.17 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08000000)
    Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
    Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
    Partition 3: (Active) - (Size=916 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

    ==================== End of Addition.txt ============================
    Last edited by tashi; 2016-02-19 at 07:03. Reason: Merged two posts. :-)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •