1. #1

    For BrianDrab

    This post is in reference to my thread in Windows Update

    Checkup results:
    Results of screen317's Security Check version 1.001
    x64 (UAC is enabled)
    Internet Explorer 10 Out of date!
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Windows Defender
    avast! Antivirus
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    MVPS Hosts File
    Spybot - Search & Destroy
    Java 8 Update 31
    Java version 32-bit out of Date!
    Adobe Reader XI
    Mozilla Firefox 36.0.4 Firefox out of Date!
    ````````Process Check: objlist.exe by Laurent````````
    Spybot Teatimer.exe is disabled!
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast avastui.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````


    FRST results:
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
    Ran by Rito (administrator) on HOMEPC on 01-05-2015 18:24:53
    Running from C:\Users\Rito\Desktop
    Loaded Profiles: Rito (Available profiles: Rito & Administrator)
    Platform: Windows 8 (X64) OS Language: English (United States)
    Internet Explorer Version 10 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
    (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
    () C:\Program Files\Belkin\USB Control Center\Bkapcs.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    () C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
    (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
    () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
    (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe

    ==================== Registry (Whitelisted) ==================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
    HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [757888 2012-07-02] (Qualcomm Atheros)
    HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127104 2012-07-02] (Qualcomm Atheros Commnucations)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
    HKLM-x32\...\Run: [Shwicon9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe [262144 2012-06-28] ()
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-03] (AVAST Software)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    Winlogon\Notify\ScCertProp: wlnotify.dll [X]
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-3433547100-3960895037-459998971-1001\...\MountPoints2: {5fb743fb-78b1-11e2-be70-9c2a701dfdce} - "J:\LaunchU3.exe" -a
    AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [21864 2012-07-25] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit.dll [20328 2012-07-25] (NVIDIA Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-07-23]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Users\Rito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USB Control Center.lnk [2014-10-07]
    ShortcutTarget: USB Control Center.lnk -> C:\Program Files\Belkin\USB Control Center\Connect.exe (Belkin International, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-07-09] (AVAST Software)
    BootExecute: autocheck autochk * sdnclean64.exe
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    HKU\S-1-5-21-3433547100-3960895037-459998971-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    HKU\S-1-5-21-3433547100-3960895037-459998971-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
    SearchScopes: HKU\S-1-5-21-3433547100-3960895037-459998971-1001 -> DefaultScope {91E6FD29-62A2-45D8-A552-9A0305A9D5C6} URL =
    SearchScopes: HKU\S-1-5-21-3433547100-3960895037-459998971-1001 -> {91E6FD29-62A2-45D8-A552-9A0305A9D5C6} URL =
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-07-02] (Qualcomm Atheros Commnucations)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-09] (AVAST Software)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-09] (AVAST Software)
    BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
    DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://meetings.calguard.ca.gov/cli...x/ieatgpc1.cab
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    FireFox:
    ========
    FF ProfilePath: C:\Users\Rito\AppData\Roaming\Mozilla\Firefox\Profiles\mqgk2wv9.default
    FF Homepage: hxxp://www.yahoo.com/
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-07-25] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-07-25] (NVIDIA Corporation)
    FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-05] (RocketLife, LLP)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-09]
    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-09]
    ==================== Services (Whitelisted) =================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [128640 2012-07-02] (Qualcomm Atheros Commnucations) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-09] (AVAST Software)
    R2 Belkin USB Center Helper; C:\Program Files\Belkin\USB Control Center\Bkapcs.exe [55296 2014-10-07] () [File not signed]
    R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
    R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
    R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-21] (Microsoft Corporation)
    R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
    S2 HPSLPSVC; C:\Users\Rito\AppData\Local\Temp\7zS7D2A\hpslpsvc64.dll [X]
    ==================== Drivers (Whitelisted) ====================
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-09] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-09] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-09] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-09] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-12-01] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-09] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-09] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-09] ()
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-02] (Qualcomm Atheros)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
    S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-06] (Malwarebytes Corporation)
    R3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73984 2014-06-16] (Identive)
    R2 sxuptp; C:\Windows\System32\drivers\sxuptp.sys [304480 2014-10-07] (silex technology, Inc.)
    ==================== NetSvcs (Whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-05-01 18:24 - 2015-05-01 18:25 - 00016631 _____ () C:\Users\Rito\Desktop\FRST.txt
    2015-05-01 18:23 - 2015-05-01 18:24 - 00000000 ____D () C:\FRST
    2015-05-01 18:22 - 2015-05-01 18:22 - 02101248 _____ (Farbar) C:\Users\Rito\Desktop\FRST64.exe
    2015-05-01 18:13 - 2015-05-01 18:13 - 00000000 ___RD () C:\Users\Rito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2015-04-26 21:00 - 2015-04-26 21:00 - 00093795 _____ () C:\Users\Rito\Desktop\WindowsUpdate.zip
    2015-04-26 19:22 - 2015-04-26 19:22 - 45142221 _____ () C:\Users\Rito\Desktop\CBS.zip
    2015-04-26 15:06 - 2015-04-26 15:06 - 04044661 _____ () C:\Users\Rito\Desktop\Windows8-RT-KB3031432-x64.msu
    2015-04-25 20:24 - 2015-04-25 20:24 - 00002906 _____ () C:\Users\Rito\Desktop\SFCFix.txt
    2015-04-25 20:23 - 2015-04-25 20:23 - 01359702 _____ () C:\Users\Rito\Desktop\SFCFix.zip
    2015-04-25 20:21 - 2015-04-25 20:21 - 01317376 _____ (niemiro) C:\Users\Rito\Desktop\SFCFix.exe
    2015-04-25 20:19 - 2015-04-25 20:24 - 00000000 ____D () C:\Users\Rito\AppData\Local\niemiro
    2015-04-25 16:41 - 2015-04-25 16:40 - 01491660 _____ () C:\Users\Rito\Desktop\cbs.txt
    2015-04-08 22:01 - 2015-04-08 22:01 - 00175251 _____ () C:\Users\Rito\Documents\D 185_April 2015 COMPANY MEETING SLIDE DECK.pptx
    2015-04-08 21:24 - 2015-04-08 21:24 - 00051335 _____ () C:\Users\Rito\Documents\GST TRACKER FY 15.xlsx
    2015-04-06 22:27 - 2015-04-06 22:27 - 00000000 ____D () C:\Users\Rito\Documents\07-GFT-0108
    2015-04-06 00:36 - 2014-10-13 18:38 - 00450773 ____R () C:\windows\system32\Drivers\etc\hosts.20150406-003614.backup
    2015-04-05 00:51 - 2015-04-25 20:24 - 00000000 ____D () C:\SFCFix
    ==================== One Month Modified Files and Folders =======
    (If an entry is included in the fixlist, the file\folder will be moved.)
    2015-05-01 18:23 - 2014-07-09 12:36 - 00000000 ____D () C:\Users\Rito\AppData\Local\CrashDumps
    2015-05-01 18:23 - 2014-07-09 10:18 - 01087879 _____ () C:\windows\WindowsUpdate.log
    2015-05-01 18:22 - 2012-07-26 00:59 - 00000000 ____D () C:\windows\CbsTemp
    2015-05-01 18:19 - 2013-01-23 23:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
    2015-05-01 18:17 - 2012-07-26 00:28 - 00005598 _____ () C:\windows\system32\PerfStringBackup.INI
    2015-05-01 18:10 - 2013-01-23 23:05 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-05-01 18:10 - 2012-07-26 00:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2015-04-30 23:02 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\sru
    2015-04-30 21:53 - 2015-02-26 22:33 - 00000426 _____ () C:\windows\Tasks\Dell SupportAssistAgent AutoUpdate.job
    2015-04-30 21:51 - 2014-07-23 16:03 - 00000350 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
    2015-04-28 22:02 - 2014-07-09 10:52 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
    2015-04-27 21:31 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\BBI
    2015-04-26 17:57 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\rescache
    2015-04-25 20:18 - 2014-07-10 17:34 - 00026871 _____ () C:\ProgramData\hpzinstall.log
    2015-04-25 18:29 - 2014-07-22 17:49 - 00000000 ____D () C:\windows\system32\MRT
    2015-04-25 18:27 - 2014-07-22 17:49 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-04-06 00:13 - 2014-07-09 11:08 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-04-06 00:00 - 2014-10-13 20:14 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-04-04 13:53 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\AUInstallAgent
    ==================== Files in the root of some directories =======
    2014-07-10 17:34 - 2015-04-25 20:18 - 0026871 _____ () C:\ProgramData\hpzinstall.log
    2013-01-23 23:27 - 2013-01-23 23:27 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
    2013-01-23 23:24 - 2013-01-23 23:25 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    2013-01-23 23:25 - 2013-01-23 23:26 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
    2013-01-23 23:24 - 2013-01-23 23:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2013-01-23 23:26 - 2013-01-23 23:27 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
    Some content of TEMP:
    ====================
    C:\Users\Rito\AppData\Local\Temp\ose00000.exe
    C:\Users\Rito\AppData\Local\Temp\ose00001.exe
    C:\Users\Rito\AppData\Local\Temp\ose00002.exe

    ==================== Bamital & volsnap Check =================
    (There is no automatic fix for files that do not pass verification.)
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-04-30 21:33
    ==================== End Of Log ============================

    Addition results:
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
    Ran by Rito at 2015-05-01 18:25:37
    Running from C:\Users\Rito\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Accounts: =============================
    Administrator (S-1-5-21-3433547100-3960895037-459998971-500 - Administrator - Disabled) => C:\Users\Administrator
    Guest (S-1-5-21-3433547100-3960895037-459998971-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3433547100-3960895037-459998971-1006 - Limited - Enabled)
    Rito (S-1-5-21-3433547100-3960895037-459998971-1001 - Administrator - Enabled) => C:\Users\Rito
    UpdatusUser (S-1-5-21-3433547100-3960895037-459998971-1004 - Limited - Enabled)
    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    ==================== Installed Programs ======================
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
    avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
    Aventail Access Manager (HKU\S-1-5-21-3433547100-3960895037-459998971-1001\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.71.491 - SonicWALL Inc)
    Aventail Access Manager (x32 Version: 10.71.491 - SonicWALL Inc) Hidden
    Aventail Web Proxy Agent (HKLM-x32\...\{9B0B46B3-10DF-4ADA-9501-0129D784563D}) (Version: 10.71.237 - SonicWALL Inc)
    Aventail Webifiers (HKLM-x32\...\{54D44AD1-A083-48B9-BD6F-AFD517B7C775}) (Version: 10.71.237 - SonicWALL Inc)
    Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
    BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    C7200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
    C7200_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
    Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
    Dell Data Vault (Version: 4.1.9.0 - Dell Inc.) Hidden
    Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.1.56462 - Dell)
    Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
    Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
    Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
    GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP Photo Creations Powered by RocketLife)
    HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
    HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
    Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
    Multimedia Card Reader (HKLM-x32\...\InstallShield_{4B3D9AA4-B47A-4349-A64F-04D5A9226D7C}) (Version: 2.2.915.108 - Fitipower)
    Multimedia Card Reader (x32 Version: 2.2.915.108 - Fitipower) Hidden
    Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
    NVIDIA 3D Vision Driver 305.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 305.29 - NVIDIA Corporation)
    NVIDIA Graphics Driver 305.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.29 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    PS_AIO_02_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
    PS_AIO_02_Software (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
    PS_AIO_02_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.200 - Qualcomm Atheros Communications)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
    Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
    SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
    Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
    TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    USB Control Center (HKLM\...\Belkin USB Control Center) (Version: 2.0.0 - Belkin International, Inc.)
    WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
    ==================== Custom CLSID (selected items): ==========================
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    ==================== Restore Points =========================
    07-04-2015 22:43:56 Windows Update
    12-04-2015 15:59:06 Windows Update
    25-04-2015 16:39:32 Windows Update
    30-04-2015 21:34:14 Windows Update
    ==================== Hosts content: ==========================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2012-07-25 22:26 - 2015-04-06 00:36 - 00450831 ____R C:\windows\system32\Drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    There are 1000 more lines.

    ==================== Scheduled Tasks (whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
    Task: {062EDFEA-C763-485B-8478-31FE353F215E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
    Task: {0D3FF4F5-F517-4FF9-8925-42000C1976DA} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-02-19] (Microsoft)
    Task: {1CB06522-047B-4C3F-B8E7-65CAC5C469B6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
    Task: {29BFEA1B-127A-48F0-873B-81234F714ED3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-09] (AVAST Software)
    Task: {3AC1EF5D-7E2E-4D08-8EBD-ED2AFF7CAFBD} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {4B49D4F7-F885-49CF-AED4-4D8765B8B0DF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {6F6A09AD-A000-4899-BD25-EE77221DC195} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
    Task: {8BC8B247-C2F2-4EED-A163-F7890E8F8B66} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {A5F05D07-D620-4F0F-83D4-33CE0D441626} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {BDF3EA56-BE44-4BB5-B45D-1E9ED9D6BDA7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-04-25] (Microsoft Corporation)
    Task: {D9E9D20D-EF81-474F-96B3-7DD3778A3E7A} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-11-11] ()
    Task: {E8D1705E-2FE3-4B7A-A591-845FCB82F319} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: C:\windows\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
    Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
    ==================== Loaded Modules (whitelisted) ==============
    2014-10-07 15:22 - 2014-10-07 15:22 - 00055296 ____N () C:\Program Files\Belkin\USB Control Center\Bkapcs.exe
    2013-01-23 23:26 - 2012-04-24 19:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    2012-07-02 20:28 - 2012-07-02 20:28 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
    2012-06-28 16:39 - 2012-06-28 16:39 - 00262144 _____ () C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
    2014-09-18 11:37 - 2014-07-02 19:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
    2014-07-09 10:52 - 2014-07-09 10:52 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
    2015-04-30 22:27 - 2015-04-30 22:27 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15043001\algo.dll
    2015-05-01 18:11 - 2015-05-01 18:11 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050101\algo.dll
    2014-07-09 11:08 - 2014-05-13 10:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-07-09 11:08 - 2014-05-13 10:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-07-09 11:08 - 2014-05-13 10:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-07-09 11:08 - 2012-08-23 08:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-07-09 11:08 - 2012-04-03 15:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2014-11-05 18:45 - 2014-11-05 18:45 - 00017920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b4c56431dc6618247d108efd4895d52a\PSIClient.ni.dll
    2013-01-23 23:25 - 2012-06-07 20:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
    2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
    2014-07-09 10:52 - 2014-07-09 10:52 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2013-01-23 23:19 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-09-18 11:37 - 2014-07-30 15:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
    2013-07-06 09:09 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
    2014-09-18 11:37 - 2012-11-25 21:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
    ==================== Alternate Data Streams (whitelisted) =========
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
    AlternateDataStreams: C:\Users\Rito\SkyDrive:ms-properties
    ==================== Safe Mode (whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    ==================== EXE Association (whitelisted) ===============
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== Internet Explorer trusted/restricted ===============
    (If an entry is included in the fixlist, the associated entry will be removed from the registry.)
    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
    There are 7867 more restricted sites.
    ==================== Other Areas ============================
    (Currently there is no automatic fix for this section.)
    HKU\S-1-5-21-3433547100-3960895037-459998971-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win CHROME 1920x1200.jpg
    DNS Servers: 192.168.2.1
    ==================== MSCONFIG/TASK MANAGER disabled items ==
    (Currently there is no automatic fix for this section.)

    ==================== FirewallRules (whitelisted) ===============
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{3E4527D9-7B3E-4E2D-BF4A-DAE32D5E4A9E}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Btvstack.exe
    FirewallRules: [{CFECD4B8-C3FE-43BE-9228-F71CAC550824}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
    FirewallRules: [{23536418-5CD3-4F4C-8E48-FC759C90C850}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
    FirewallRules: [{4EAF1B49-2B35-46F3-B2EA-95C86636FD1F}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Win7Ui.exe
    FirewallRules: [{FDD8F58D-F2A1-4C23-B82A-555EC1BBF1BF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{DD24EEBD-64A4-4C49-9E4E-65900B0AEC98}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{EB8FA03E-2E84-45EC-8F5D-AABE8737019F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{C944C2C3-BA0B-4A83-97ED-A8DF8FDCB254}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{6465FB78-86B9-4F4E-A5A9-CCC770B89B22}] => (Allow) LPort=2869
    FirewallRules: [{395A58D3-6445-416E-9E75-E9A165279510}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{A0467417-98B7-4C3D-8922-F1EB3122EACB}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe
    FirewallRules: [UDP Query User{248365A6-A0DF-400D-956D-1F9B84C251FD}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe
    FirewallRules: [TCP Query User{2675B85D-7DBC-4711-9B09-D586290D1A94}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe
    FirewallRules: [UDP Query User{1FDDB922-1BBE-474C-A364-2A3CF2A5BF0F}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe
    FirewallRules: [{289164AD-F659-48CA-AB98-CC7C3F7BBA4A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
    FirewallRules: [{2A9C2E4B-A29A-4785-883E-5F7F056D71E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
    FirewallRules: [{557C2C82-537A-43D4-9F34-B348833BA5D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
    FirewallRules: [{11090A68-52A3-444C-A91C-542332C94EE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
    FirewallRules: [{F0AE9076-F09D-4D57-A043-B5134DB05379}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
    FirewallRules: [{130B4663-76B9-4840-8834-8B9976B65B49}] => (Allow) C:\Users\Rito\AppData\Local\Temp\7zS5B3F\hppiw.exe
    FirewallRules: [{0A61684E-287A-472E-B86F-8C3980450331}] => (Allow) C:\Users\Rito\AppData\Local\Temp\7zS5B3F\hppiw.exe
    FirewallRules: [{A3816DFC-A7FD-4A29-BFD3-EB2DA9C0B637}] => (Allow) C:\Users\Rito\AppData\Local\Temp\7zS7D2A\hppiw.exe
    FirewallRules: [{8C8600D1-DD39-4442-AE16-56E9BFD35C41}] => (Allow) C:\Users\Rito\AppData\Local\Temp\7zS7D2A\hppiw.exe
    FirewallRules: [{990D7052-F8B0-4468-8329-2A80F0B8383A}] => (Allow) C:\Users\Rito\AppData\Local\Temp\7zS0146\setup\hpznui40.exe
    FirewallRules: [{1B0FC33E-BC5B-46E6-955F-77C94C036C6F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{BAB27DB5-387B-405A-B350-199737B12C02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{3A52AE47-0252-4D34-8D7C-8E5B756058DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
    FirewallRules: [{2D0AAF64-061D-423E-9AC9-1D12F126EF80}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
    FirewallRules: [{8D1B1895-024A-42CB-8470-144E1CB4ECCC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{548208BF-D1D2-4F0F-A81C-D5EF5A9A83E7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{AC6328E6-0FE5-475C-94B0-2D1DF777BA9B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{713796C7-9F75-44FE-B158-FF471BA5890A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{65B7E6EC-BAC2-4E86-B0AC-C805911F754D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
    FirewallRules: [{02B278E7-A22F-417A-9ECC-F663B9EDB6BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
    FirewallRules: [{FB85F515-2840-46D7-A2DC-3F0008CBFF34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
    FirewallRules: [{1EAC1B83-797E-41E8-9766-DFAA0F86175D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{96EC0412-30F4-48F1-A979-10EB9DCA1F89}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
    FirewallRules: [{DA2309A6-BF7B-4934-8CB9-8568ADD44064}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
    FirewallRules: [{8DF0CBBF-B18D-49A6-807D-64E74AB2F19A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{8FB7D5B5-BF1F-4836-A3DA-EC775519CC79}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{E385B561-1830-44C1-B79A-F5D658CE6CF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{A5CE6843-3CAC-42EC-88FC-F23D1202A43B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{32A64BB8-C868-4300-A1B9-E23E38965C0B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
    FirewallRules: [{57881774-B74E-4110-92C3-D68DBE846030}] => (Allow) C:\Program Files\Belkin\USB Control Center\Connect.exe
    FirewallRules: [{8A858749-8E30-4198-AE7C-6D6C30BD0CDB}] => (Allow) LPort=19540
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
    ==================== Faulty Device Manager Devices =============
    Name: Photosmart C7200 series
    Description: Photosmart C7200 series
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
    Name: Photosmart C7200 series
    Description: Photosmart C7200 series
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (05/01/2015 06:23:28 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ERUNT.exe, version: 0.0.0.0, time stamp: 0x2a425e19
    Faulting module name: ntdll.dll, version: 6.2.9200.17046, time stamp: 0x53b485c4
    Exception code: 0xc0000005
    Fault offset: 0x00056b0d
    Faulting process id: 0x1848
    Faulting application start time: 0xERUNT.exe0
    Faulting application path: ERUNT.exe1
    Faulting module path: ERUNT.exe2
    Report Id: ERUNT.exe3
    Faulting package full name: ERUNT.exe4
    Faulting package-relative application ID: ERUNT.exe5
    Error: (05/01/2015 06:17:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
    Error: (05/01/2015 06:17:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
    Error: (05/01/2015 06:14:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
    Description: Failed to schedule Software Protection service for re-start at 2115-04-08T01:14:03Z. Error Code: 0x80071A2D.
    Error: (04/30/2015 09:35:56 PM) (Source: VSS) (EventID: 12344) (User: )
    Description: Volume Shadow Copy Error: An error 0x00000000c000014d was encountered while Registry Writer was preparing the registry for a shadow
    copy. Check the Application and System event logs for any related errors.

    Operation:
    OnFreeze event
    Freeze Event
    Context:
    Execution Context: Registry Writer
    Execution Context: Writer
    Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
    Writer Name: Registry Writer
    Writer Instance ID: {3ef130cc-d725-4a71-b0b7-b15ea70dc9e9}
    Error: (04/30/2015 10:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
    Error: (04/30/2015 10:33:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
    Error: (04/28/2015 10:07:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
    Error: (04/28/2015 10:07:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
    Error: (04/27/2015 08:06:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    System errors:
    =============
    Error: (05/01/2015 06:22:14 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}
    Error: (05/01/2015 06:20:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The HP Network Devices Support service terminated with the following error:
    %%126
    Error: (05/01/2015 06:20:14 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}
    Error: (05/01/2015 06:18:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The HP Network Devices Support service terminated with the following error:
    %%126
    Error: (05/01/2015 06:17:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}
    Error: (05/01/2015 06:15:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The HP Network Devices Support service terminated with the following error:
    %%126
    Error: (05/01/2015 06:15:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}
    Error: (05/01/2015 06:13:57 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.
    The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x3000000054324. The name of the file is "\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1".
    Error: (05/01/2015 06:13:57 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.
    The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x10000000562e4. The name of the file is "\Windows\System32\config\SECURITY.LOG1".
    Error: (05/01/2015 06:13:57 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume C:.
    The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x10000000562e2. The name of the file is "\Windows\System32\config\SAM.LOG1".

    Microsoft Office Sessions:
    =========================
    ==================== Memory info ===========================
    Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
    Percentage of memory in use: 25%
    Total physical RAM: 8153.01 MB
    Available physical RAM: 6054.95 MB
    Total Pagefile: 9689.02 MB
    Available Pagefile: 7370.19 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.77 MB
    ==================== Drives ================================
    Drive c: (OS) (Fixed) (Total:917.79 GB) (Free:830.31 GB) NTFS
    Drive x: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS
    Drive y: (PBR Image) (Fixed) (Total:12.24 GB) (Free:0.22 GB) NTFS
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 13F0DBA2)
    Partition: GPT Partition Type.
    ==================== End Of Log ============================


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,509

    Re: For BrianDrab

    OK, thank you for doing this. Your logs are clean enough for us to continue on the Windows Update thread so I'll post over there. For completeness however I'll mentioned some notables from the logs.

    Once we fix your corruption, I'll likely request that you do the following.
    1. Update to Windows 8.1 (unless you have a good reason not to)
    2. Update your Internet Explorer to version 11
    3. Update Java 8 Update 31 to the current version
    4. Remove Spybot - Search & Destroy (we no longer recommend this software because of poor testing results).
    5. Remove Malwarebytes and re-install the newest version.
    6. There is some disk corruption but we'll handle that in the Windows Update log.

    At this time I don't feel we need to continue in the malware area so I'll mark this resolved and continue over in Windows Update. Thank you.

Log in

Log in