Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help Dell XPS 15Z running slow ...infected!

Dell XPS 15Z

  • Please log in to reply

#76
mikegre

mikegre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Thanks for the report.. Will implement upgrade tomorrow and let you know how it goes.


  • 0

Advertisements


#77
mikegre

mikegre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Sorry for delay in posting VEW Log.

 

Taking a while to get used to Windows 10. Actually experiencing new problems after upgrade. Not sure if Virus related however of just compatability issues.

 

Issues experiencing

1. Screen flashes occasionally (not always but sometimes every 2-3 minutes)

2. Screen flickers (subtle but screen resolution isn't stable...looks like screens did 10 years ago)

3. Curser doesn't always move smoothly

4. Curser randomly jumps (may be more of an issue with my Dell as this is an oft mentioned flaw with this pc).

5. when computer is idle and goes int​o sleep mode (or if I click on power and place pc in sleep mode), the system does now awake when I try to reactivate. Screen stays black for about 90 seconds and then I get a blue screen with the error message "PC ran into problems and needs to restart. We are collecting error information. "DPC_Wachtdog_Violation" and then the pc restarts.

 

Like Windows 10 design but togh to deal with new product glitches, Think I'll wait  a few weeks before upgrading my other pc's

 

On a very positive note ... the cleanup you assisted me with has fixed a longstanding problem I was experiencing with this laptop...limited wifi coverage. Previously I could not pick up wifi throughout my house. Now I have a strong signal throughout the entire house...awesome!!!

---------------

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 19/08/2015 12:28:26 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/08/2015 4:15:57 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/08/2015 3:18:24 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/08/2015 2:09:14 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/08/2015 10:51:11 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/08/2015 7:32:34 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/08/2015 6:25:03 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/08/2015 3:06:27 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/08/2015 11:47:49 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/08/2015 8:30:49 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/08/2015 5:12:31 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/08/2015 1:54:25 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/08/2015 10:35:49 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/08/2015 7:18:35 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/08/2015 3:59:59 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 17/08/2015 8:12:04 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 17/08/2015 5:38:43 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 17/08/2015 4:47:15 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 17/08/2015 4:27:16 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 17/08/2015 4:03:00 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 17/08/2015 2:01:32 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/08/2015 4:17:03 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Net.Msmq Listener Adapter service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 19/08/2015 4:17:03 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Net.Msmq Listener Adapter service to connect.
 
Log: 'System' Date/Time: 19/08/2015 4:16:28 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Log: 'System' Date/Time: 19/08/2015 4:16:14 PM
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-WER-SystemErrorReporting
The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 081915-23781-01.
 
Log: 'System' Date/Time: 19/08/2015 4:16:10 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 12:11:03 PM on ?8/?19/?2015 was unexpected.
 
Log: 'System' Date/Time: 19/08/2015 4:10:07 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Log: 'System' Date/Time: 19/08/2015 4:09:10 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 19/08/2015 4:09:10 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 19/08/2015 4:09:10 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 19/08/2015 4:09:10 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Log: 'System' Date/Time: 19/08/2015 3:43:28 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Log: 'System' Date/Time: 19/08/2015 3:42:41 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
Log: 'System' Date/Time: 19/08/2015 3:42:41 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
Log: 'System' Date/Time: 19/08/2015 3:42:36 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Log: 'System' Date/Time: 19/08/2015 3:42:33 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Log: 'System' Date/Time: 19/08/2015 3:40:20 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
 
Log: 'System' Date/Time: 19/08/2015 3:39:59 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
 
Log: 'System' Date/Time: 19/08/2015 3:39:48 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Log: 'System' Date/Time: 19/08/2015 3:39:47 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Log: 'System' Date/Time: 19/08/2015 3:39:47 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/08/2015 4:16:24 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PvrScheduleTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ConfigureInternetTimeService definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ehDRMInit definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\OCURActivate definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\mcupdate_scheduled definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\UpdateRecordPath definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\RegisterSearch definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\DispatchRecoveryTasks definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\OCURDiscovery definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PeriodicScanRetry definition. Additional Data: Error Value: %windir%\ehome\MCUpdate.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:23 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\SqlLiteRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:20 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\InstallPlayReady definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:20 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\mcupdate definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.
 
Log: 'System' Date/Time: 19/08/2015 4:16:20 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\ReindexSearchRoot definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:20 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PBDADiscovery definition. Additional Data: Error Value: %SystemRoot%\ehome\ehPrivJob.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:20 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\PvrRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:20 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Microsoft Antimalware\MpIdleTask definition. Additional Data: Error Value: c:\Program Files\Microsoft Security Client\MpCmdRun.exe.
 
Log: 'System' Date/Time: 19/08/2015 4:16:17 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 19/08/2015 4:16:16 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\Microsoft\Windows\Media Center\MediaCenterRecoveryTask definition. Additional Data: Error Value: %SystemRoot%\ehome\mcupdate.exe.
 
 

FRST Log after Windows 10 update

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by leg0817 (administrator) on MININT-R16JK1F (19-08-2015 12:58:14)
Running from C:\Users\leg0817\Desktop\FRST Scanner
Loaded Profiles: leg0817 (Available Profiles: leg0817)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-07-31] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-13] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\...\Run: [OneDrive] => C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382144 2015-08-13] (Microsoft Corporation)
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\...\Run: [GoogleChromeAutoLaunch_F636EC19ECCD09EC8FE106333DDEF567] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-07] (Google Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-13] (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1653869771-199509722-4224480817-1003 -> {1E2D94EE-0DC6-4F4C-BBAE-1F67E18A7D23} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1653869771-199509722-4224480817-1003 -> {9FBD5777-77B4-4CF1-953D-B5B666C40C55} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-13] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-13] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2015-06-09] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-08-31] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{dcc15863-ffd4-4fe9-bfae-c4747d114521}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{dde09325-85a0-4c72-ab65-30e9e062c3e1}: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\leg0817\AppData\Roaming\Mozilla\Firefox\Profiles\klx43wy3.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Yahoo
FF Homepage: www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-08-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-08-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-08-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1653869771-199509722-4224480817-1003: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-02-26] (Coupons, Inc.)
FF Extension: NoScript - C:\Users\leg0817\AppData\Roaming\Mozilla\Firefox\Profiles\klx43wy3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-18]
FF Extension: Adblock Plus - C:\Users\leg0817\AppData\Roaming\Mozilla\Firefox\Profiles\klx43wy3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-13]
 
Chrome:
=======
CHR Profile: C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-04]
CHR Extension: (Yahoo Web) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii [2015-01-06]
CHR Extension: (Google Docs) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-30]
CHR Extension: (Google Drive) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-30]
CHR Extension: (YouTube) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-30]
CHR Extension: (Google Search) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-30]
CHR Extension: (Avast SafePrice) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-08-19]
CHR Extension: (No Name) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (Avast Online Security) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-30]
CHR Extension: (ScriptSafe) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2015-01-25]
CHR Extension: (Gmail) - C:\Users\leg0817\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-30]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-13]
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-13]
 
Opera:
=======
OPR Extension: (disconnectme) - C:\Users\leg0817\AppData\Roaming\Opera Software\Opera Stable\Extensions\hciohocinlhbdkbjldffomiadmnhjnoj [2014-10-26]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-07-31] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-13] (AVAST Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-31] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-13] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-13] (Microsoft Corporation)
S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
S4 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-07-30] (Dell Inc.)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-11] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-13] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [996352 2015-08-11] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-31] (Realtek Semiconductor)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-13] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S4 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-31] (Synaptics Incorporated)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-13] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-13] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session2; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-29] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-13] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-13] (AVAST Software)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [117248 2011-12-08] (Cypress Semiconductor, Inc.) [File not signed]
R3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2015-06-24] (Cypress Semiconductor, Inc.)
S3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [79872 2011-12-08] (Cypress Semiconductor, Inc.) [File not signed]
R3 CySmb; C:\Windows\System32\drivers\cysmb.sys [10752 2015-06-24] (Cypress Semiconductor, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-13] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 NETwNs64; C:\Windows\System32\drivers\NETwsw01.sys [11523584 2014-12-19] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-06-01] ()
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-16] (Synaptics Incorporated)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-13] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-19 12:58 - 2015-08-19 12:58 - 00000000 ____D C:\FRST
2015-08-19 12:49 - 2015-08-19 12:49 - 00016148 _____ C:\WINDOWS\system32\MININT-R16JK1F_leg0817_HistoryPrediction.bin
2015-08-19 12:16 - 2015-08-19 12:16 - 00308576 _____ C:\WINDOWS\Minidump\081915-23781-01.dmp
2015-08-19 12:08 - 2015-08-19 12:09 - 00003144 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2015-08-19 12:06 - 2015-08-19 12:06 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-08-19 12:06 - 2015-08-19 12:06 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-08-19 12:06 - 2015-08-19 12:06 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-08-19 12:06 - 2015-08-19 12:06 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-08-19 12:05 - 2015-08-19 12:08 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-08-19 12:05 - 2015-08-19 12:05 - 00001157 _____ C:\Users\leg0817\Desktop\MSI Afterburner.lnk
2015-08-19 12:05 - 2015-08-19 12:05 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-08-19 12:03 - 2015-08-19 12:03 - 36270887 _____ C:\Users\leg0817\Desktop\MSIAfterburnerSetup.zip
2015-08-19 11:39 - 2015-08-19 11:39 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-08-19 10:09 - 2015-08-19 10:09 - 00308656 _____ C:\WINDOWS\Minidump\081915-21765-01.dmp
2015-08-18 20:02 - 2015-08-13 00:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-18 20:02 - 2015-08-11 05:22 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-18 20:01 - 2015-08-13 00:23 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-18 20:01 - 2015-08-13 00:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-18 20:01 - 2015-08-13 00:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-18 20:01 - 2015-08-13 00:17 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-18 20:01 - 2015-08-13 00:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 20:01 - 2015-08-12 23:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-18 20:01 - 2015-08-11 06:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-18 20:01 - 2015-08-11 06:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-18 20:01 - 2015-08-11 06:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-18 20:01 - 2015-08-11 06:03 - 08021840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-18 20:01 - 2015-08-11 06:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-18 20:01 - 2015-08-11 06:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-18 20:01 - 2015-08-11 06:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-18 20:01 - 2015-08-11 06:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-18 20:01 - 2015-08-11 05:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-18 20:01 - 2015-08-11 05:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-18 20:01 - 2015-08-11 05:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-18 20:01 - 2015-08-11 05:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-18 20:01 - 2015-08-11 05:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-18 20:01 - 2015-08-11 05:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-18 20:01 - 2015-08-11 05:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-18 20:01 - 2015-08-11 05:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-18 20:01 - 2015-08-11 05:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-18 20:01 - 2015-08-11 05:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-18 20:01 - 2015-08-11 05:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-18 20:01 - 2015-08-11 05:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-18 20:01 - 2015-08-11 05:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-18 20:01 - 2015-08-11 05:20 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-18 20:01 - 2015-08-11 05:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-18 20:01 - 2015-08-11 05:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-18 20:01 - 2015-08-11 05:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-18 20:01 - 2015-08-11 05:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-18 20:01 - 2015-08-11 05:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-18 20:01 - 2015-08-11 05:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-18 20:01 - 2015-08-11 05:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-18 20:01 - 2015-08-11 05:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-18 20:01 - 2015-08-11 05:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-18 20:01 - 2015-08-11 05:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-18 20:01 - 2015-08-11 05:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-18 20:01 - 2015-08-11 05:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-18 20:01 - 2015-08-11 05:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-18 20:01 - 2015-08-11 05:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-18 20:01 - 2015-08-11 05:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-18 20:01 - 2015-08-11 05:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-18 20:01 - 2015-08-11 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-18 20:01 - 2015-08-11 05:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-18 20:01 - 2015-08-11 05:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-18 20:01 - 2015-08-11 05:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-18 20:01 - 2015-08-11 05:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-18 20:01 - 2015-08-11 05:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-18 20:01 - 2015-08-11 05:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-18 20:01 - 2015-08-11 05:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-18 20:01 - 2015-08-11 05:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-18 20:01 - 2015-08-11 05:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-18 20:01 - 2015-08-11 05:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-18 20:01 - 2015-08-11 05:02 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-18 20:01 - 2015-08-11 05:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-18 20:01 - 2015-08-11 05:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-18 20:01 - 2015-08-11 05:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-18 20:01 - 2015-08-11 05:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-18 20:01 - 2015-08-11 05:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-18 20:01 - 2015-08-11 04:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-18 20:01 - 2015-08-11 04:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-18 20:01 - 2015-08-11 04:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-18 20:01 - 2015-08-11 04:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-18 20:01 - 2015-08-11 04:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-18 20:01 - 2015-08-11 04:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-18 20:01 - 2015-08-11 04:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-18 20:01 - 2015-08-11 04:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-18 20:01 - 2015-08-11 04:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-18 20:01 - 2015-08-11 04:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-18 20:01 - 2015-08-11 04:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-18 20:01 - 2015-08-11 04:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-18 20:01 - 2015-08-11 04:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-18 20:01 - 2015-08-11 04:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-18 20:01 - 2015-08-11 04:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-18 20:01 - 2015-08-11 04:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-18 20:01 - 2015-08-11 04:45 - 18805760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-18 20:01 - 2015-08-11 04:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-18 20:01 - 2015-08-11 04:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-18 20:01 - 2015-08-11 04:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-18 20:01 - 2015-08-11 04:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-18 20:01 - 2015-08-11 04:40 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-18 20:01 - 2015-08-11 04:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-18 20:01 - 2015-08-11 04:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-18 20:01 - 2015-08-11 04:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 19:48 - 2015-08-18 19:48 - 00307352 _____ C:\WINDOWS\Minidump\081815-19359-01.dmp
2015-08-18 16:31 - 2015-08-18 16:31 - 00307072 _____ C:\WINDOWS\Minidump\081815-17734-01.dmp
2015-08-18 13:12 - 2015-08-18 13:12 - 00308440 _____ C:\WINDOWS\Minidump\081815-17453-01.dmp
2015-08-18 06:36 - 2015-08-18 06:36 - 00307072 _____ C:\WINDOWS\Minidump\081815-22093-01.dmp
2015-08-17 20:21 - 2015-08-17 20:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-08-17 20:21 - 2015-08-17 20:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-08-17 20:20 - 2015-08-17 20:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-17 16:12 - 2015-08-17 16:12 - 00308896 _____ C:\WINDOWS\Minidump\081715-21375-01.dmp
2015-08-17 15:51 - 2015-08-17 19:36 - 00000000 ____D C:\Users\leg0817\Documents\Computer Related
2015-08-17 12:47 - 2015-08-17 12:47 - 00308048 _____ C:\WINDOWS\Minidump\081715-19078-01.dmp
2015-08-17 12:03 - 2015-08-19 12:16 - 583428330 _____ C:\WINDOWS\MEMORY.DMP
2015-08-17 12:03 - 2015-08-17 12:03 - 00307232 _____ C:\WINDOWS\Minidump\081715-29484-01.dmp
2015-08-17 10:18 - 2015-08-17 10:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-17 10:18 - 2015-08-17 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-16 21:45 - 2015-08-16 21:47 - 00000000 ____D C:\Users\leg0817\AppData\Local\Comms
2015-08-14 16:18 - 2015-08-14 16:18 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-13 22:44 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-13 22:43 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-13 22:43 - 2015-08-08 03:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-13 22:43 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-13 22:43 - 2015-08-08 02:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-13 22:43 - 2015-08-08 02:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-13 22:43 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-13 22:43 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-13 22:43 - 2015-08-08 02:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-13 22:43 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-13 22:43 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-13 22:43 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-13 22:43 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-13 22:43 - 2015-08-05 00:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-13 22:43 - 2015-08-05 00:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-13 22:43 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-13 22:43 - 2015-08-04 23:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-13 22:43 - 2015-08-04 23:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-13 22:43 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-13 22:43 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-13 22:43 - 2015-08-04 00:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-13 22:43 - 2015-08-04 00:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-13 22:43 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-13 22:43 - 2015-08-03 22:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-13 22:43 - 2015-08-03 22:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-13 22:43 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-13 22:43 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-13 22:43 - 2015-08-02 22:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-13 22:43 - 2015-08-02 22:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-13 22:43 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-13 22:43 - 2015-08-02 22:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-13 22:43 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-13 22:43 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-13 22:43 - 2015-08-02 22:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-13 22:43 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-13 22:43 - 2015-08-02 22:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-13 22:43 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-13 22:43 - 2015-08-02 21:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-13 22:43 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-13 22:43 - 2015-08-02 21:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-13 22:43 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-13 22:43 - 2015-08-02 21:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-13 22:43 - 2015-08-02 21:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-13 22:43 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-13 22:43 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-13 22:43 - 2015-08-02 21:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-13 22:43 - 2015-08-02 21:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-13 22:43 - 2015-08-02 21:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-13 22:43 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-13 22:43 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-13 22:43 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-13 22:43 - 2015-08-02 21:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-13 22:43 - 2015-08-02 21:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-13 22:43 - 2015-08-02 21:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-13 22:43 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-13 22:43 - 2015-08-02 21:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-13 22:43 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-13 22:43 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-13 22:43 - 2015-08-02 21:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-13 22:43 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-13 22:43 - 2015-08-02 21:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-13 22:43 - 2015-08-02 21:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-13 22:43 - 2015-08-02 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-13 22:43 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-13 22:43 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-13 22:43 - 2015-08-02 21:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-13 22:43 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-13 22:43 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-13 22:43 - 2015-08-02 21:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-13 22:43 - 2015-08-02 21:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-13 22:43 - 2015-08-02 21:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-13 22:43 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-13 22:43 - 2015-07-30 02:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-13 22:43 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-13 22:43 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-13 22:43 - 2015-07-30 02:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-13 22:43 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-13 22:43 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-13 22:43 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-13 22:43 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-13 22:43 - 2015-07-30 02:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-13 22:43 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-13 22:43 - 2015-07-30 02:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-13 22:43 - 2015-07-30 02:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-13 22:43 - 2015-07-30 02:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-13 22:43 - 2015-07-30 02:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-13 22:43 - 2015-07-30 01:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-13 22:43 - 2015-07-30 00:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-13 22:43 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-13 22:43 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-13 22:43 - 2015-07-30 00:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-13 22:43 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-13 22:43 - 2015-07-30 00:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-13 22:43 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-13 22:43 - 2015-07-30 00:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-13 22:43 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-13 22:43 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-13 22:43 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-13 22:43 - 2015-07-30 00:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-13 22:43 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-13 22:43 - 2015-07-30 00:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-13 22:43 - 2015-07-30 00:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-13 22:43 - 2015-07-30 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-13 22:43 - 2015-07-30 00:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-13 22:43 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-13 22:43 - 2015-07-29 23:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-13 22:43 - 2015-07-29 23:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-13 22:43 - 2015-07-29 23:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-13 22:43 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-13 22:43 - 2015-07-29 23:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-13 22:43 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-13 22:43 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-13 22:43 - 2015-07-29 23:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-13 22:43 - 2015-07-29 23:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-13 22:43 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-13 22:43 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-13 22:43 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-13 22:43 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-13 22:43 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-13 22:43 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-13 22:43 - 2015-07-29 23:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-13 22:43 - 2015-07-29 23:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-13 22:43 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-13 22:43 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-13 22:43 - 2015-07-29 23:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-13 22:43 - 2015-07-29 23:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-13 22:43 - 2015-07-29 23:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-13 22:43 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-13 22:43 - 2015-07-29 23:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-13 22:43 - 2015-07-29 23:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-13 22:43 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-13 22:43 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-13 22:43 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-13 22:43 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-13 22:43 - 2015-07-29 23:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-13 22:43 - 2015-07-29 22:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-13 22:43 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-13 11:13 - 2015-08-13 11:13 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\AVAST Software
2015-08-13 11:09 - 2015-08-13 11:09 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-13 11:09 - 2015-08-13 11:09 - 00001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-13 11:09 - 2015-08-13 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-13 11:08 - 2015-08-19 12:51 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-13 11:08 - 2015-08-19 12:13 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-13 11:08 - 2015-08-13 22:35 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-13 11:08 - 2015-08-13 11:08 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-13 11:08 - 2015-08-13 11:08 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-13 11:08 - 2015-08-13 11:08 - 00003988 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-13 11:08 - 2015-08-13 11:08 - 00003756 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-13 11:08 - 2015-08-13 11:08 - 00002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-13 11:08 - 2015-08-13 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-13 11:07 - 2015-08-13 11:07 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-13 10:57 - 2015-08-13 10:57 - 00000000 ____D C:\Users\leg0817\AppData\Local\NetworkTiles
2015-08-13 10:49 - 2015-08-16 14:26 - 00000000 ____D C:\Users\leg0817\AppData\Local\MicrosoftEdge
2015-08-13 10:42 - 2015-08-13 10:42 - 00002388 _____ C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-13 10:42 - 2015-08-13 10:42 - 00000000 ___RD C:\Users\leg0817\OneDrive
2015-08-13 10:41 - 2015-08-13 10:41 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-13 10:40 - 2015-08-13 10:40 - 00000000 ____D C:\Users\leg0817\AppData\Local\Publishers
2015-08-13 10:39 - 2015-08-17 02:03 - 00000000 ____D C:\Users\leg0817\AppData\Local\Packages
2015-08-13 10:38 - 2015-08-13 10:38 - 00000020 ___SH C:\Users\leg0817\ntuser.ini
2015-08-13 10:38 - 2015-08-13 10:38 - 00000000 ____D C:\Users\leg0817\AppData\Local\TileDataLayer
2015-08-13 10:13 - 2015-08-13 10:38 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-13 10:13 - 2015-08-13 06:20 - 00000000 __SHD C:\Recovery
2015-08-13 10:10 - 2015-08-13 10:10 - 00000000 ____D C:\Windows.old
2015-08-13 10:09 - 2015-08-13 10:09 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-13 10:09 - 2015-08-13 10:09 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-13 10:09 - 2015-08-13 10:09 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-13 10:09 - 2015-08-13 10:09 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-13 10:09 - 2015-08-13 10:09 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-13 10:09 - 2015-08-13 10:09 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-13 10:07 - 2015-08-13 10:07 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-13 10:04 - 2015-08-19 12:16 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\Program Files\MSBuild
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-13 09:59 - 2015-08-13 09:59 - 00000000 ____D C:\inetpub
2015-08-13 09:58 - 2015-06-17 22:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-13 09:58 - 2015-06-17 22:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 09:58 - 2015-06-17 22:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-13 09:58 - 2015-05-30 01:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-13 09:58 - 2015-05-30 01:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 09:58 - 2015-05-30 01:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-13 06:37 - 2015-08-13 06:37 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-13 06:35 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-13 06:29 - 2015-08-13 06:29 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-13 06:24 - 2015-08-13 06:24 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-08-13 06:23 - 2015-08-19 12:22 - 00000000 ____D C:\Users\leg0817
2015-08-13 06:23 - 2015-08-13 10:38 - 00000000 ___RD C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 06:23 - 2015-07-10 07:04 - 00000000 __RSD C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-13 06:23 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 06:23 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-13 06:23 - 2015-07-10 07:04 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-13 06:20 - 2015-08-19 12:52 - 01005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-13 06:20 - 2015-08-13 06:20 - 00961296 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-13 06:20 - 2015-08-13 06:20 - 00021209 _____ C:\WINDOWS\iis.log
2015-08-13 06:19 - 2015-08-13 06:19 - 00077091 _____ C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2015-08-13 06:19 - 2015-08-13 06:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-08-13 06:19 - 2015-08-13 06:19 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-08-13 06:19 - 2015-08-13 06:19 - 00000000 ____D C:\iBTWU
2015-08-13 06:18 - 2015-08-13 06:32 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-13 06:18 - 2015-08-13 06:30 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-13 06:18 - 2015-08-13 06:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 06:18 - 2015-08-13 06:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-13 06:18 - 2015-08-13 06:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-13 06:18 - 2015-08-13 06:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-13 06:18 - 2015-08-13 06:18 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-08-13 06:18 - 2015-08-13 06:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-13 06:18 - 2015-08-13 06:18 - 00000000 ____D C:\Program Files\STMicroelectronics
2015-08-13 06:18 - 2015-08-13 06:18 - 00000000 ____D C:\Program Files\Realtek
2015-08-13 06:18 - 2015-07-22 21:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-13 06:18 - 2015-07-22 21:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-13 06:18 - 2015-07-22 21:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-13 06:18 - 2015-07-22 21:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-13 06:18 - 2015-07-22 21:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-13 06:18 - 2015-07-22 21:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-13 06:18 - 2015-07-22 21:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-13 06:18 - 2015-07-22 21:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-13 06:18 - 2015-07-22 00:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-13 06:18 - 2010-08-20 11:05 - 00021616 _____ (ST Microelectronics) C:\WINDOWS\system32\Drivers\stdcfltn.sys
2015-08-13 06:17 - 2015-08-13 06:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-08-13 06:17 - 2015-08-13 06:17 - 00000000 ____D C:\Program Files\Synaptics
2015-08-13 06:15 - 2015-08-13 06:16 - 00032768 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-13 06:14 - 2015-08-13 14:53 - 00005854 _____ C:\WINDOWS\PFRO.log
2015-08-13 05:48 - 2015-07-10 07:00 - 00000001 ___SH C:\BOOTNXT
2015-08-13 05:44 - 2015-08-13 06:37 - 00006602 _____ C:\WINDOWS\comsetup.log
2015-08-13 05:43 - 2015-08-13 06:38 - 00010447 _____ C:\WINDOWS\diagerr.xml
2015-08-13 05:43 - 2015-08-13 06:38 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-08-13 05:30 - 2015-08-13 10:41 - 47297776 _____ (Dell Inc.) C:\Users\leg0817\Desktop\Input_Driver_VYVMP_WN32_2.5.1.72_A00.EXE
2015-08-13 01:35 - 2015-08-13 01:36 - 02865192 _____ (Malwarebytes ) C:\Users\leg0817\Desktop\mbae-setup-1.07.1.1015.exe
2015-08-11 15:11 - 2015-07-16 16:12 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-08-11 15:11 - 2015-07-16 15:33 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-08-11 15:11 - 2015-07-16 15:05 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-08-11 15:10 - 2015-07-20 14:12 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-08-10 14:02 - 2015-08-10 14:02 - 11032736 _____ (SurfRight B.V.) C:\Users\leg0817\Desktop\HitmanPro_x64.exe
2015-08-10 13:05 - 2015-08-10 13:05 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-09 23:14 - 2015-08-09 23:15 - 06609608 _____ (Piriform Ltd) C:\Users\leg0817\Downloads\ccsetup508.exe
2015-08-09 12:26 - 2015-08-13 06:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2015-08-09 12:26 - 2015-08-09 12:26 - 00000940 _____ C:\Users\leg0817\Desktop\PerformanceTest.lnk
2015-08-09 12:26 - 2015-08-09 12:26 - 00000000 ____D C:\Users\leg0817\Documents\PassMark
2015-08-09 12:26 - 2015-08-09 12:26 - 00000000 ____D C:\Users\leg0817\AppData\Local\PassMark
2015-08-09 12:26 - 2015-08-09 12:26 - 00000000 ____D C:\ProgramData\Passmark
2015-08-09 12:26 - 2015-08-09 12:26 - 00000000 ____D C:\Program Files\PerformanceTest
2015-08-08 13:15 - 2015-08-08 13:15 - 00001762 _____ C:\Users\leg0817\Desktop\aswMBRLEG.txt
2015-08-08 13:15 - 2015-08-08 13:15 - 00000512 _____ C:\Users\leg0817\Desktop\MBR.dat
2015-08-08 12:51 - 2015-08-08 12:51 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Uninstaller Tool(Comodo Forums)
2015-08-08 12:50 - 2015-08-08 12:50 - 05075834 _____ C:\Users\leg0817\Desktop\Setup.zip
2015-08-08 07:57 - 2015-08-08 07:57 - 06609608 _____ (Piriform Ltd) C:\Users\leg0817\Downloads\CCleaner_v5.08.5308.exe
2015-08-08 07:56 - 2015-08-08 07:58 - 70455296 _____ C:\Users\leg0817\Downloads\calibre-64bit-2.33.0.msi
2015-08-08 07:55 - 2015-08-08 07:55 - 15237936 _____ C:\Users\leg0817\Downloads\Glary_Utilities_v5.31.0.51.exe
2015-08-08 01:29 - 2015-08-08 01:29 - 00000000 ____D C:\Users\leg0817\Tracing
2015-08-08 01:16 - 2015-08-13 06:30 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-08-08 01:16 - 2015-08-13 06:30 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-08-08 01:07 - 2015-08-13 11:07 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-08 01:05 - 2015-08-13 11:07 - 158417712 _____ (AVAST Software) C:\Users\leg0817\Desktop\avast_free_antivirus_setup.exe
2015-08-05 15:09 - 2015-08-19 12:52 - 00018700 _____ C:\VEW.txt
2015-08-05 14:59 - 2015-08-05 14:59 - 00357766 _____ C:\Users\leg0817\Desktop\HostsXpert.zip
2015-08-05 02:07 - 2015-08-19 12:58 - 00000000 ____D C:\Users\leg0817\Desktop\FRST Scanner
2015-08-05 00:20 - 2015-08-14 00:04 - 00003560 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2015-08-04 23:32 - 2015-08-04 23:32 - 00003521 _____ C:\Users\leg0817\Desktop\System Idle Process.txt
2015-08-04 23:26 - 2015-08-04 23:26 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\leg0817\Desktop\procexp.exe
2015-08-04 23:14 - 2015-08-04 23:22 - 00255719 _____ C:\Users\leg0817\Desktop\MININT-R16JK1F.txt
2015-08-04 22:36 - 2015-08-04 22:36 - 05127432 _____ (Piriform Ltd) C:\Users\leg0817\Desktop\spsetup128.exe
2015-08-04 22:24 - 2015-08-19 12:23 - 00061440 _____ ( ) C:\Users\leg0817\Desktop\VEW.exe
2015-08-04 21:58 - 2011-12-08 16:40 - 00117248 _____ (Cypress Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\cyhid.sys
2015-08-04 21:57 - 2015-08-13 10:43 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Cypress
2015-08-04 21:57 - 2015-08-04 21:57 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Cypress Semiconductor, Inc
2015-08-04 21:57 - 2011-12-08 16:40 - 00079872 _____ (Cypress Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\cymfltr.sys
2015-08-04 21:56 - 2015-08-04 21:56 - 40872944 _____ C:\Users\leg0817\Desktop\Input_Cypress_W74_A06_Setup-19VRK_ZPE.exe
2015-08-04 18:46 - 2015-08-04 18:46 - 00000000 ____D C:\Users\leg0817\AppData\Local\CEF
2015-08-04 17:05 - 2015-08-04 17:05 - 00000000 ____D C:\Users\leg0817\AppData\Local\SlimWare Utilities Inc
2015-08-04 14:16 - 2015-08-04 14:17 - 00062398 _____ C:\Users\leg0817\Downloads\FRST.txt
2015-08-04 14:16 - 2015-08-04 14:17 - 00051947 _____ C:\Users\leg0817\Downloads\Addition.txt
2015-08-04 14:15 - 2015-08-04 14:15 - 02169856 _____ (Farbar) C:\Users\leg0817\Downloads\FRST64.exe
2015-08-04 02:43 - 2015-08-04 02:43 - 00000000 ____D C:\Users\leg0817\Documents\New folder (5)
2015-08-04 02:42 - 2015-08-04 02:42 - 00001956 _____ C:\Users\leg0817\Desktop\JRT.txt
2015-08-04 02:34 - 2015-08-04 13:01 - 00000000 ____D C:\Users\leg0817\Documents\Panda Cloud Cleaner
2015-08-04 02:34 - 2015-08-04 02:34 - 00000000 ____D C:\Users\leg0817\Documents\New folder (4)
2015-08-04 02:34 - 2015-08-04 02:34 - 00000000 ____D C:\Users\leg0817\Documents\New folder (3)
2015-08-02 14:28 - 2015-08-04 21:20 - 00000000 ____D C:\WINDOWS\pss
2015-08-01 17:50 - 2015-08-13 06:30 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-08-01 17:50 - 2015-08-02 13:32 - 00002717 _____ C:\Users\leg0817\Desktop\Windows 7 USB DVD Download Tool.lnk
2015-08-01 17:50 - 2015-08-01 17:50 - 00000000 ____D C:\Users\leg0817\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-08-01 17:47 - 2015-08-01 17:48 - 02721168 _____ (Microsoft Corporation) C:\Users\leg0817\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US(1).exe
2015-08-01 17:04 - 2015-08-01 17:04 - 00000000 ____D C:\Users\leg0817\AppData\Local\Secunia PSI
2015-08-01 17:03 - 2015-08-01 17:03 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-08-01 17:02 - 2015-08-01 17:02 - 05490752 _____ (Secunia) C:\Users\leg0817\Downloads\PSISetup.exe
2015-08-01 16:09 - 2015-08-08 23:44 - 00000000 ____D C:\Users\leg0817\AppData\Local\CrashDumps
2015-08-01 16:07 - 2015-08-04 17:07 - 00000000 ____D C:\Program Files (x86)\SlimComputer
2015-08-01 16:00 - 2015-08-01 16:00 - 00670016 _____ (SlimWare Utilities, Inc.) C:\Users\leg0817\Downloads\slimcomputer-setup.exe
2015-08-01 15:05 - 2015-08-01 15:06 - 02001540 _____ C:\Users\leg0817\Downloads\pc-decrapifier-3.0.0.exe
2015-08-01 00:58 - 2015-08-01 00:58 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-01 00:58 - 2015-08-01 00:58 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-31 21:09 - 2015-08-04 11:27 - 00001184 _____ C:\WINDOWS\SysWOW64\BroomData.bit
2015-07-31 14:59 - 2015-07-31 14:59 - 00000262 _____ C:\Users\leg0817\Desktop\Run.lnk
2015-07-31 14:58 - 2015-08-13 06:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-31 14:58 - 2015-07-31 14:58 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-31 14:56 - 2015-07-31 14:58 - 00000000 ____D C:\Program Files\iTunes
2015-07-31 14:56 - 2015-07-31 14:56 - 00000000 ____D C:\Program Files\iPod
2015-07-31 14:56 - 2015-07-31 14:56 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-30 17:24 - 2015-07-30 17:24 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-07-23 04:02 - 2015-07-23 04:02 - 42730312 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 37749064 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 22973584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 18376584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 16160440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 16011680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 15754192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 14511608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 13274904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 12973680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 11843384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 11142984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-07-23 04:02 - 2015-07-23 04:02 - 03351864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 02963208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 02164040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 01165192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 01061008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 01053000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00991152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
2015-07-23 04:02 - 2015-07-23 04:02 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-19 12:51 - 2015-07-10 08:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-19 12:48 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-19 12:33 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-19 12:09 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-19 10:22 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-19 10:15 - 2014-10-03 01:48 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-19 02:36 - 2014-10-21 21:28 - 00003952 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1413941284
2015-08-19 02:36 - 2014-10-21 21:28 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-19 02:36 - 2014-10-21 21:28 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-19 02:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-19 02:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-18 23:19 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-17 20:21 - 2015-07-10 08:20 - 00021165 _____ C:\WINDOWS\setupact.log
2015-08-17 16:15 - 2014-08-30 01:38 - 00000000 ____D C:\ProgramData\PCDr
2015-08-17 11:50 - 2015-04-09 23:08 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Skype
2015-08-17 10:22 - 2015-07-04 00:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-17 10:18 - 2015-04-09 23:08 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-17 10:18 - 2015-04-09 23:08 - 00000000 ____D C:\ProgramData\Skype
2015-08-17 10:06 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-17 05:28 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 21:30 - 2015-05-09 01:31 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-08-15 21:24 - 2015-05-09 01:31 - 00004018 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-08-15 21:23 - 2014-10-03 01:48 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-14 15:37 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-14 01:12 - 2015-07-10 08:20 - 00432728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 01:10 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 01:10 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 01:10 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-14 01:10 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-13 22:32 - 2015-07-05 00:14 - 00000000 ____D C:\Users\leg0817\AppData\Local\Popcorn-Time
2015-08-13 11:08 - 2014-08-30 19:22 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-13 10:58 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-13 10:43 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-13 10:39 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-13 10:39 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-13 10:39 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-13 10:39 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-13 10:39 - 2014-08-30 00:09 - 00000000 ____D C:\Users\leg0817\AppData\Local\Apps\2.0
2015-08-13 10:13 - 2015-07-10 07:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-13 10:10 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-13 10:10 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-13 10:10 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-13 10:10 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-13 09:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-13 09:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-13 09:59 - 2015-07-10 07:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-08-13 09:59 - 2015-07-10 07:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-08-13 09:59 - 2015-07-10 07:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-08-13 09:59 - 2015-07-10 07:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-08-13 09:59 - 2015-07-10 07:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-08-13 09:59 - 2015-07-10 07:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-08-13 09:59 - 2015-07-10 07:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-08-13 09:59 - 2015-07-10 07:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-08-13 09:59 - 2015-07-10 07:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-08-13 09:59 - 2015-07-10 07:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-08-13 09:59 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-08-13 09:59 - 2015-07-10 07:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-08-13 09:59 - 2015-07-10 07:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-08-13 09:59 - 2015-07-10 07:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-08-13 09:59 - 2015-07-10 07:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-08-13 09:59 - 2015-07-10 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-08-13 09:59 - 2015-07-10 07:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-08-13 06:37 - 2015-07-10 07:04 - 00000000 __RSD C:\WINDOWS\Media
2015-08-13 06:37 - 2015-07-10 07:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-13 06:37 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-13 06:37 - 2015-06-24 02:25 - 00003344 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2015-08-13 06:37 - 2015-04-09 22:49 - 00004036 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-08-13 06:37 - 2015-01-19 14:43 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-13 06:37 - 2015-01-04 20:21 - 00002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-13 06:35 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-13 06:30 - 2015-07-19 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-13 06:30 - 2015-07-14 21:46 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-08-13 06:30 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 06:30 - 2015-07-10 05:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-13 06:30 - 2015-05-02 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-13 06:30 - 2015-04-22 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-08-13 06:30 - 2015-01-07 21:57 - 00000000 ____D C:\WINDOWS\system32\STRING
2015-08-13 06:30 - 2014-10-25 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-13 06:30 - 2014-10-21 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-13 06:30 - 2014-10-04 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 06:30 - 2014-09-01 02:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-08-13 06:30 - 2014-08-31 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-13 06:30 - 2014-08-30 03:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-13 06:30 - 2014-08-30 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-08-13 06:30 - 2014-08-30 00:10 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2015-08-13 06:30 - 2011-09-14 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-13 06:30 - 2011-09-14 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter
2015-08-13 06:29 - 2015-07-10 07:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-13 06:29 - 2015-07-10 05:05 - 00000000 __RHD C:\Users\Default
2015-08-13 06:29 - 2009-07-13 23:20 - 00000000 ____D C:\Users\Default.migrated
2015-08-13 06:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-13 06:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-13 06:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-13 06:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-13 06:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-13 06:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-13 06:26 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-13 06:26 - 2014-08-30 18:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Dell
2015-08-13 06:25 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-13 06:25 - 2015-07-10 07:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-13 06:25 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\schemas
2015-08-13 06:25 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Resources
2015-08-13 06:25 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-13 06:25 - 2015-02-26 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-08-13 06:25 - 2015-01-07 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series
2015-08-13 06:25 - 2015-01-07 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-08-13 06:25 - 2015-01-07 21:57 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-08-13 06:25 - 2011-09-14 00:17 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-13 06:24 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-13 06:24 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-13 06:24 - 2011-09-14 00:17 - 00000000 ____D C:\Program Files\Intel
2015-08-13 06:24 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-08-13 06:24 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-08-13 06:20 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-13 06:18 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-13 05:48 - 2011-09-14 02:57 - 00008192 __RSH C:\BOOTSECT.BAK
2015-08-13 05:48 - 2011-09-14 00:04 - 01167343 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-13 05:48 - 2009-07-14 00:45 - 00028528 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-13 05:48 - 2009-07-14 00:45 - 00028528 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-13 05:43 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-13 05:31 - 2011-09-14 00:37 - 00000000 ____D C:\ProgramData\Dell
2015-08-13 05:13 - 2014-10-28 15:40 - 00001945 _____ C:\WINDOWS\epplauncher.mif
2015-08-13 01:26 - 2014-10-21 21:32 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-12 11:58 - 2009-07-14 01:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-08-12 04:53 - 2014-10-04 01:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 04:53 - 2014-10-04 01:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 03:04 - 2014-08-29 01:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 03:00 - 2014-08-29 01:19 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 13:21 - 2015-05-07 23:41 - 00000000 ____D C:\Qoobox
2015-08-09 23:16 - 2015-01-04 20:21 - 00000000 ____D C:\Program Files\CCleaner
2015-08-09 19:53 - 2009-07-13 22:34 - 00000215 _____ C:\WINDOWS\system.ini
2015-08-08 19:22 - 2015-05-07 23:41 - 00000000 ____D C:\WINDOWS\erdnt
2015-08-08 11:38 - 2015-07-10 07:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 11:38 - 2015-07-10 07:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 02:50 - 2015-01-07 01:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-05 23:14 - 2015-07-14 21:44 - 00000000 ____D C:\Users\leg0817\AppData\Local\Popcorn Time
2015-08-04 18:54 - 2014-08-28 23:23 - 00000000 ____D C:\Program Files\COMODO
2015-08-04 17:01 - 2014-10-21 22:18 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-04 16:53 - 2015-07-06 18:18 - 00000000 ____D C:\Users\leg0817\AppData\Roaming\Foxit Software
2015-08-04 16:51 - 2015-02-26 19:18 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-04 02:24 - 2014-09-01 01:13 - 00000000 ____D C:\Users\leg0817\AppData\Local\Adobe
2015-08-04 02:14 - 2014-08-28 23:22 - 00000000 ____D C:\ProgramData\Comodo
2015-08-04 01:54 - 2015-01-25 23:00 - 00000000 ____D C:\AdwCleaner
2015-08-01 17:35 - 2014-08-28 18:24 - 00000000 ____D C:\Users\leg0817\AppData\Local\VirtualStore
2015-08-01 14:55 - 2015-02-24 19:26 - 00000250 _____ C:\WINDOWS\system32\.crusader
2015-07-31 23:02 - 2015-06-01 21:00 - 05916080 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2015-07-31 23:02 - 2015-06-01 21:00 - 00523184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2015-07-31 23:02 - 2015-06-01 21:00 - 00453552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2015-07-31 23:02 - 2015-06-01 21:00 - 00411056 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2015-07-31 23:02 - 2015-06-01 21:00 - 00290224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-07-31 23:02 - 2015-06-01 21:00 - 00266152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-07-31 23:02 - 2015-06-01 21:00 - 00197040 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-07-31 23:02 - 2015-06-01 21:00 - 00183216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2015-07-31 15:11 - 2014-08-31 16:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-31 14:56 - 2015-04-21 14:58 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-31 14:56 - 2015-01-07 19:55 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-31 14:51 - 2015-06-10 23:08 - 06112072 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
2015-07-31 14:51 - 2015-06-10 23:08 - 00054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys
2015-07-30 18:26 - 2014-08-30 00:36 - 00000000 ____D C:\Users\leg0817\Documents\Comodo
2015-07-30 17:24 - 2015-04-09 22:48 - 00000000 ____D C:\ProgramData\SupportAssistAgent
 
==================== Files in the root of some directories =======
 
2014-10-21 21:12 - 2015-07-17 07:25 - 0181634 _____ () C:\Users\leg0817\AppData\Local\ars.cache
2014-10-21 21:12 - 2015-07-17 07:25 - 0338551 _____ () C:\Users\leg0817\AppData\Local\census.cache
2014-10-21 21:03 - 2014-10-21 21:03 - 0000036 _____ () C:\Users\leg0817\AppData\Local\housecall.guid.cache
2015-07-12 16:54 - 2015-07-12 16:54 - 0000017 _____ () C:\Users\leg0817\AppData\Local\resmon.resmoncfg
2014-10-21 21:10 - 2014-10-21 21:10 - 0000010 _____ () C:\Users\leg0817\AppData\Local\sponge.last.runtime.cache
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2015-08-13 06:14
 
==================== End of log ============================
 
FRST Additions Log after Windows 10 Upgrade
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by leg0817 (2015-08-19 12:59:23)
Running from C:\Users\leg0817\Desktop\FRST Scanner
Boot Mode: Normal
==========================================================
 

==================== Accounts: =============================
 
Administrator (S-1-5-21-1653869771-199509722-4224480817-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1653869771-199509722-4224480817-503 - Limited - Disabled)
Guest (S-1-5-21-1653869771-199509722-4224480817-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1653869771-199509722-4224480817-1004 - Limited - Enabled)
leg0817 (S-1-5-21-1653869771-199509722-4224480817-1003 - Administrator - Enabled) => C:\Users\leg0817
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
calibre 64bit (HKLM\...\{5E838BAE-E05B-418D-ABBC-56C222E77435}) (Version: 2.19.0 - Kovid Goyal)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‎Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.00 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0511 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.101.12020 (HKLM-x32\...\{B4CF5698-38A5-494E-0EC3-799D00C42E17}) (Version: 2.16.101.12020 - Sony)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1051.0 - Passmark Software)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Popcorn Time (HKU\S-1-5-21-1653869771-199509722-4224480817-1003\...\Popcorn Time) (Version:  - Popcorn Official)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.11 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653869771-199509722-4224480817-1003_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\leg0817\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
13-08-2015 10:43:00 Installed Cypress TrackPad
17-08-2015 18:16:23 Installed Microsoft Fix it Solution - f4c2a476-3532-4511-a4be-0f5ccc5501af
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-08-09 19:53 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0456AC02-879B-49C1-9926-83424D58FF99} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {045A665F-F021-4E0F-9AC9-85540DF8ED08} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {06505FCE-CD25-4577-8E01-69CAB6F453B8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {096EE257-7672-4DA6-9E43-1D3C8162D033} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {0C275659-52CD-4149-BA12-51B51EE02BB4} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {0C66101E-9D90-481B-BF5D-CE40271AA594} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {124EE372-2499-4864-AE14-51D209DBADFA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {148376AB-13FF-4572-83FF-34E31A36DCAF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-15] (Adobe Systems Incorporated)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1C0A9D74-69F6-4E08-AAE5-1542A64A51EF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2240061B-87CC-4979-8A4C-314E87DCCBEF} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {27505B69-4807-4D8F-BE34-252E3C566903} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {285274D3-8C87-450D-936E-2E01E436D987} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {34848F85-4299-4337-B514-32F94A9E725F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {3A98EDEE-9CC7-4AC4-B615-A68123253F41} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {3C444057-5F1B-4793-979E-1B5DBFDFE409} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3EF79710-225E-457E-BF85-9677B81F0282} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {455662E3-C53C-400F-8840-75245B77A28A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {49188D53-A059-4BC5-B4DC-988C7E6694FC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {4D3BA18F-CBF7-47B7-9CA9-E6836893E655} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5FBA72E6-BAF3-4BBF-B08A-871F8ED01264} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {6180E2E9-3E6E-481D-B53A-9EC261CA5C6A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {641F0256-D78F-4F3D-81F8-AC05817BBF20} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {65D94FBE-0DFB-4451-9769-37AC0762FC38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {6A46B552-6084-43DE-BCCE-69F02CD9F0B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-13] (Google Inc.)
Task: {6BC8EEED-ECB4-4999-BB6A-BEC84C55FD72} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7F4A8E00-43C4-4E2F-92C8-06A48CC108AD} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {863B3B01-A41B-4CE1-8657-E4865BC24521} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {880089B8-2C88-4220-AB27-3C10C18E2FDC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-13] (AVAST Software)
Task: {8A0E1D12-0C83-4913-AAB3-A2958A51D58D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-13] (Microsoft Corporation)
Task: {904AB594-08BB-44B4-A82F-DEFABB41B1D5} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-06-01] ()
Task: {987FB296-D433-4EEB-B490-BD18E761F2A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-01-07] (Apple Inc.)
Task: {9EFE40A5-AF97-4C18-B7E1-FAB4D7E84609} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-17] (Adobe Systems Incorporated)
Task: {A08AA5BB-BA87-42B8-A300-1AF460A163E0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A2F0D7FE-369F-43FB-B317-12AD61AFF5D7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {B2D3D833-B8F5-4385-ADE6-B93DB13DC021} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B538F6E2-6B99-4AC0-8343-A398FEC0AB6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {C0B074C4-09DF-419F-9285-B9496A58CE36} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {C0DBD44F-40D8-4EE7-B3D1-C79028854927} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C3DB32FE-167D-43BE-BAEF-5990012DDF38} - System32\Tasks\Opera scheduled Autoupdate 1413941284 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {C5509695-9C26-4107-8010-840A99BE6BC3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {C99A2011-C071-4D92-B45D-4E8C8288CF7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C9BA2953-1190-4F0F-8750-4F4267A030E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-31] (Microsoft Corporation)
Task: {CABCB195-3068-4B15-94BE-E8F7844D929C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-31] (Microsoft Corporation)
Task: {CB3F2F61-A675-420D-9A83-12DED985EAF3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CB8EC416-CA13-4C38-87E5-D73C0F256B22} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CD02935A-50CB-4A84-9C8B-E4FC61501723} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CD6950A1-2366-4632-8AAD-F9D9CE49BC03} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D26983C1-25BA-49FD-B943-8BEC777EC160} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D651F6CE-24F3-405D-B83C-EC5107078C26} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-30] (Microsoft Corporation)
Task: {DA6A517C-6EE4-451F-9877-3CBB6EA8C5C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-13] (Google Inc.)
Task: {E45113D6-5139-440F-8787-E3EC4234F87D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E9CA78AC-412F-47CA-A4D7-55D1A7ADE822} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {FA2B245C-26E6-4CDD-9DE8-19B6F372CA1B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FE1EDA5F-1CA1-42B6-AFA9-089618D350C6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 0x000A010088D40834C8A1A444981CE143744CFD294600D400000000003C000A00200000000014730F000000000513040020200401000000000000000000000000000000000000180043003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E0065007800650000000C002F004E004F0055004100430043004800450043004B000000000018004500780070006C006F007200650072005300680065006C006C0055006E0065006C00650076006100740065006400000000000000080003130400000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => 0x000A010051FFEC6547358542984D657CDD0028C546003C03000000003C000A0020000000FEFFFFFF000000000013040000008021DF070800030013000C003100020001030000360043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0047006F006F0067006C0065005C005500700064006100740065005C0047006F006F0067006C0065005500700064006100740065002E00650078006500000003002F0063000000000017004D0049004E0049004E0054002D005200310036004A004B00310046005C006C00650067003000380031003700000020014B006500650070007300200079006F0075007200200047006F006F0067006C006500200073006F00660074007700610072006500200075007000200074006F00200064006100740065002E002000490066002000740068006900730020007400610073006B002000690073002000640069007300610062006C006500640020006F0072002000730074006F0070007000650064002C00200079006F0075007200200047006F006F0067006C006500200073006F006600740077006100720065002000770069006C006C0020006E006F00740020006200650020006B00650070007400200075007000200074006F00200064006100740065002C0020006D00650061006E0069006E0067002000730065006300750072006900740079002000760075006C006E00650072006100620069006C00690074006900650073002000740068006100740020006D00610079002000610072006900730065002000630061006E006E006F007400200062006500200066006900780065006400200061006E00640020006600650061007400750072006500730020006D006100790020006E006F007400200077006F0072006B002E002000540068006900730020007400610073006B00200075006E0069006E007300740061006C006C007300200069007400730065006C00660020007700680065006E0020007400680065007200650020006900730020006E006F00200047006F006F0067006C006500200073006F0066007400770061007200650020007500730069006E0067002000690074002E000000000008000000000000000000020030000000CF0701000100000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF0708000D000000000000000B000D0000000000000000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 07:00 - 2015-07-10 07:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-18 20:01 - 2015-08-11 05:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-08-31 16:50 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-13 22:43 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-06-01 21:19 - 2015-06-01 21:19 - 00578272 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2015-08-13 22:43 - 2015-07-30 02:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-04-09 22:22 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-08-13 22:43 - 2015-08-02 21:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-13 10:09 - 2015-08-13 10:09 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-08-13 22:43 - 2015-08-02 21:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-13 22:43 - 2015-08-02 21:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-08-13 22:43 - 2015-08-02 21:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-18 20:01 - 2015-08-11 04:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-13 22:43 - 2015-08-02 21:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-14 15:41 - 2014-04-14 15:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2015-08-13 11:08 - 2015-08-13 11:08 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-13 11:08 - 2015-08-13 11:08 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-19 11:34 - 2015-08-19 11:34 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15081901\algo.dll
2015-05-18 07:43 - 2015-05-18 07:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-05-18 07:43 - 2015-05-18 07:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-05-18 07:43 - 2015-05-18 07:43 - 00218624 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-05-22 07:36 - 2015-05-22 07:36 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-05-22 06:56 - 2015-05-22 06:56 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-08-13 11:08 - 2015-08-13 11:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-13 11:08 - 2015-08-07 20:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 11:08 - 2015-08-07 20:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GfxUI.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hkcmd.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxpers.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxsrvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\igfxtray.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 

==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 

==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1653869771-199509722-4224480817-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\leg0817\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: ChromodoUpdater => 2
MSCONFIG\Services: CLPSLauncher => 2
MSCONFIG\Services: CmdAgent => 2
MSCONFIG\Services: cmdvirth => 3
MSCONFIG\Services: CPluginService => 2
MSCONFIG\Services: DellDataVault => 2
MSCONFIG\Services: DellDataVaultWiz => 2
MSCONFIG\Services: DellUpdate => 2
MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: GeekBuddyRSP => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: NVSvc => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: RoxMediaDB12OEM => 3
MSCONFIG\Services: RoxWatch12 => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: ZeroConfigService => 2
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CyCpIo => C:\Program Files\Cypress\TrackPad\CyCpIo.exe
MSCONFIG\startupreg: CyHidWin => C:\Program Files\Cypress\TrackPad\CyHidWin.exe
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_F636EC19ECCD09EC8FE106333DDEF567 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
 
==================== Faulty Device Manager Devices =============
 

==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/19/2015 11:39:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Activation of app Microsoft.Getstarted_2.2.7.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/17/2015 06:22:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OHub.exe, version: 16.0.6106.2350, time stamp: 0x55c40ea1
Faulting module name: combase.dll, version: 10.0.10240.16384, time stamp: 0x559f3aac
Exception code: 0xc0000005
Fault offset: 0x0000000000081c5a
Faulting process id: 0xc0c
Faulting application start time: 0xOHub.exe0
Faulting application path: OHub.exe1
Faulting module path: OHub.exe2
Report Id: OHub.exe3
Faulting package full name: OHub.exe4
Faulting package-relative application ID: OHub.exe5
 
Error: (08/17/2015 06:16:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (08/17/2015 06:11:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/17/2015 06:11:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/17/2015 06:11:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/17/2015 12:19:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/17/2015 10:05:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OHub.exe, version: 16.0.6106.2350, time stamp: 0x55c40ea1
Faulting module name: combase.dll, version: 10.0.10240.16384, time stamp: 0x559f3aac
Exception code: 0xc0000005
Fault offset: 0x0000000000081c5a
Faulting process id: 0x167c
Faulting application start time: 0xOHub.exe0
Faulting application path: OHub.exe1
Faulting module path: OHub.exe2
Report Id: OHub.exe3
Faulting package full name: OHub.exe4
Faulting package-relative application ID: OHub.exe5
 
Error: (08/16/2015 10:09:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OHub.exe, version: 16.0.6106.2350, time stamp: 0x55c40ea1
Faulting module name: Mso20Imm.dll, version: 16.0.6014.1000, time stamp: 0x55a57f28
Exception code: 0xc0000005
Fault offset: 0x0000000000037cf7
Faulting process id: 0x1a6c
Faulting application start time: 0xOHub.exe0
Faulting application path: OHub.exe1
Faulting module path: OHub.exe2
Report Id: OHub.exe3
Faulting package full name: OHub.exe4
Faulting package-relative application ID: OHub.exe5
 
Error: (08/16/2015 09:30:52 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 

System errors:
=============
Error: (08/19/2015 12:48:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058
 
Error: (08/19/2015 12:48:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:44:11 PM on ‎8/‎19/‎2015 was unexpected.
 
Error: (08/19/2015 12:17:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Net.Msmq Listener Adapter service failed to start due to the following error:
%%1053
 
Error: (08/19/2015 12:17:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Net.Msmq Listener Adapter service to connect.
 
Error: (08/19/2015 12:16:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058
 
Error: (08/19/2015 12:16:14 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0x0000000000000000, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP081915-23781-01
 
Error: (08/19/2015 12:16:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:11:03 PM on ‎8/‎19/‎2015 was unexpected.
 
Error: (08/19/2015 12:10:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058
 
Error: (08/19/2015 12:09:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (08/19/2015 12:09:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 

Microsoft Office:
=========================
Error: (08/19/2015 11:39:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Microsoft.Getstarted_2.2.7.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca-2144927149
 
Error: (08/17/2015 06:22:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1combase.dll10.0.10240.16384559f3aacc00000050000000000081c5ac0c01d0d93b30ae3463C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\system32\combase.dlla120a719-391c-447e-9811-a1911a7ea0f7Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
 
Error: (08/17/2015 06:16:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (08/17/2015 06:11:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2147024865
 
Error: (08/17/2015 06:11:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
 
Error: (08/17/2015 06:11:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927142
 
Error: (08/17/2015 12:19:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MININT-R16JK1F)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
 
Error: (08/17/2015 10:05:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1combase.dll10.0.10240.16384559f3aacc00000050000000000081c5a167c01d0d8f5b65511a7C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\system32\combase.dlla126bd21-e5c5-439b-9475-21fb26bc2880Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
 
Error: (08/16/2015 10:09:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1Mso20Imm.dll16.0.6014.100055a57f28c00000050000000000037cf71a6c01d0d891b883e578C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\Mso20Imm.dll70778427-fae1-4fa7-9924-d703e78b364dMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
 
Error: (08/16/2015 09:30:52 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: F:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 

CodeIntegrity:
===================================
  Date: 2015-08-15 11:05:25.960
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 11:05:25.898
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 11:05:25.824
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 11:05:25.722
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 11:05:25.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 11:05:25.584
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 11:05:24.547
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 11:05:24.258
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 10:59:49.950
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2015-08-15 10:59:49.874
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 

==================== Memory info ===========================
 
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 30%
Total physical RAM: 6038.16 MB
Available physical RAM: 4207.45 MB
Total Virtual: 12182.16 MB
Available Virtual: 10431.88 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:452.09 GB) (Free:372.6 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:6.95 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4D910E55)
Partition 1: (Active) - (Size=452.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
 
==================== End of log ============================

​​


Edited by mikegre, 19 August 2015 - 11:06 AM.

  • 0

#78
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,024 posts
  • MVP
I'm on a 2 week trip. Just have a tablet. Suggest you download latest video driver then uninstall video driver and remove software. Reboot. Install new video driver. One of the other g2g helpers reported fixing a similar win10 problem that way.
  • 0

#79
mikegre

mikegre

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Thx for suggestion.

Appreciate all the help.

Have a good trip!


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP