Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Somethings Not Right


  • Please log in to reply

#1
ding dong

ding dong

    Member

  • Member
  • PipPipPip
  • 339 posts

My laptop was reving and so looked in task manager to fins this Windows Image Aquisition Service using the CPU.

 

Went into services and changed it to manual.

 

Engine still revving,

 

Shut down pc and turned back on.......engine begins revving again.......

 

Task manager says "no processes running?

 

Turned internet off.... no difference...still revving?


  • 0

Advertisements


#2
Gman147

Gman147

    Geek in Training

  • GeekU Sophomore
  • PipPipPip
  • 259 posts

Very sorry for that.


Edited by Gman147, 09 January 2016 - 12:57 AM.

  • 0

#3
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts

I dont know if your trying to be funny but that comment is not appreciated. Many people come here with genuine concerns and seeking advice on how to fix the problems. While I appreciate the effort and volunteer'd time you guys put in to this site, I dont appreciate being made fun of because your somehow across this [bleep] already.

 

If you dont have solutions get out of my thread.

 

Reported.


Edited by ding dong, 08 January 2016 - 11:38 PM.

  • 0

#4
Gman147

Gman147

    Geek in Training

  • GeekU Sophomore
  • PipPipPip
  • 259 posts

I dont know if your trying to be funny but that comment is not appreciated. Many people come here with genuine concerns and seeking advice on how to fix the problems. While I appreciate the effort and volunteer'd time you guys put in to this site, I dont appreciate being made fun of because your somehow across this [bleep] already.

 

If you dont have solutions get out of my thread.

 

Reported.

 

I apologize for my comment. Sometimes my unprofessional side comes out and more often than not my jokes are not appreciated. I'll try to help where I can, but other than that I wish you luck getting your problems fixed.


Edited by Gman147, 09 January 2016 - 01:04 AM.

  • 0

#5
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts

ok, no problems.....this is an issue I want fixed as its is still occurring every time I open my pc up from being shut down.


Edited by ding dong, 09 January 2016 - 02:18 AM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

I have had the thread moved to the malware forum so that we can run better tools.

 

 
Please download Farbar Recovery Scan Tool and save it to your Desktop. 
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

 

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • click on the Addition.txt box. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste that log back here and also the second log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

Also let's run Process Explorer:

 

Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 

 

 

 

  • 0

#7
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-01-2015
Ran by Danny (administrator) on BELLPC (10-01-2016 16:26:50)
Running from C:\Users\Danny\Desktop
Loaded Profiles: Danny (Available Profiles: UpdatusUser & Danny)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-18] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2015-01-25] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-08-11] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-02] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-23] ()
HKU\S-1-5-21-2550916757-1261489699-1975342201-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-09] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Danny\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Danny\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Danny\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64\FileSyncShell64.dll [2015-12-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Danny\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Danny\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Danny\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll [2015-12-17] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1936ee91-92cb-4893-9252-ed2d8183dd35}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
HKU\S-1-5-21-2550916757-1261489699-1975342201-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-25] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-16] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-25] (AVAST Software)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
 
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-07]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-07]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com.au/
CHR StartupUrls: Default -> "hxxp://www.google.com.au/"
CHR Profile: C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (iSlide) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\goicaghfpnaogbpejmaodednkiilckfo [2015-09-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-12-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-19]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-02] (AVAST Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-17] (Intel)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel® Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-23] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-02-23] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2015-01-25] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-08-11] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-20] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-02] (AVAST Software)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-14] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-14] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-08-11] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-17] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-12-16] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-10 16:26 - 2016-01-10 16:27 - 00017559 _____ C:\Users\Danny\Desktop\FRST.txt
2016-01-10 16:26 - 2016-01-10 16:26 - 02370560 _____ (Farbar) C:\Users\Danny\Desktop\FRST64.exe
2016-01-10 16:26 - 2016-01-10 16:26 - 00000000 ____D C:\FRST
2016-01-07 19:20 - 2016-01-10 15:03 - 00000000 ____D C:\Users\Danny\AppData\Local\Packages
2016-01-07 13:11 - 2015-12-02 12:11 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-01-05 15:01 - 2016-01-05 15:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-27 15:23 - 2015-12-27 15:23 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-27 15:23 - 2015-12-27 15:23 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\Program Files\iTunes
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\Program Files\iPod
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\Program Files\Bonjour
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-12-27 15:23 - 2015-12-27 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-24 15:12 - 2016-01-08 18:23 - 00000000 ____D C:\Users\Danny\Desktop\stuff for amc facebook site
2015-12-19 11:30 - 2015-12-19 11:30 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-19 09:47 - 2015-12-19 09:47 - 00000000 ___RD C:\Users\Danny\3D Objects
2015-12-19 09:44 - 2015-12-19 09:44 - 00000000 ____D C:\Users\Danny\AppData\Roaming\AVAST Software
2015-12-19 08:58 - 2015-12-07 14:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-19 08:57 - 2015-12-07 15:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-19 08:57 - 2015-12-07 15:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-19 08:57 - 2015-12-07 15:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-19 08:57 - 2015-12-07 15:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-19 08:57 - 2015-12-07 15:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-19 08:57 - 2015-12-07 15:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-19 08:57 - 2015-12-07 15:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-19 08:57 - 2015-12-07 15:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-19 08:57 - 2015-12-07 15:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-19 08:57 - 2015-12-07 15:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-19 08:57 - 2015-12-07 15:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-19 08:57 - 2015-12-07 15:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-19 08:57 - 2015-12-07 15:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-19 08:57 - 2015-12-07 15:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-19 08:57 - 2015-12-07 15:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-19 08:57 - 2015-12-07 15:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-19 08:57 - 2015-12-07 15:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-19 08:57 - 2015-12-07 15:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-19 08:57 - 2015-12-07 15:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-19 08:57 - 2015-12-07 15:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-19 08:57 - 2015-12-07 15:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-19 08:57 - 2015-12-07 15:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-19 08:57 - 2015-12-07 15:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-19 08:57 - 2015-12-07 15:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-19 08:57 - 2015-12-07 15:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-19 08:57 - 2015-12-07 15:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-19 08:57 - 2015-12-07 15:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-19 08:57 - 2015-12-07 15:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-19 08:57 - 2015-12-07 15:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-19 08:57 - 2015-12-07 15:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-19 08:57 - 2015-12-07 15:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-19 08:57 - 2015-12-07 15:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-19 08:57 - 2015-12-07 15:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-19 08:57 - 2015-12-07 15:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-19 08:57 - 2015-12-07 15:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-19 08:57 - 2015-12-07 15:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-19 08:57 - 2015-12-07 14:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-19 08:57 - 2015-12-07 14:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-19 08:57 - 2015-12-07 14:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-19 08:57 - 2015-12-07 14:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-19 08:57 - 2015-12-07 14:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-19 08:57 - 2015-12-07 14:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-19 08:57 - 2015-12-07 14:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-19 08:57 - 2015-12-07 14:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-19 08:57 - 2015-12-07 14:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-19 08:57 - 2015-12-07 14:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-19 08:57 - 2015-12-07 14:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-19 08:57 - 2015-12-07 14:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-19 08:57 - 2015-12-07 14:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-19 08:57 - 2015-12-07 14:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-19 08:57 - 2015-12-07 14:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-19 08:57 - 2015-12-07 14:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-19 08:57 - 2015-12-07 14:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-19 08:57 - 2015-12-07 14:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-19 08:57 - 2015-12-07 14:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-19 08:57 - 2015-12-07 14:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-19 08:57 - 2015-12-07 14:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-19 08:57 - 2015-12-07 14:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-19 08:57 - 2015-12-07 14:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-19 08:57 - 2015-12-07 14:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-19 08:57 - 2015-12-07 14:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-19 08:57 - 2015-12-07 14:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-19 08:57 - 2015-12-07 14:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-19 08:57 - 2015-12-07 14:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-19 08:57 - 2015-12-07 14:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-19 08:57 - 2015-12-07 14:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-19 08:57 - 2015-12-07 14:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-19 08:57 - 2015-12-07 14:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-19 08:57 - 2015-12-07 14:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-19 08:57 - 2015-12-07 14:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-19 08:57 - 2015-12-07 14:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-19 08:57 - 2015-12-07 14:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-19 08:43 - 2016-01-07 13:12 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2015-12-18 12:00 - 2015-12-17 18:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-18 11:56 - 2015-12-18 11:56 - 00000000 ____D C:\Windows.old
2015-12-18 11:55 - 2015-12-18 11:55 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-18 11:55 - 2015-12-18 11:55 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-18 11:55 - 2015-12-18 11:55 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-18 11:55 - 2015-12-18 11:55 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-18 11:55 - 2015-12-18 11:55 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-18 11:55 - 2015-12-18 11:55 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-18 11:55 - 2015-12-18 11:55 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-18 11:55 - 2015-12-18 11:55 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-18 11:55 - 2015-12-18 11:55 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-18 11:52 - 2015-12-18 11:52 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-18 11:48 - 2015-12-18 11:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-18 11:48 - 2015-12-18 11:48 - 00000000 ____D C:\Program Files\MSBuild
2015-12-18 11:48 - 2015-12-18 11:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-18 11:48 - 2015-12-18 11:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-18 11:48 - 2015-12-18 11:48 - 00000000 ____D C:\inetpub
2015-12-18 11:47 - 2015-10-24 12:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-18 11:47 - 2015-10-24 12:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-18 11:47 - 2015-10-24 12:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-18 11:47 - 2015-10-24 12:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-18 11:47 - 2015-10-24 12:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-18 11:47 - 2015-10-24 12:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-17 18:42 - 2015-12-17 18:42 - 00000000 ____D C:\Users\Danny\AppData\Local\MicrosoftEdge
2015-12-17 17:59 - 2015-12-17 17:59 - 00000000 ____D C:\Users\Danny\AppData\Local\Comms
2015-12-17 17:54 - 2015-12-17 17:54 - 00001058 _____ C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-12-17 17:43 - 2015-12-17 17:43 - 00002374 _____ C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-17 17:41 - 2015-12-17 17:41 - 00000000 ____D C:\Users\Danny\AppData\Local\ActiveSync
2015-12-17 17:40 - 2015-12-17 17:40 - 00000000 ____D C:\Users\Danny\AppData\Local\Publishers
2015-12-17 17:39 - 2015-12-17 17:39 - 00000020 ___SH C:\Users\Danny\ntuser.ini
2015-12-17 17:39 - 2015-12-17 17:39 - 00000000 ____D C:\Users\Danny\AppData\Local\TileDataLayer
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 _SHDL C:\Users\Default\My Documents
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2015-12-17 17:33 - 2015-12-17 17:33 - 00000000 ____D C:\ProgramData\USOShared
2015-12-17 17:29 - 2016-01-08 18:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-17 17:18 - 2015-12-17 17:18 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2015-12-17 17:13 - 2015-12-17 17:13 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-17 17:11 - 2016-01-08 18:15 - 00973984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-17 17:11 - 2015-12-30 22:09 - 00000000 ____D C:\Users\Danny
2015-12-17 17:11 - 2015-12-19 08:33 - 00000000 ____D C:\Users\UpdatusUser
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\UpdatusUser\My Documents
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Videos
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Pictures
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Music
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\Danny\My Documents
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\Danny\Documents\My Videos
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\Danny\Documents\My Pictures
2015-12-17 17:11 - 2015-12-17 17:11 - 00000000 _SHDL C:\Users\Danny\Documents\My Music
2015-12-17 17:10 - 2015-12-17 17:25 - 00981082 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-17 17:07 - 2016-01-10 14:07 - 00007889 _____ C:\WINDOWS\BRRBCOM.INI
2015-12-17 17:07 - 2015-12-17 17:14 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-17 17:07 - 2015-12-17 17:14 - 00000000 ____D C:\ProgramData\Brother
2015-12-17 17:07 - 2015-12-17 17:07 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-17 17:07 - 2015-07-23 12:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-17 17:07 - 2015-07-23 12:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-17 17:07 - 2015-07-23 12:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-17 17:07 - 2015-07-23 12:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-17 17:07 - 2015-07-23 12:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-17 17:07 - 2015-07-23 12:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-17 17:07 - 2015-07-23 12:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-17 17:07 - 2015-07-23 12:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-17 17:07 - 2015-07-22 15:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-17 17:06 - 2016-01-10 11:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-17 17:06 - 2015-12-17 17:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-17 17:06 - 2015-12-17 17:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-17 17:06 - 2015-12-17 17:06 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-12-17 17:06 - 2015-12-17 17:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-17 17:06 - 2015-12-17 17:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-17 17:06 - 2015-12-17 17:06 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-17 17:06 - 2015-12-17 17:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-17 17:06 - 2015-12-17 17:06 - 00000000 ____D C:\Program Files\Synaptics
2015-12-17 17:06 - 2015-07-17 23:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-17 17:06 - 2015-07-17 23:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-17 17:05 - 2015-12-17 17:13 - 00000000 ____D C:\Program Files\Intel
2015-12-17 17:05 - 2015-10-30 18:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-17 17:03 - 2015-12-17 17:03 - 00000000 ____D C:\ProgramData\Validity
2015-12-17 17:01 - 2015-12-23 03:31 - 00253840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-16 23:26 - 2015-12-16 23:26 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-12-16 20:06 - 2016-01-09 16:59 - 00000000 ____D C:\Users\Danny\Desktop\Potassium Meal Planners
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-10 16:26 - 2015-10-30 17:28 - 00000000 ____D C:\Windows
2016-01-10 16:26 - 2015-01-19 08:16 - 00000000 ____D C:\Users\Danny\Documents\Outlook Files
2016-01-10 16:24 - 2015-01-18 19:32 - 00000000 ___RD C:\Users\Danny\Desktop\The Mashup
2016-01-10 12:21 - 2015-01-25 18:59 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BFC4FC3A-874E-44F4-872B-ED4A62D93FD4}
2016-01-10 11:51 - 2015-01-25 18:59 - 00000000 __SHD C:\Users\Danny\IntelGraphicsProfiles
2016-01-09 16:58 - 2015-01-27 13:47 - 00000000 ____D C:\Users\Danny\Documents\Freemake
2016-01-09 16:25 - 2015-10-30 18:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-09 16:25 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-09 12:21 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-08 20:39 - 2015-02-03 17:38 - 00000000 ____D C:\Users\Danny\Desktop\Bidding wars
2016-01-08 18:15 - 2015-10-30 18:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-08 18:11 - 2015-10-30 17:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-07 20:33 - 2015-01-18 16:03 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-06 19:13 - 2015-10-30 18:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-03 18:01 - 2013-06-05 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-01-03 12:40 - 2015-10-30 18:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 12:40 - 2015-10-30 18:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-30 19:17 - 2015-01-27 13:47 - 00000000 ____D C:\ProgramData\Freemake
2015-12-30 16:27 - 2015-01-27 13:47 - 00001404 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2015-12-30 16:27 - 2015-01-27 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-30 07:20 - 2015-01-21 07:34 - 00003238 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDanny
2015-12-29 09:30 - 2015-02-09 19:02 - 00000000 ____D C:\Users\Danny\AppData\Local\ElevatedDiagnostics
2015-12-27 15:22 - 2014-06-21 12:23 - 00000000 ____D C:\ProgramData\Apple
2015-12-26 19:18 - 2015-07-26 14:31 - 00000000 ____D C:\Users\Danny\Desktop\Dover deck
2015-12-24 07:24 - 2015-01-18 21:00 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-23 03:30 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-23 03:30 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-23 03:30 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-19 11:28 - 2014-12-22 14:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-19 09:46 - 2015-01-19 10:44 - 00000000 ___RD C:\Users\Danny\Desktop\AMC
2015-12-19 09:40 - 2015-04-02 18:32 - 00000000 ___RD C:\Users\Danny\Desktop\go aheads
2015-12-19 09:17 - 2015-01-28 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-19 08:43 - 2015-01-18 16:03 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-12-19 08:43 - 2015-01-18 16:03 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-12-19 08:33 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-12-19 08:33 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-12-19 08:33 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-19 08:33 - 2015-10-30 18:24 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-19 08:33 - 2015-10-30 17:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-19 08:32 - 2015-01-18 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-19 08:32 - 2015-01-18 16:02 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-19 08:32 - 2015-01-18 16:00 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-19 08:21 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\registration
2015-12-19 08:14 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-18 12:00 - 2015-10-30 18:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-18 11:55 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-18 11:55 - 2015-10-30 17:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-18 11:55 - 2015-10-30 17:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-18 11:48 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-18 11:48 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-18 11:48 - 2015-10-30 18:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-18 11:48 - 2015-10-30 18:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-18 11:48 - 2015-10-30 18:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-18 11:48 - 2015-10-30 18:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-18 11:48 - 2015-10-30 18:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-18 11:48 - 2015-10-30 18:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-18 11:48 - 2015-10-30 18:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-18 11:48 - 2015-10-30 18:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-18 11:48 - 2015-10-30 18:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-18 11:48 - 2015-10-30 18:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-18 11:48 - 2015-10-30 18:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-18 11:48 - 2015-10-30 18:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-18 06:00 - 2015-03-01 07:37 - 00000000 __SHD C:\Users\Danny\AppData\LocalLow\EmieUserList
2015-12-18 06:00 - 2015-02-05 06:47 - 00000000 __SHD C:\Users\Danny\AppData\LocalLow\EmieSiteList
2015-12-17 20:44 - 2015-10-30 17:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-17 17:57 - 2015-10-30 18:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-17 17:54 - 2015-10-30 20:03 - 00000000 ____D C:\WINDOWS\OCR
2015-12-17 17:43 - 2015-05-15 00:24 - 00000000 ___RD C:\Users\Danny\OneDrive
2015-12-17 17:41 - 2015-12-04 05:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-12-17 17:40 - 2015-10-30 18:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-17 17:40 - 2015-10-30 18:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-17 17:40 - 2015-10-30 18:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-17 17:39 - 2015-10-30 18:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-17 17:39 - 2014-06-24 03:25 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-17 17:34 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-17 17:33 - 2015-10-30 18:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-17 17:32 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-17 17:32 - 2015-01-25 18:03 - 00041913 _____ C:\WINDOWS\diagwrn.xml
2015-12-17 17:32 - 2015-01-25 18:03 - 00041913 _____ C:\WINDOWS\diagerr.xml
2015-12-17 17:30 - 2015-01-25 18:19 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-17 17:30 - 2015-01-18 16:14 - 00002392 _____ C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2550916757-1261489699-1975342201-1002
2015-12-17 17:30 - 2015-01-18 15:43 - 00003288 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-17 17:29 - 2015-01-19 12:27 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-12-17 17:29 - 2015-01-18 21:00 - 00002040 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-17 17:29 - 2015-01-18 15:53 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2550916757-1261489699-1975342201-1002
2015-12-17 17:29 - 2015-01-18 15:43 - 00003060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-17 17:29 - 2015-01-18 15:24 - 00002872 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-12-17 17:29 - 2015-01-18 15:24 - 00002494 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-12-17 17:29 - 2014-06-21 13:55 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2550916757-1261489699-1975342201-500
2015-12-17 17:29 - 2014-06-21 12:26 - 00002048 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-12-17 17:26 - 2015-10-30 18:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-17 17:20 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-17 17:20 - 2015-10-30 18:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-17 17:20 - 2015-03-14 05:14 - 00000000 ____D C:\WINDOWS\en
2015-12-17 17:20 - 2015-01-22 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navman
2015-12-17 17:20 - 2015-01-19 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-12-17 17:20 - 2015-01-18 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-17 17:20 - 2015-01-18 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-17 17:20 - 2014-06-21 12:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2015-12-17 17:20 - 2014-06-21 12:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-17 17:20 - 2014-06-21 12:20 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-12-17 17:20 - 2014-06-21 12:20 - 00000000 ____D C:\WINDOWS\system32\NV
2015-12-17 17:20 - 2013-06-05 11:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-17 17:20 - 2013-06-05 11:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-12-17 17:18 - 2013-08-23 00:36 - 00000000 ____D C:\Users\Default.migrated
2015-12-17 17:16 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-17 17:16 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-17 17:16 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-17 17:16 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-17 17:16 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-17 17:16 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-17 17:15 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-17 17:15 - 2014-06-21 12:23 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2015-12-17 17:15 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-17 17:15 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-17 17:14 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-17 17:14 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-17 17:14 - 2015-01-25 17:55 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-17 17:14 - 2014-06-21 12:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-17 17:14 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-12-17 17:14 - 2013-08-23 02:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-17 17:14 - 2013-06-05 11:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-12-17 17:14 - 2012-08-04 09:29 - 00000000 ____D C:\ProgramData\PRICache
2015-12-17 17:13 - 2015-10-30 18:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-17 17:13 - 2014-06-21 12:43 - 00000000 ____D C:\Program Files\Intel Corporation
2015-12-17 17:12 - 2015-01-27 13:47 - 00000000 ____D C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-17 17:07 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-17 17:02 - 2015-10-30 20:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-17 16:31 - 2015-10-30 20:42 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-16 23:26 - 2014-06-21 12:31 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-12-16 06:39 - 2015-01-18 19:04 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-13 16:01 - 2015-01-27 13:47 - 00000000 ____D C:\Program Files (x86)\Freemake
 
Some files in TEMP:
====================
C:\Users\Danny\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-04 20:41
 
==================== End of FRST.txt ============================

  • 0

#8
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-J152W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1303-148929CC1385}) (Version: 3.0.1303.0326 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8e41467d-297e-496d-8b0f-e771b6c87c06}) (Version: 16.11.0 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NavDesk 2009 (HKLM-x32\...\{F5F1B66A-F117-427C-98C7-D4732F49BEBF}) (Version: 6.20.100 - Navman Technologies NZ Ltd)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2550916757-1261489699-1975342201-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Danny\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {12BFBA9F-8231-421A-9585-B0430F5A6EF8} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-11] (Synaptics Incorporated)
Task: {12E3E3C9-B0E4-4C60-AAD0-0020A508818F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-28] (Hewlett-Packard Company)
Task: {1346CAC1-58F9-4C1B-8158-EAB99FEE7817} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
Task: {1970D496-4E0E-438E-85E9-648802A849E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {223057B1-2FA7-46DE-814B-4413F424A376} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-11-30] (Hewlett-Packard)
Task: {2261FE56-0D50-4D66-993A-DA5D5FF49760} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-06] (Hewlett-Packard Development Company, L.P.)
Task: {2931BCE8-F183-4687-B875-FA17DB29C400} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {3246A531-C664-4623-BBE5-A90C7097BD9F} - System32\Tasks\HPCeeScheduleForDanny => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {356F4A46-C5FA-4CFC-AE45-3ABA23A1BCE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-28] (Hewlett-Packard Company)
Task: {5F960B87-0B6D-44CB-AD66-5FC45F0D5959} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-09] (Piriform Ltd)
Task: {8AD4C5CD-AB64-4C1C-B27A-3E9A8B09C26B} - System32\Tasks\avastBCLRestartS-1-5-21-2550916757-1261489699-1975342201-1002 => Chrome.exe 
Task: {B2E45D2B-6722-4F74-ABE4-F8DDE7877393} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C96BBBB1-1083-4CF7-9E30-51E390BCBB85} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {DD0F14F5-F208-4E6C-AFED-26A2CA542C71} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {E7DAA0AC-A546-4191-99F3-BBD0AB506878} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-02] (AVAST Software)
Task: {ECF9D128-5A36-48F4-BAE7-28B4229C27E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {F6780AC1-256B-4F33-8CF1-127995D2B346} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-28] (Hewlett-Packard Company)
Task: {F9B59140-5091-4EC7-B809-F82B5CC1B726} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FB50F202-C800-4BDE-8ABA-EA07003ABEB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-20 08:21 - 2013-03-20 08:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2015-01-19 11:16 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-30 18:18 - 2015-10-30 18:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-17 17:07 - 2015-07-23 12:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-18 11:55 - 2015-12-18 11:55 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-29 18:29 - 2015-09-02 03:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-21 18:26 - 2015-12-23 16:31 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-12-02 12:11 - 2015-12-02 12:11 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-02 12:11 - 2015-12-02 12:11 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-08 18:01 - 2016-01-08 18:01 - 02809344 _____ () C:\Program Files\AVAST Software\Avast\defs\16010701\algo.dll
2015-12-02 12:11 - 2015-12-02 12:11 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-10 07:11 - 2016-01-10 07:11 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16010901\algo.dll
2014-06-21 12:21 - 2013-02-16 11:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-12-02 12:11 - 2015-12-02 12:11 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-23 00:25 - 2013-08-23 00:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2550916757-1261489699-1975342201-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-2550916757-1261489699-1975342201-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2550916757-1261489699-1975342201-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_980F3E46EDCC36C8F965DDC05D156569"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AFBD54C1-9BE3-4417-99F6-B1CB3D28EDE9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6AA460EC-D35E-4A92-8AEC-3764785B4CA1}] => (Allow) LPort=1900
FirewallRules: [{F2964DC2-D64D-4CED-A3CC-351FBFF53B38}] => (Allow) LPort=2869
FirewallRules: [{1BF839D9-C677-40D1-8494-46516C1C7AC9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0E623D18-9835-4A31-A918-EFB1693DB495}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{EE841A12-AD0C-43B6-9C69-F4F35616A5B2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{D76C2500-D4E1-4D9C-8F15-685F3FAD04DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{83C3E19E-FD30-490C-81CA-BA005D801062}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0D886A2E-804D-4426-ACC0-C108E11042CE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{4D7DBB7A-F993-4D39-8E54-7686ED42141B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F4C5709-1891-4438-B41A-2A919F92F965}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B3EF5C16-F137-4D60-A5E9-C868C28E7C06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0F0651FC-5262-4565-886C-26EBB58FB268}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9E45D6A1-9C35-4C55-BBD9-387462DAD647}] => (Allow) C:\Program Files\iTunes\iTunes.exe
 
==================== Restore Points =========================
 
24-12-2015 19:49:26 Windows Modules Installer
27-12-2015 08:28:08 Removed iTunes
30-12-2015 13:39:56 Windows Update
06-01-2016 19:13:05 Windows Update
07-01-2016 19:16:00 Restore Point Created by FRST
07-01-2016 20:39:18 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/10/2016 12:56:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 12:56:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/10/2016 11:51:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BellPC)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147221165 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (01/10/2016 08:27:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_24ad70e service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/10/2016 08:27:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/09/2016 08:28:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_211b431 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/09/2016 08:28:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/09/2016 05:24:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_1cd25a2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/09/2016 05:24:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/09/2016 04:25:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Windows Calculator.
 
Error: (01/09/2016 04:25:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Store.
 
Error: (01/09/2016 04:24:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Xbox.
 
Error: (01/09/2016 04:24:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Microsoft Phone.
 
 
CodeIntegrity:
===================================
  Date: 2016-01-06 21:19:41.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-30 16:32:45.264
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-25 08:36:22.688
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-23 03:33:00.512
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-19 14:08:46.182
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-19 08:41:29.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-19 06:21:13.989
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-12-17 19:56:11.775
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-17 18:27:49.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-17 17:26:54.506
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 23%
Total physical RAM: 8124.02 MB
Available physical RAM: 6206.92 MB
Total Virtual: 9404.02 MB
Available Virtual: 7429.11 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:901.3 GB) (Free:839.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:28.66 GB) (Free:2.9 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E9486FF2)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#9
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
ApplicationFrameHost.exe 6,804 K 22,868 K 4824 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe 1,204 K 5,624 K 2396 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
audiodg.exe 8,088 K 13,888 K 6960 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
BrcmSetSecurity.exe 1,620 K 5,968 K 2996 BrcmSetSecurity Intel (Verified) Intel Wireless Display
chrome.exe 28,604 K 55,456 K 5924 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 26,412 K 35,328 K 6360 Google Chrome Google Inc. (Verified) Google Inc
CoolSense.exe 2,092 K 460 K 2824 HP CoolSense Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
csrss.exe 1,516 K 5,004 K 616 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
dasHost.exe 816 K 4,000 K 2780 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows
fontdrvhost.exe 912 K 3,380 K 5904 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
GoogleUpdate.exe 2,064 K 796 K 3460 Google Installer Google Inc. (Verified) Google Inc
HeciServer.exe 1,468 K 7,036 K 2356 Intel® Capability Licensing Service Interface Intel® Corporation (No signature was present in the subject) Intel® Corporation
HPMSGSVC.exe 1,480 K 7,744 K 5172 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
hpqwmiex.exe 1,968 K 8,904 K 4828 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,644 K 7,400 K 6412 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
IAStorDataMgrSvc.exe 31,168 K 44,188 K 5312 IAStorDataSvc Intel Corporation (Verified) Intel Corporation - Intel® Rapid Storage Technology
ibtrksrv.exe 1,448 K 6,724 K 2584 Intel Bluetooth RF Management Service Intel Corporation (Verified) Intel Corporation-Mobile Wireless Group
igfxCUIService.exe 2,196 K 8,988 K 1304 igfxCUIService Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxEM.exe 3,528 K 12,508 K 6180 igfxEM Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxHK.exe 2,112 K 9,240 K 4468 igfxHK Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxTray.exe 3,220 K 10,868 K 3588 (Verified) Intel Corporation - pGFX
IntelCpHeciSvc.exe 1,832 K 7,148 K 1500 IntelCpHeciSvc Executable Intel Corporation (Verified) Intel Corporation - pGFX
IntelMeFWService.exe 924 K 4,412 K 5384 Intel® ME Service Intel Corporation (Verified) Intel Corporation
Jhi_service.exe 1,148 K 5,416 K 5440 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation
LMS.exe 2,736 K 10,540 K 5468 Intel® Local Management Service Intel Corporation (Verified) Intel Corporation
mDNSResponder.exe 1,924 K 6,332 K 2288 Bonjour Service Apple Inc. (Verified) Apple Inc.
nvvsvc.exe 2,528 K 9,652 K 1168 NVIDIA Driver Helper Service, Version 353.62 NVIDIA Corporation (Verified) NVIDIA Corporation
nvxdsync.exe 6,764 K 20,452 K 5660 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
PresentationFontCache.exe 25,704 K 18,952 K 3608 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
procexp.exe 2,604 K 9,756 K 7132 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
RuntimeBroker.exe 2,236 K 12,120 K 3312 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
services.exe 3,468 K 7,640 K 824 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher
sihost.exe 3,748 K 18,568 K 7064 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
smss.exe 416 K 1,136 K 456 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 7,248 K 17,868 K 2004 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,088 K 16,688 K 2320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,516 K 6,384 K 2940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,896 K 5,492 K 3504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,340 K 13,024 K 7056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,076 K 10,308 K 2168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,604 K 21,048 K 1204 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 20,164 K 29,556 K 1280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,992 K 24,324 K 2188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,720 K 28,504 K 636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SynTPEnhService.exe 1,024 K 4,248 K 2304 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
SynTPHelper.exe 908 K 376 K 2884 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
SystemSettings.exe Suspended 16,044 K 37,056 K 3808 Settings Microsoft Corporation (Verified) Microsoft Windows
TabTip32.exe 1,092 K 4,004 K 6632 Touch Keyboard and Handwriting Panel Helper Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,608 K 6,420 K 3416 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 6,016 K 16,588 K 524 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,352 K 7,460 K 2016 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,328 K 5,468 K 732 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher
winlogon.exe 2,036 K 13,716 K 2864 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 7,504 K 15,760 K 1572 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
hpservice.exe < 0.01 1,052 K 4,952 K 1720 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
svchost.exe < 0.01 25,532 K 56,384 K 488 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
valWBFPolicyService.exe < 0.01 684 K 3,072 K 2312 (No signature was present in the subject)
svchost.exe < 0.01 3,168 K 9,696 K 724 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
nvvsvc.exe < 0.01 5,044 K 14,932 K 6120 NVIDIA Driver Helper Service, Version 353.62 NVIDIA Corporation (Verified) NVIDIA Corporation
WmiPrvSE.exe < 0.01 10,312 K 17,408 K 3116 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 6,020 K 15,728 K 832 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
HPSA_Service.exe < 0.01 31,048 K 22,700 K 5188 HP Support Assistant Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
SynTPEnh.exe < 0.01 6,192 K 1,656 K 3816 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe < 0.01 4,992 K 10,608 K 944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchIndexer.exe < 0.01 40,556 K 45,472 K 3936 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
officeclicktorun.exe < 0.01 28,824 K 41,624 K 2412 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 90,992 K 100,876 K 512 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WUDFHost.exe < 0.01 4,568 K 12,536 K 1296 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 6,612 K 19,504 K 900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 18,080 K 27,688 K 1136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AppleMobileDeviceService.exe < 0.01 3,948 K 13,648 K 2212 MobileDeviceService Apple Inc. (Verified) Apple Inc.
AvastUI.exe 0.01 17,716 K 21,828 K 260 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
ProductUpdater.exe 0.02 50,340 K 48,888 K 2752 ProductUpdater (No signature was present in the subject)
nvtray.exe 0.02 11,032 K 20,248 K 6036 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
TabTip.exe 0.02 3,072 K 12,668 K 1920 Touch Keyboard and Handwriting Panel Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.03 53,232 K 104,076 K 6604 Google Chrome Google Inc. (Verified) Google Inc
stacsv64.exe 0.03 5,876 K 11,480 K 1548 IDT PC Audio IDT, Inc. (No signature was present in the subject) IDT, Inc.
explorer.exe 0.03 45,916 K 91,524 K 4540 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
AvastSvc.exe 0.06 139,972 K 39,864 K 1944 avast! Service AVAST Software (Verified) AVAST Software a.s.
csrss.exe 0.06 2,132 K 7,012 K 4100 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
System 0.07 208 K 11,132 K 4
dwm.exe 0.10 46,832 K 46,120 K 3248 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.12 0 K 0 K n/a Hardware Interrupts and DPCs
chrome.exe 0.15 67,284 K 103,160 K 5916 Google Chrome Google Inc. (Verified) Google Inc
procexp64.exe 1.01 31,468 K 66,424 K 6644 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 98.26 0 K 4 K 0

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Currently nothing taxing the CPU but a lot of errors in your log and I'm not sure I trust your Freemake Video Converter - found it listed as a potentially unwanted program on a few sites..  

 

Hit the Windows key and the X to bring up then quick link menu then select Command Prompt (Admin)

 

Alternative methods:

 

http://blogs.msmvps....-in-windows-10/

 

Once you have the command window up then type (with an Enter after each command)

sfc /scannow

This will take a while to finish.  IF it asks for a reboot please do so.  If it says it can't fix everything then run

DISM /Online /Cleanup-Image /RestoreHealth

This one requires you to be on line and it will take a while to complete.  Wait for the prompt to return.

 

Once it finishes, reboot and then run a FRST scan again with the Addition box checked.  I just need the Addition.txt file this time.

 

If the PC starts to rev again, run a new Process Explorer log as before.

 

Also let's run speccy:

 

Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the
Download Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  
 
Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.
 

 


  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

In addition to the above see if you can get Avast to do a boot time scan tonight while you sleep.  Follow this procedure:

 

Mute the sound so it doesn't wake you when it restarts.

 

Click on the Avast ball in systray or the Avast shortcut on your desktop or All Programs, Avast Software, Avast Free Anti-virus.
 
Click on Scan then Scan for Viruses.  In the box under the monitor icon, click on the down arrow and select Boot-time Scan.
 
Click on Scan Settings
 
Change System Drive to All hard drives
 
 
Under Heuristics click on the gray box to the left of Normal. It should turn Orange and now say High
 
Make sure the two boxes are checked.  Where it says 
 
When a threat is found... change it to Move to Chest.  OK.  Start.
 
The next time you reboot the scan will start.  I usually let it run while I sleep because it can take 6 hours.  (Good idea to mute the speakers so windows won't wake you when it finally boots up)
 
It normally stores its log in C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change but last time I ran it it told you where to look for the log when it first started up.
 
Once it finishes copy and paste the log into a replay.  (if it says it found anything)

  • 0

#12
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts

The Freemake Video Converter has performed well with no problems but its cousin the Freemake Video Downloader I removed but still get popups from it even though removed.

 

Am perfoming scans now but the pc not revving anymore as I went into Task manager and clicked on the Windows Image Aquisition thingy and underneath it appeared an option to "stop" so clicked that and its stopped...no more revving but I still have problems with my menu and other tray items not opening when clicked on.

 

I really need to know what this WIA is and what the [bleep] its doing...


Edited by ding dong, 10 January 2016 - 03:49 PM.

  • 0

#13
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts

First scan results from command prompt no violations:

 

Before I run any more scans (because then it becomes a feat to remove them as I have already found they leave behind junk).

 

I need to know if this issue is related to my removal of the old shell folder from W8 - is there a way of checking why my menu doesnt work and other tray icons? Are the tray icons related to the shell in 10?


Edited by ding dong, 10 January 2016 - 04:08 PM.

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Windows Image Acquisition is usually active when there is a camera or scanner connected.  It runs as a service that is set to Startup Type: Manual.  On my PC is uses 0% of the CPU and 1 MB of memory.

 

If you see it reving again then try and capture a process explorer log.  You can also get more detail on what other process are part of the WIA by clicking on it in Process Explorer.  If you right click on it you can pause it and restart it.

 

 

 

Can't tell you if your problem is related to the old shell folder since I'm not sure what you mean.  

 

The scans I have you run only leave logs which can easily be deleted.  Speccy does need to be uninstalled but it's a clean uninstall.  There is no adware associated with them.  

 

 

I would run the DISM /Online /Cleanup-Image /RestoreHealth anyway  since you are having odd problems.

 

Right click problems are usually fixed by removing the non-Microsoft options using ShellExView:  I haven't tested it on Win 10 but it works on 8 so should run.

 

download ShellExView.

 
 
Use this download:
 
Once you get it installed, run it and look in the third or fourth column from the RIGHT. It should say MICROSOFT. Click once or twice on MICROSOFT so that items with NO are at the top.
Select all of the NO items and then click on the red led looking icon in the upper left. This should disable all of the non-microsoft additions to Explorer. Reboot and see if you still have right click problems.

  • 0

#15
ding dong

ding dong

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 339 posts

I have a Brother printer connected at all times to my laptop and use the scanner sometimes. How can I make it do what yours does...using 0% cpu etc?

 

What I mean about Shell menu is this.

 

When I got a W8 laptop it was crap. I saw alot of talk online about a "shell menu" program which took the stupid slide screen menu out of the picture and replaced it with a normal W7 type menu and the icon wa s shell icon.

 

Then when I took the offer to update to W10 as it kept harassing me to do it and online it was hailed as a good system and did away with W8 mistakes and the slide menu's and went back to a more simple easy menu I was sold.

 

One day while looking at my files and in C drive I saw "Shell" something or rather and so I thought it was a leftover from W8 shell menu and so I deleted it. Now I am wondering if it was still part of the W10 update and that I may have removed it prematurely?

 

I dont have right click problems? My mouse clicker works fine.

 

My problems are my menu wont open, my calendar, my wifi and sound icons wont open but I can get to them through other ways but the tray items are not working.

 

Also how do I remove Fabar Scan Tool?


Edited by ding dong, 11 January 2016 - 03:05 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP