Hey everyone, first time here. Hoping someone can help. My internet browsers run slow to a crash and burn.
My startup time for my laptop jumped from 48 seconds to 3 1/2 minutes. My computer is acting like something
is using all my resources. I have to restart constantly and I'm getting lots of error messages.
Anyway, here is the results of my Farbar recovery scan:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
Ran by Mark (administrator) on MARKS_COMPUTER (14-10-2015 09:27:25)
Running from C:\Users\Mark\Desktop
Loaded Profiles: Mark (Available Profiles: Mark & Administrator)
Platform: Windows 10 Home Insider Preview (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe
() C:\Users\Mark\AppData\Roaming\Dashlane\Dashlane.exe
() C:\Users\Mark\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Users\Mark\AppData\Local\Apps\2.0\G98X6W2X.EHN\R2CENMCJ.JYO\lsb...tion_91a10ba61c75c82d_0001.0005_b11529cbca29c754\LSB.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13251.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\SystemApps\WindowsFeedback_cw5n1h2txyewy\FeedbackApp.Windows.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-22] (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Run: [SmartRAM] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Run: [Dashlane] => C:\Users\Mark\AppData\Roaming\Dashlane\Dashlane.exe [227648 2015-09-03] ()
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Run: [DashlanePlugin] => C:\Users\Mark\AppData\Roaming\Dashlane\DashlanePlugin.exe [285504 2015-09-03] ()
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Run: [ToolwizCareFree] => C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe [5274328 2015-08-29] (Toolwiz)
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Policies\Explorer: [NoInternetOpenWith] 0
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\SysWOW64\3Planesoft_Screensaver_Manager.scr [684032 2009-11-10] (3Planesoft)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mark\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-10-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mark\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-10-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mark\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\amd64\FileSyncShell64.dll [2015-10-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Mark\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-10-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Mark\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-10-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Mark\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_1\FileSyncShell.dll [2015-10-05] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{17972036-390a-4376-b368-1b4d57b4a119}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{2adb89f3-394c-46ae-a942-d4b6f8d4b2a8}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
SearchScopes: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001 -> DefaultScope {84BBBBD8-3C05-4CD1-8D71-B03309E99298} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001 -> {84BBBBD8-3C05-4CD1-8D71-B03309E99298} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-08-28] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Mark\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2015-09-03] (Dashlane)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Mark\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2015-09-03] (Dashlane)
Toolbar: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-01] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-01] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-08-30]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-08-25] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-11] (Intel Corporation)
S3 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
S3 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-08-02] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S4 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-08-17] (Lenovo)
S4 OneSyncSvc_35168; C:\WINDOWS\system32\svchost.exe [36696 2015-09-13] (Microsoft Corporation)
S4 OneSyncSvc_35168; C:\WINDOWS\SysWOW64\svchost.exe [30480 2015-09-13] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_35168; C:\WINDOWS\system32\svchost.exe [36696 2015-09-13] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_35168; C:\WINDOWS\SysWOW64\svchost.exe [30480 2015-09-13] (Microsoft Corporation)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-20] (DEVGURU Co., LTD.)
S3 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-09-13] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2015-09-13] (Microsoft Corporation)
S3 UnistoreSvc_35168; C:\WINDOWS\System32\svchost.exe [36696 2015-09-13] (Microsoft Corporation)
S3 UnistoreSvc_35168; C:\WINDOWS\SysWOW64\svchost.exe [30480 2015-09-13] (Microsoft Corporation)
S3 UserDataSvc_35168; C:\WINDOWS\system32\svchost.exe [36696 2015-09-13] (Microsoft Corporation)
S3 UserDataSvc_35168; C:\WINDOWS\SysWOW64\svchost.exe [30480 2015-09-13] (Microsoft Corporation)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [349088 2015-09-13] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [12928 2015-09-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [17656 2015-09-13] (Windows ® Win 7 DDK provider)
R1 BTOWSFF; C:\WINDOWS\System32\Drivers\BTOWSFF.sys [33024 2015-08-29] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [52480 2015-08-29] (Toolwiz.com)
R3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-28] (REALiX)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52992 2015-08-29] (Toolwiz.com)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-16] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-29] (Intel Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-08-28] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059928 2015-06-23] (Realtek Semiconductor Corp.)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 1999-12-31] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-10-13] (SlimWare Utilities, Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-09-13] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [40768 2015-09-13] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [288016 2015-09-13] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [116496 2015-09-13] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-14 09:27 - 2015-10-14 09:28 - 00017303 _____ C:\Users\Mark\Desktop\FRST.txt
2015-10-14 09:26 - 2015-10-14 09:27 - 00000000 ____D C:\FRST
2015-10-14 09:16 - 2015-10-14 09:26 - 02196480 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2015-10-14 08:07 - 2015-10-14 08:09 - 82735790 _____ C:\Users\Mark\Downloads\5155671.mp4
2015-10-14 07:52 - 2015-10-14 08:00 - 85988203 _____ C:\Users\Mark\Downloads\4910450.mp4
2015-10-14 07:44 - 2015-10-14 07:44 - 00000000 ___HD C:\OneDriveTemp
2015-10-14 07:23 - 2015-10-14 07:23 - 00000000 ____D C:\Users\Mark\Documents\Lenovo
2015-10-14 07:23 - 2015-10-14 07:23 - 00000000 ____D C:\Users\Mark\Documents\CyberLink
2015-10-14 05:55 - 2015-10-14 09:25 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-14 05:34 - 2015-10-14 05:34 - 00001344 _____ C:\Users\Mark\Desktop\Win Fix.lnk
2015-10-13 23:09 - 2015-10-13 23:09 - 00000000 ____D C:\Users\Mark\AppData\Local\DFX
2015-10-13 23:08 - 2015-10-13 23:08 - 00001722 _____ C:\Users\Public\Desktop\DFX.lnk
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\Mark\AppData\Roaming\vlc
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Roaming\vlc
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\HomeGroupUser$
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\Guest\AppData\Roaming\vlc
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\Guest
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\DefaultAccount\AppData\Roaming\vlc
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\DefaultAccount
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
2015-10-13 23:08 - 2015-10-13 23:08 - 00000000 ____D C:\Program Files (x86)\DFX
2015-10-13 23:05 - 2015-10-13 23:05 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Morphyre Visualizer
2015-10-13 23:05 - 2015-10-13 23:05 - 00000000 ____D C:\Users\Mark\AppData\Local\Morphyre
2015-10-13 23:05 - 2015-10-13 23:05 - 00000000 ____D C:\Program Files (x86)\Morphyre
2015-10-13 19:35 - 2015-10-13 19:36 - 00000000 ____D C:\Users\Mark\Documents\Credit
2015-10-13 19:34 - 2015-10-13 19:50 - 00000000 ____D C:\Users\Mark\Documents\Receipts
2015-10-13 19:33 - 2015-10-13 19:33 - 00001279 _____ C:\Users\Mark\Desktop\Documents - Shortcut.lnk
2015-10-13 18:35 - 2015-10-13 18:35 - 00001447 _____ C:\Users\Mark\Desktop\The Last Door Collector's Edition.lnk
2015-10-13 18:26 - 2015-10-13 18:26 - 00003282 _____ C:\WINDOWS\System32\Tasks\Game_Booster_AutoUpdate
2015-10-13 18:26 - 2015-10-13 18:26 - 00001278 _____ C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2015-10-13 18:26 - 2015-10-13 18:26 - 00001266 _____ C:\Users\Public\Desktop\Game Booster 3.lnk
2015-10-13 18:26 - 2015-10-13 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
2015-10-13 18:24 - 2015-10-13 18:24 - 00002488 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Mark
2015-10-13 18:24 - 2015-10-13 18:24 - 00000306 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mark.job
2015-10-13 10:39 - 2015-10-13 10:39 - 82513920 _____ C:\WINDOWS\system32\config\software.regback
2015-10-13 09:55 - 2015-10-13 09:55 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-12 21:15 - 2015-10-12 21:15 - 00542984 _____ (ESGEJ) C:\Users\Mark\Downloads\1444709743.bin
2015-10-11 06:58 - 2015-10-11 06:58 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-11 06:58 - 2015-10-11 06:58 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-11 06:58 - 2015-10-11 06:58 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-11 06:58 - 2015-10-11 06:58 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-11 06:58 - 2015-10-11 06:58 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-11 06:58 - 2015-10-11 06:58 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-11 06:58 - 2015-10-11 06:58 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-08 17:03 - 2015-09-22 19:26 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-08 17:03 - 2015-09-22 19:26 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-07 05:44 - 2015-10-13 07:00 - 00000000 ___HD C:\$WINDOWS.~BT
2015-10-05 14:52 - 2015-10-14 07:41 - 00000270 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Mark.job
2015-10-05 14:52 - 2015-10-05 14:52 - 00002438 _____ C:\WINDOWS\System32\Tasks\ASC8_SkipUac_Mark
2015-10-05 12:21 - 2015-10-05 12:21 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-10-05 10:31 - 2015-10-05 10:31 - 83214336 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-10-05 10:31 - 2015-10-05 10:31 - 00450560 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2015-10-05 10:31 - 2015-10-05 10:31 - 00098304 _____ C:\WINDOWS\system32\config\SAM.iobit
2015-10-05 10:31 - 2015-10-05 10:31 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2015-10-05 04:13 - 2015-10-14 07:46 - 00000000 ____D C:\Users\Mark\AppData\Local\Deployment
2015-10-05 04:04 - 2015-10-05 04:04 - 00000020 ___SH C:\Users\Mark\ntuser.ini
2015-10-05 02:37 - 2015-10-13 07:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-05 02:37 - 2015-10-05 01:49 - 00000000 __SHD C:\Recovery
2015-10-05 02:31 - 2015-10-05 02:31 - 00000000 ____D C:\Windows.old
2015-10-05 02:24 - 2015-10-05 02:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-10-05 02:22 - 2015-10-05 02:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-05 02:22 - 2015-10-05 02:22 - 00000000 ____D C:\Program Files\MSBuild
2015-10-05 02:22 - 2015-10-05 02:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-05 02:22 - 2015-10-05 02:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-05 02:21 - 2015-08-11 22:16 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-05 02:21 - 2015-08-07 21:20 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-05 02:21 - 2015-07-08 19:35 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-05 02:21 - 2015-07-08 19:35 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-05 02:21 - 2015-05-29 19:29 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-10-05 02:21 - 2015-05-29 19:29 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-10-05 02:16 - 2015-10-14 07:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 02:01 - 2015-10-05 02:01 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-05 02:01 - 2015-10-05 02:01 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-10-05 02:01 - 2015-10-05 02:01 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-05 02:01 - 2015-10-05 02:01 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-10-05 02:00 - 2015-10-05 02:00 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-05 01:56 - 2015-10-05 01:56 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-10-05 01:51 - 2015-10-14 05:24 - 00000000 ____D C:\Users\Mark
2015-10-05 01:51 - 2015-10-05 04:05 - 00000000 ___RD C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-05 01:51 - 2015-10-05 02:09 - 00000000 ____D C:\Users\Administrator
2015-10-05 01:51 - 2015-09-13 22:58 - 00000000 __RSD C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-05 01:51 - 2015-09-13 22:58 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-05 01:51 - 2015-09-13 22:57 - 00000000 ___RD C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-05 01:51 - 2015-09-13 22:57 - 00000000 ___RD C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 01:51 - 2015-09-13 22:57 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-05 01:51 - 2015-09-13 22:57 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-05 01:51 - 2015-09-13 22:57 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 01:51 - 2015-09-13 22:57 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-05 01:51 - 2015-09-13 22:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-05 01:47 - 2015-10-05 01:47 - 00000000 ____D C:\Analog
2015-10-05 01:46 - 2015-10-05 01:46 - 00001524 _____ C:\Users\Public\CAFADEBUG.log
2015-10-05 01:46 - 2015-10-05 01:46 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-10-05 01:46 - 2015-10-05 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2015-10-05 01:46 - 2015-04-18 10:26 - 00427224 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2015-10-05 01:46 - 2014-11-26 11:01 - 00004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat
2015-10-05 01:46 - 2013-07-25 14:39 - 00206552 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2015-10-05 01:45 - 2015-10-05 01:56 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-10-05 01:45 - 2015-10-05 01:45 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-10-05 01:44 - 2015-10-11 06:58 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-05 01:44 - 2015-10-11 06:58 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-05 01:44 - 2015-10-05 01:56 - 00000000 ____D C:\ProgramData\Conexant
2015-10-05 01:44 - 2015-10-05 01:56 - 00000000 ____D C:\Program Files\Intel
2015-10-05 01:44 - 2015-10-05 01:56 - 00000000 ____D C:\Program Files\Elantech
2015-10-05 01:44 - 2015-10-05 01:56 - 00000000 ____D C:\Program Files\CONEXANT
2015-10-05 01:43 - 2015-10-05 01:43 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-10-05 01:43 - 2015-10-05 01:43 - 00000000 ____D C:\Program Files\Synaptics
2015-10-05 01:40 - 2015-09-13 22:19 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-10-05 01:39 - 2015-10-05 02:05 - 00395736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-05 01:39 - 2015-10-05 01:39 - 00033817 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-10-04 10:55 - 2015-10-04 10:55 - 00001360 _____ C:\Users\Mark\Desktop\Smart RAM.lnk
2015-10-04 00:29 - 2015-10-04 00:29 - 00000000 ____D C:\Users\Mark\AppData\Local\Essentware
2015-10-04 00:26 - 2015-10-04 00:42 - 00000000 ____D C:\ProgramData\Essentware
2015-10-02 17:20 - 2015-10-02 17:20 - 00002114 _____ C:\Users\Mark\Desktop\FileHippo App Manager.lnk
2015-10-02 12:17 - 2015-10-02 12:19 - 00000000 ____D C:\Program Files\safe
2015-09-28 17:22 - 2015-06-23 18:38 - 03059928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2015-09-28 17:22 - 2015-06-23 18:33 - 00559832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamX64.dll
2015-09-28 17:22 - 2015-06-23 18:33 - 00495320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamX.dll
2015-09-28 17:22 - 2015-06-01 14:58 - 05052120 _____ (Realtek semiconductor) C:\WINDOWS\RTFTrack.exe
2015-09-28 17:22 - 2015-03-24 13:51 - 02627288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe
2015-09-28 17:22 - 2014-10-20 21:02 - 01157563 _____ C:\WINDOWS\FTDataP.xml
2015-09-28 17:22 - 2014-10-20 21:02 - 00946032 _____ C:\WINDOWS\FTData.xml
2015-09-28 17:22 - 2014-10-20 21:02 - 00817241 _____ C:\WINDOWS\FTDataR1.xml
2015-09-28 17:22 - 2014-10-20 21:02 - 00817191 _____ C:\WINDOWS\FTDataR0.xml
2015-09-28 17:22 - 2014-10-09 16:40 - 01971928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsDecode.dll
2015-09-25 07:10 - 2015-10-14 09:07 - 00000000 _____ C:\Users\Mark\AppData\LocalLow\rightsCheck_1.txt
2015-09-25 07:04 - 2015-09-25 07:04 - 00001843 _____ C:\Users\Mark\Desktop\Dashlane.lnk
2015-09-25 07:04 - 2015-09-25 07:04 - 00000000 ____D C:\Users\Mark\AppData\LocalLow\Dashlane
2015-09-25 07:03 - 2015-10-05 01:55 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2015-09-25 07:03 - 2015-09-25 07:04 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Dashlane
2015-09-25 07:03 - 2015-09-25 07:04 - 00000000 ____D C:\Program Files (x86)\Dashlane
2015-09-22 09:13 - 2015-09-22 09:13 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-18 14:34 - 2015-09-18 14:34 - 00002469 _____ C:\Users\Mark\Desktop\Flickr Uploadr.lnk
2015-09-18 14:02 - 2015-10-05 12:24 - 00000000 ____D C:\Users\Mark\AppData\Local\ActiveSync
2015-09-18 13:52 - 2015-09-18 13:52 - 00000000 ____D C:\Users\Mark\Documents\Fragments
2015-09-18 13:39 - 2015-09-18 13:39 - 00000000 ___RD C:\Users\Mark\3D Objects
2015-09-18 13:23 - 2015-10-05 04:14 - 00002391 _____ C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-16 08:29 - 2015-10-05 01:55 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flickr
2015-09-16 08:29 - 2015-09-16 08:29 - 00000000 ____D C:\Users\Mark\AppData\Local\IsolatedStorage
2015-09-16 08:29 - 2015-09-16 08:29 - 00000000 ____D C:\Users\Mark\AppData\Local\Flickr
2015-09-16 08:28 - 2015-09-18 14:34 - 00000000 ____D C:\Users\Mark\AppData\Local\FlickrUploadrWindows
2015-09-16 08:28 - 2015-09-16 08:29 - 00000000 ____D C:\Users\Mark\AppData\Local\SquirrelTemp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-14 09:24 - 2015-09-03 22:03 - 00000000 ____D C:\Users\Mark\Downloads\tweaking
2015-10-14 08:43 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-14 08:38 - 2015-09-05 06:56 - 00006431 _____ C:\WINDOWS\SysWOW64\The Lost Watch II NV.log
2015-10-14 07:44 - 2015-05-13 09:54 - 00000000 ____D C:\Users\Mark\OneDrive
2015-10-14 07:41 - 2015-09-13 21:31 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-14 05:27 - 2015-09-05 10:12 - 00001172 _____ C:\Users\Mark\Desktop\Toolwiz Care.lnk
2015-10-14 05:12 - 2014-02-18 14:56 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16426344-36EA-4882-9F34-CEF105EBF2E6}
2015-10-13 21:20 - 2015-09-05 06:58 - 00006113 _____ C:\WINDOWS\SysWOW64\Western Railway NV.log
2015-10-13 20:49 - 2015-09-05 06:53 - 00015647 _____ C:\WINDOWS\SysWOW64\Sun Village NV.log
2015-10-13 18:41 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-13 18:36 - 2014-02-18 14:16 - 00000000 ____D C:\Users\Mark\AppData\Local\Packages
2015-10-13 18:26 - 2015-08-28 07:34 - 00000000 ____D C:\Program Files (x86)\IObit
2015-10-13 10:57 - 2015-08-31 13:14 - 00016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2015-10-13 10:56 - 2015-08-30 18:51 - 00001059 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-10-13 10:56 - 2015-08-30 18:51 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-13 10:56 - 2015-08-30 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-13 10:49 - 2015-08-30 18:51 - 00000000 ____D C:\Program Files\WinRAR
2015-10-13 10:26 - 2015-08-31 12:14 - 00002281 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-10-12 17:26 - 2015-09-05 08:05 - 00000917 _____ C:\Users\Mark\Desktop\Start Tor Browser.lnk
2015-10-12 17:14 - 2015-09-04 15:20 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Riverpoint Writer
2015-10-12 11:42 - 2015-09-04 12:57 - 00006882 _____ C:\lxcz.log
2015-10-12 10:24 - 2015-09-13 22:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-10 19:32 - 2015-08-03 11:39 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-10 15:38 - 2015-09-04 15:20 - 00002056 _____ C:\Users\Mark\Desktop\Riverpoint Writer.lnk
2015-10-10 15:33 - 2014-09-10 12:51 - 00000000 ____D C:\Users\Mark\AppData\Roaming\HpUpdate
2015-10-08 10:36 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\restore
2015-10-06 22:36 - 2014-09-08 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-05 15:25 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-05 12:38 - 2015-08-29 14:41 - 00000000 ____D C:\Users\Mark\AppData\Local\ToolwizCareFree
2015-10-05 11:17 - 2014-02-23 22:29 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1047955054-1064664553-3060372006-1004
2015-10-05 04:18 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\appcompat
2015-10-05 04:07 - 2015-09-13 22:56 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-10-05 04:07 - 2015-09-13 22:56 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-10-05 04:06 - 2015-09-13 22:56 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-10-05 02:37 - 2015-09-13 22:57 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-10-05 02:31 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 02:27 - 2015-09-13 21:31 - 00000000 __RHD C:\Users\Default
2015-10-05 02:26 - 2015-09-13 21:31 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-05 02:26 - 2015-08-03 10:39 - 00036198 _____ C:\WINDOWS\diagwrn.xml
2015-10-05 02:26 - 2015-08-03 10:39 - 00036198 _____ C:\WINDOWS\diagerr.xml
2015-10-05 02:17 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\Registration
2015-10-05 02:16 - 2015-08-03 11:52 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-10-05 02:13 - 2015-09-13 22:56 - 00000000 __RSD C:\WINDOWS\Media
2015-10-05 02:12 - 2015-09-13 22:56 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-05 02:10 - 2013-10-18 21:45 - 00897442 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-05 02:01 - 2015-09-13 22:56 - 00000000 __RSD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-05 02:01 - 2015-09-13 22:56 - 00000000 __RSD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-05 02:01 - 2015-09-13 22:56 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-05 02:01 - 2015-09-13 22:56 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-05 02:01 - 2015-08-22 20:37 - 00000000 ____D C:\Users\Default.migrated
2015-10-05 01:58 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-05 01:58 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-05 01:58 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-10-05 01:58 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\spool
2015-10-05 01:58 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-10-05 01:58 - 2015-08-30 13:48 - 00000000 ____D C:\WINDOWS\SysWOW64\Packages
2015-10-05 01:58 - 2013-10-18 21:44 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-10-05 01:58 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-10-05 01:58 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-10-05 01:57 - 2015-09-13 23:36 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\InputMethod
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\IME
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\Cursors
2015-10-05 01:57 - 2015-09-13 22:56 - 00000000 ____D C:\ProgramData\USOPrivate
2015-10-05 01:57 - 2015-09-06 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-05 01:57 - 2015-09-05 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
2015-10-05 01:57 - 2015-09-05 06:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3Planesoft
2015-10-05 01:57 - 2015-09-03 19:11 - 00000000 ____D C:\WINDOWS\system32\Icon Changer
2015-10-05 01:57 - 2015-08-31 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leisure Suit Larry- Magna Cum Laude [GOG.com]
2015-10-05 01:57 - 2015-08-31 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Chipset Driver for Windows 10
2015-10-05 01:57 - 2015-08-31 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-10-05 01:57 - 2015-08-31 10:20 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-10-05 01:57 - 2015-08-30 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-10-05 01:57 - 2015-08-29 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree
2015-10-05 01:57 - 2015-08-29 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-10-05 01:57 - 2015-08-28 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-10-05 01:57 - 2015-08-28 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-10-05 01:57 - 2015-08-28 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-10-05 01:57 - 2014-09-10 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-10-05 01:57 - 2014-09-09 08:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-10-05 01:57 - 2014-03-01 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-05 01:57 - 2013-10-18 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-10-05 01:57 - 2013-10-18 22:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-10-05 01:57 - 2013-10-18 21:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-10-05 01:57 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-10-05 01:56 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-10-05 01:56 - 2015-09-13 22:56 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-10-05 01:56 - 2015-09-13 22:56 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-05 01:56 - 2015-09-13 22:56 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-05 01:56 - 2013-08-22 08:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-10-05 01:55 - 2015-09-04 15:20 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riverpoint Writer
2015-10-05 01:55 - 2015-08-29 10:11 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-10-05 01:55 - 2015-08-16 15:27 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2015-10-05 01:55 - 2015-08-15 16:02 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-10-05 01:55 - 2015-02-18 15:41 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Drive
2015-10-05 01:53 - 2015-08-29 17:46 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-10-05 01:49 - 2015-09-13 21:31 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-10-03 23:02 - 2015-08-28 07:35 - 00000000 ____D C:\ProgramData\ProductData
2015-10-02 17:20 - 2015-08-31 16:15 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2015-10-02 11:48 - 2015-02-18 15:41 - 00000000 ____D C:\Users\Mark\AppData\Local\Amazon Cloud Drive
2015-09-28 17:25 - 2014-02-18 15:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-28 17:22 - 2013-10-18 21:45 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-28 17:22 - 2013-10-18 21:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-28 15:05 - 2014-09-10 12:51 - 00002203 _____ C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
2015-09-25 04:01 - 2014-09-08 20:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-24 14:42 - 2015-09-05 08:05 - 00000000 ____D C:\Users\Mark\Desktop\Tor Browser
2015-09-24 09:20 - 2015-08-28 07:21 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-24 09:20 - 2015-08-28 07:21 - 00000000 ____D C:\Program Files\CCleaner
2015-09-24 01:58 - 2014-02-18 14:14 - 00000000 ____D C:\Users\Mark\AppData\Local\Pokki
2015-09-18 15:14 - 2014-02-18 17:18 - 00002178 _____ C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk
2015-09-18 15:13 - 2014-09-09 08:33 - 00002055 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2015-09-18 15:11 - 2013-10-18 22:05 - 00002290 _____ C:\Users\Public\Desktop\OneKey Recovery.lnk
2015-09-18 13:52 - 2014-02-18 14:16 - 00000000 ____D C:\Users\Mark\AppData\Roaming\Adobe
2015-09-18 04:53 - 2015-08-28 07:35 - 00000000 ____D C:\Users\Mark\AppData\LocalLow\IObit
2015-09-18 04:53 - 2015-08-28 07:34 - 00000000 ____D C:\Users\Mark\AppData\Roaming\IObit
2015-09-18 04:52 - 2015-08-29 17:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2015-09-18 04:52 - 2015-08-29 17:45 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\IObit
2015-09-16 20:15 - 2015-09-11 17:27 - 00023040 ___SH C:\Users\Mark\Documents\Thumbs.db
2015-09-16 16:36 - 2015-09-01 16:03 - 00000000 ___RD C:\Users\Mark\Downloads\Wallpapers
2015-09-16 05:00 - 2015-08-30 13:59 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-16 03:54 - 2015-08-30 14:17 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
==================== Files in the root of some directories =======
2014-02-18 15:53 - 2014-02-18 15:53 - 0000854 _____ () C:\Users\Mark\AppData\Local\7396d5af-93b3-4d36-bfec-04bbd1449761.dat
2014-02-18 15:59 - 2014-02-18 15:59 - 0000230 _____ () C:\Users\Mark\AppData\Local\7503b544-1da1-41bd-9a97-c10e56473c87.dat
2014-02-18 15:59 - 2014-02-18 15:59 - 0000278 _____ () C:\Users\Mark\AppData\Local\819a5338-4e09-4bd6-934a-3195082a227b.dat
2015-01-15 17:03 - 2015-01-15 17:03 - 0000064 _____ () C:\Users\Mark\AppData\Local\97e87f60142e63a0fb6d740b838a8430
2014-02-18 15:59 - 2014-02-18 15:59 - 0000230 _____ () C:\Users\Mark\AppData\Local\9d7393b1-8d9b-4753-9e09-9b020bea1a7b.dat
2014-12-27 16:28 - 2015-03-27 15:19 - 0009216 _____ () C:\Users\Mark\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-10 12:47 - 2014-09-10 12:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-10-05 01:45 - 2015-10-05 01:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-05 01:38
==================== End of FRST.txt ============================
Here is the results of the additional test’s it ran.
Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-10-2015
Ran by Mark (2015-10-14 09:28:34)
Running from C:\Users\Mark\Desktop
Windows 10 Home Insider Preview (X64) (2015-10-05 09:28:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1047955054-1064664553-3060372006-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1047955054-1064664553-3060372006-503 - Limited - Disabled)
Guest (S-1-5-21-1047955054-1064664553-3060372006-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1047955054-1064664553-3060372006-1003 - Limited - Enabled)
Mark (S-1-5-21-1047955054-1064664553-3060372006-1001 - Administrator - Enabled) => C:\Users\Mark
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3Planesoft Screensaver Manager 1.4 (HKLM-x32\...\3Planesoft Screensaver Manager_is1) (Version: 1.4 - 3Planesoft)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.2 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.193 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
Amazon Cloud Drive (HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Amazon Cloud Drive) (Version: 2.2.4.6 - Amazon Digital Services, LLC.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dashlane (HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Dashlane) (Version: 3.5.2.91395 - Dashlane SAS)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DFX (HKLM-x32\...\DFX) (Version: 11.401.0.0 - Power Technology)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)
Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Flickr Uploadr for Windows (HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\FlickrUploadrWindows) (Version: 0.9.94.252 - Flickr)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\Pokki) (Version: 0.269.7.768 - Pokki)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel® Chipset Device Software (x32 Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Leisure Suit Larry - Magna Cum Laude (HKLM-x32\...\{A31289C6-04EF-4437-A35B-7CC96167145C}) (Version: 1.00.0001 - )
Leisure Suit Larry- Magna Cum Laude (HKLM-x32\...\GOGPACKLARRYMCL_is1) (Version: 2.0.0.3 - GOG.com)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11107 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\cbe8636f7dd0cf1d) (Version: 1.5.0.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Logos 5 Prerequisites (HKLM-x32\...\{3B4DBF05-BB80-4C16-B007-4239B1F386E7}) (Version: 5.34.1627 - Logos Bible Software)
Logos Bible Software (HKLM-x32\...\{6E746566-C98F-4BE9-893F-1D2F75ABDD30}) (Version: 5.34.1629 - Logos Bible Software)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Morphyre (HKLM-x32\...\Morphyre) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Riverpoint Writer (HKLM-x32\...\FF389026-F961-42C5-BACD-B4A3AA73E0F3) (Version: 2.0.0.12 - Apollo Group, Inc.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.2 - IObit)
Sun Village NV 3D Screensaver 1.1 (HKLM-x32\...\Sun Village NV 3D Screensaver_is1) (Version: 1.1 - 3Planesoft)
The Lost Watch II NV 3D Screensaver 1.0 (HKLM-x32\...\The Lost Watch II NV 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Toolwiz Care (HKLM-x32\...\ToolwizCareFree) (Version: 3.1.0.5500 - ToolWiz Care)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
Western Railway NV 3D Screensaver 2.0 (HKLM-x32\...\Western Railway NV 3D Screensaver_is1) (Version: 2.0 - 3Planesoft)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.30 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.5 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net)
Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
08-10-2015 10:36:10 Scheduled Checkpoint
12-10-2015 10:23:34 Windows Modules Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-08-31 11:00 - 2015-08-31 11:00 - 00001861 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.iobit.com
127.0.0.1 www.asc55.iobit.com
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
There are 1 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10D5C895-3B7B-4196-AA0B-DABAC5E333F6} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2015-10-13] ()
Task: {1A9C3806-5003-4580-BCB0-8675D7DD8881} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1047955054-1064664553-3060372006-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {1F000467-0CF4-4C79-BB76-BE4C370C83F8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-11] (Microsoft Corporation)
Task: {22B7A178-F12B-4B28-8414-7988A12B38E7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {307D838A-1101-4B99-B739-0960E4C150B6} - \Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization -> No File <==== ATTENTION
Task: {491C2C37-63BE-45AA-B698-A3BDF1BCDDBA} - \Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization -> No File <==== ATTENTION
Task: {54C20C7D-A430-4EA4-BD70-5B538E480084} - \Microsoft\Windows\DUSM\dusmtask -> No File <==== ATTENTION
Task: {5E3DB0A4-4110-43F0-9AB5-4087CFE75CCD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {670FAABD-349E-44C6-B37E-DD0E3796F5FF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {77765387-EDA9-48A8-904D-8D0EFC5AF68D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7E4106FB-9171-4610-8891-F942C38B0E4D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {86F0029C-2903-4739-9CBE-25BF9EB6CC3D} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {8A406EC9-523D-4028-953E-E58608560B00} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A154AF0A-2C01-489F-AC6B-DE03D14CAC56} - \Microsoft\Windows\License Manager\TempSignedLicenseExchange -> No File <==== ATTENTION
Task: {AF25EE58-18C9-430C-BA53-C23D92C296AF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFC500B5-17A1-4962-8D19-3CA124F4F378} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-28] (Microsoft Corporation)
Task: {B0DBD154-29E0-44BB-B37D-AC457C8154A5} - \Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask -> No File <==== ATTENTION
Task: {B355D481-B4A3-4BFD-B556-017309177262} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CB9C9358-8418-44DF-965A-2D705AC50E51} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {CF4E5B7F-3753-4A05-A3E9-8A7EEF18281E} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1047955054-1064664553-3060372006-1001
Task: {D3E41DDA-B15F-48C7-AB87-6235FA596289} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {D40922E3-1673-4517-8A3D-9FB7FE7D79D3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {D6FE1257-1581-4445-AE36-756A0AD99DB9} - System32\Tasks\ASC8_SkipUac_Mark => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-05-08] (IObit)
Task: {DD28D925-3030-465D-8B4D-A9A38403292E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DE705366-20D2-4215-BFE1-5461AB11DBA0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {DFB914CE-0A5B-45A1-B9C4-344786765563} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {DFDB2177-41B7-4E48-B116-312CD13FC9BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E28427B9-7E63-47C4-A37B-6070252FEDA2} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> No File <==== ATTENTION
Task: {E896703B-0B67-4904-A0AA-60AEDEAC6B25} - System32\Tasks\Uninstaller_SkipUac_Mark => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {F37B914F-3FD9-4FD9-B236-1EFC98370EE7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FB4A149C-1923-440F-AF23-17CCDBB93193} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Mark.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mark.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-13 22:22 - 2015-09-13 22:22 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-09-13 22:23 - 2015-09-13 22:23 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-09-25 03:59 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-09-13 22:23 - 2015-09-13 22:23 - 02613504 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-13 22:23 - 2015-09-13 22:23 - 02613504 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-16 05:19 - 2015-08-11 20:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-09-13 22:19 - 2015-09-13 22:19 - 00476160 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-13 22:31 - 2015-09-13 22:31 - 07446016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-13 22:31 - 2015-09-13 22:31 - 00559104 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-13 22:31 - 2015-09-13 22:31 - 01885184 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-13 22:31 - 2015-09-13 22:31 - 03761152 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-25 07:04 - 2015-09-03 08:48 - 00227648 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\Dashlane.exe
2015-09-25 07:04 - 2015-09-03 08:48 - 00285504 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\DashlanePlugin.exe
2015-10-04 06:14 - 2015-10-04 06:16 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-04 06:14 - 2015-10-04 06:16 - 10814464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-09-29 19:02 - 2015-09-29 19:03 - 08395776 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-09-29 19:02 - 2015-09-29 19:03 - 02311680 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 06068736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\24c00699afaf5b1f3eb9c34013860ad3\Windows.UI.Xaml.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 04212736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\755032d4f505f8511ff091bcb35fadfa\Windows.ApplicationModel.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 00302080 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\4476e9fdc1b3b5976fe51a0b109a3862\Windows.Globalization.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 00497152 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\b379b9fc0b4248f2d1d0f58b01d6773b\Windows.Foundation.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 01193984 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\29b4f6182c190fa8e7cf7d8af4870ba4\Windows.Storage.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 01808896 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\9e7fd01840e6323a6d6d296977958961\Windows.Networking.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 00977920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\cceb7c13430c510920c4075c20cfd09d\Windows.Security.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 01822208 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\46c65d39480e799a59047a0b9f8bad7f\Windows.UI.ni.dll
2015-10-07 11:50 - 2015-10-07 11:50 - 01243136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Web\59f66782841d9f3f8abec09b1c2e519b\Windows.Web.ni.dll
2015-10-07 11:49 - 2015-10-07 11:49 - 00485888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\77ff0aa28ea0b42ee5e4f82383fd55ba\Windows.System.ni.dll
2015-08-31 12:14 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-08-31 12:14 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-08-31 12:14 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-09-25 07:04 - 2015-09-03 08:44 - 00337728 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:44 - 00421696 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:45 - 00443200 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:45 - 31364416 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:45 - 00276288 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:44 - 05763392 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:44 - 06979904 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:45 - 13231424 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:45 - 02072896 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.3.5.2.91395.dll
2015-09-25 07:04 - 2015-09-03 08:45 - 00338240 _____ () C:\Users\Mark\AppData\Roaming\Dashlane\3.5.2.91395\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.3.5.2.91395.dll
2014-02-18 21:48 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-11-15 00:01 - 2014-11-15 00:01 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0CA8EFF8
AlternateDataStreams: C:\Users\Mark\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "lxczbmgr.exe"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "MalwareProtectionLive"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "SmartAudio"
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 1510 series.lnk"
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_96D28242BA1FDBE7F82E6712BD4F4597"
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-1047955054-1064664553-3060372006-1001\...\StartupApproved\Run: => "FlickrUploadr"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{45FAC2AE-2200-40E9-BDD1-2B260BB1FC11}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F956386F-DFAB-4444-8E47-74F05F335675}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{51F3910A-0F41-4528-AB05-DF26539F0A8B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{6BE9CC73-E92E-4595-B3E5-04A224349C38}] => (Allow) LPort=1900
FirewallRules: [{40AF3C18-2DAA-4CAD-B825-675547E7F896}] => (Allow) LPort=7900
FirewallRules: [{EF93CACC-BB33-44C7-B47D-03C3C8E1A260}] => (Allow) LPort=24234
FirewallRules: [{78CC959A-C72A-4FB9-9921-1ED18A6A2520}] => (Allow) LPort=7679
FirewallRules: [{9A86EC64-AADE-4EFE-AF6C-1D850E85A286}] => (Allow) LPort=7676
FirewallRules: [{123C35C3-94F0-477A-BEEF-2B89BFE9D863}] => (Allow) LPort=8643
FirewallRules: [{FF515A0E-A3E4-4E82-9CAF-516A70CB3AA1}] => (Allow) LPort=8743
FirewallRules: [{49E784DC-00EB-48C4-A9C4-B88DA998F3A5}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxczpswx.exe
FirewallRules: [{74310272-1BBC-42A9-A0D1-9E14F41E893B}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxczpswx.exe
FirewallRules: [{2B7A6144-D7A0-4A91-85A6-6E763819A620}] => (Allow) C:\Windows\System32\lxczcoms.exe
FirewallRules: [{97CF5248-4086-4EDD-87E4-CD8D12ECD326}] => (Allow) C:\Windows\System32\lxczcoms.exe
FirewallRules: [{1A403553-056B-4902-AEDB-8BEA6E8AE2D4}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E499404D-6BA7-42CC-BC29-550C6E18B567}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{9C5ABEDF-B74E-4DAA-A230-142C5593F663}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{05C48966-EE58-422C-BA86-898D2BF9A806}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{C47A582F-CA01-4546-A84E-7A339D2975D5}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0023AF49-759C-48EB-9173-8F51753A75B1}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{809D3679-669C-46FD-9DA3-F2A4FE2953E2}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{2681A7C6-F774-4230-B9B4-AE490E18A754}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{F586EC91-2C2B-44EA-8630-FB4B082B1BD9}C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe] => (Allow) C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe
FirewallRules: [UDP Query User{FAEEBA2B-4813-4CD3-8A25-513EE0D3D401}C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe] => (Allow) C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe
FirewallRules: [TCP Query User{CF920C27-9190-4147-9394-E26F4AB18245}C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe
FirewallRules: [UDP Query User{B9757535-D1FC-4670-B27B-50A6A341901D}C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/14/2015 07:41:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.10547.0, time stamp: 0x55f614f9
Faulting module name: windows.storage.dll, version: 10.0.10547.0, time stamp: 0x55f61c55
Exception code: 0xc0000005
Fault offset: 0x0000000000286db6
Faulting process id: 0x120c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
Error: (10/14/2015 07:40:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PickerHost.exe, version: 10.0.10547.0, time stamp: 0x55f6189b
Faulting module name: windows.storage.dll, version: 10.0.10547.0, time stamp: 0x55f61c55
Exception code: 0xc0000005
Fault offset: 0x0000000000286db6
Faulting process id: 0x13b0
Faulting application start time: 0xPickerHost.exe0
Faulting application path: PickerHost.exe1
Faulting module path: PickerHost.exe2
Report Id: PickerHost.exe3
Faulting package full name: PickerHost.exe4
Faulting package-relative application ID: PickerHost.exe5
Error: (10/14/2015 07:39:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PickerHost.exe, version: 10.0.10547.0, time stamp: 0x55f6189b
Faulting module name: windows.storage.dll, version: 10.0.10547.0, time stamp: 0x55f61c55
Exception code: 0xc0000005
Fault offset: 0x0000000000286db6
Faulting process id: 0xf40
Faulting application start time: 0xPickerHost.exe0
Faulting application path: PickerHost.exe1
Faulting module path: PickerHost.exe2
Report Id: PickerHost.exe3
Faulting package full name: PickerHost.exe4
Faulting package-relative application ID: PickerHost.exe5
Error: (10/13/2015 08:31:26 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid
Error: (10/13/2015 08:31:26 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid
Error: (10/13/2015 06:43:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (3276) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Mark\AppData\Local\Microsoft\Windows\WebCache\V010006D.log.
Error: (10/13/2015 06:41:23 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid
Error: (10/13/2015 06:39:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.10547.0, time stamp: 0x55f614f9
Faulting module name: windows.storage.dll, version: 10.0.10547.0, time stamp: 0x55f61c55
Exception code: 0xc0000005
Fault offset: 0x0000000000286db6
Faulting process id: 0x1da8
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
Error: (10/13/2015 06:38:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.10547.0, time stamp: 0x55f614f9
Faulting module name: windows.storage.dll, version: 10.0.10547.0, time stamp: 0x55f61c55
Exception code: 0xc0000005
Fault offset: 0x0000000000286db6
Faulting process id: 0x2170
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
Error: (10/13/2015 01:57:24 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler8
System errors:
=============
Error: (10/14/2015 08:36:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Windows Malicious Software Removal Tool for Windows Technical Preview and Server Technical Preview 2 x64 - October 2015 (KB890830).
Error: (10/14/2015 07:44:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (10/14/2015 07:42:23 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error Code: 126
Error: (10/14/2015 05:40:24 AM) (Source: DCOM) (EventID: 10016) (User: MARKS_COMPUTER)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Marks_ComputerMarkS-1-5-21-1047955054-1064664553-3060372006-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (10/14/2015 05:25:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error Code: 126
Error: (10/13/2015 08:32:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error Code: 126
Error: (10/13/2015 06:42:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error Code: 126
Error: (10/13/2015 12:08:57 PM) (Source: DCOM) (EventID: 10016) (User: MARKS_COMPUTER)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marks_ComputerMarkS-1-5-21-1047955054-1064664553-3060372006-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/13/2015 12:08:57 PM) (Source: DCOM) (EventID: 10016) (User: MARKS_COMPUTER)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marks_ComputerMarkS-1-5-21-1047955054-1064664553-3060372006-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/13/2015 12:08:57 PM) (Source: DCOM) (EventID: 10016) (User: MARKS_COMPUTER)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marks_ComputerMarkS-1-5-21-1047955054-1064664553-3060372006-1001LocalHost (Using LRPC)UnavailableUnavailable
CodeIntegrity:
===================================
Date: 2015-10-14 04:42:50.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:42:50.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:42:50.134
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:42:50.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:42:31.573
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:42:31.563
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:42:30.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:42:30.771
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:28:27.765
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-14 04:28:27.748
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 51%
Total physical RAM: 3993.77 MB
Available physical RAM: 1948.7 MB
Total Virtual: 4493.77 MB
Available Virtual: 2181.63 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:893.22 GB) (Free:648.81 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 26FF69CD)
Partition: GPT.
==================== End of Addition.txt ============================
I appreciate any help I might get.....
Edited by marknorth, 14 October 2015 - 06:19 PM.