[SOLVED] SFC Scan Found Corrupted Files Windows 10

ASUS23

Active member
Joined
Apr 26, 2016
Posts
38
I've been trying to fix this for 2 days but I haven't been able to. Doing a windows update doesn't work no matter how I do it. Downloading the 4gb Windows ISO file, mounting an image, using the media tool and downloading windows again and then trying to update it via the USB, using DSIM and trying to find the source file by moving the file to different drives and writing the
DISM /Online /Cleanup-Image /RestoreHealth /source:WIM:d:\sources\install.wim:1 /LimitAccess command a million different ways and nothing works.

I made a log file of the sfc scan and I am attaching it. If anyone can help me fix the corrupted files in my Windows 10 I would appreciate it.

View attachment cbs.zip
 
It appears you are missing some shortcuts so it's a minor corruption. I've seen this caused when 3rd party registry/cleaning tools are run.

I would like you to follow the steps below (even if you have done it previously).

1. Download the Media Creation Tool and save this to your desktop. Go ahead and run this as well. Note: Click the Download tool now button when you get to this link.
2. Accept the License Agreement
3. Keep the default Upgrade this PC option and click Next.
4. Let this process complete the upgrade to the newest build and let me know when complete.

Thanks.
 
After using the media creation tool and downloading Windows 10 again for the third time, I get an error that says "Modern Setup Host has stopped working". I was in the process of checking for updates, which took over 1 hour just to check for updates. I have 43 GB of space left on my computer so that shoudn't be a problem. I had deleted the previous installation files from the temp folder so that shouldn't be a problem either.
 
OK. Please do the following.

Step#1 - DISM /RestoreHealth Scan
Warning:this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

  1. Right-click on the Start
    w8start.png
    button and select Command Prompt (Admin)
  2. When command prompt opens, Copy (Ctrl+C) and Paste (Right-click > Paste) the following command into it, then press Enter
    Dism /Online /Cleanup-Image /RestoreHealth
  3. Once it finishes, copy and paste the following into the command-prompt window and press Enter. If prompted to overwrite the existing file go ahead.
    copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
  4. Once this has completed please go to your Desktop and you will find CBS.txt => Please zip/upload to this thread.
    Please Note:: if the file is too big (over 7MB) to upload to your next post, please upload via a service such as Dropbox or One Drive or SendSpace and just provide the link.
 
OK. Let's replace your missing files first and then address Windows Update. Please do the following.

Step#1 - SFCFix Script
Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

  1. Download SFCFix.exe (by niemiro) and save this to your Desktop. If you still have this on your desktop from downloading previously, you don't need to re-download.
  2. Download the file below, SFCFix.zip, and save this to your Desktop. Ensure that this file is named SFCFix.zip - do not rename it.
  3. Save any open documents and close all open windows.
  4. On your Desktop, you should see two files: SFCFix.exe and SFCFix.zip.
  5. Drag the file SFCFix.zip onto the file SFCFix.exe and release it.
  6. SFCFix will now process the script.
  7. Upon completion, a file should be created on your Desktop: SFCFix.txt.
  8. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this file into your next post for me to analyse please

Step#2 - DISM /RestoreHealth Scan
Warning:this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.
  1. Right-click on the Start
    w8start.png
    button and select Command Prompt (Admin)
  2. When command prompt opens, Copy (Ctrl+C) and Paste (Right-click > Paste) the following command into it, then press Enter
    Dism /Online /Cleanup-Image /RestoreHealth
  3. Once it finishes, copy and paste the following into the command-prompt window and press Enter. If prompted to overwrite the existing file go ahead.
    copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
  4. Once this has completed please go to your Desktop and you will find CBS.txt => Please zip/upload to this thread.
    Please Note:: if the file is too big (over 7MB) to upload to your next post, please upload via a service such as Dropbox or One Drive or SendSpace and just provide the link.


Items for your next post
1. SFCFix.txt
2. CBS.txt
 

Attachments

SFCFix version 3.0.0.0 by niemiro.
Start time: 2016-04-30 11:11:53.887
Microsoft Windows 10 Build 10240 - amd64
Using .zip script file at C:\Users\C\Desktop\SFCFix.zip [0]




PowerCopy::
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\x86_microsoft-windows-m..nts-mdac-rds-ce-jvs_31bf3856ad364e35_10.0.10240.16384_none_0d9b4ea224376197\adcjavas.inc
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_56a5035f0cc518cc\ODBC Data Sources (32-bit).lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_taskschedulersettings_31bf3856ad364e35_10.0.10240.16384_none_52eb75789f0a2f2a\Task Scheduler.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_networking-mpssvc_31bf3856ad364e35_10.0.10240.16384_none_1279f88853d7ed1e\Windows Firewall with Advanced Security.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-xpsreachviewer_31bf3856ad364e35_10.0.10240.16384_none_1d1bc52ee8e4cc32\XPS Viewer.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.10240.16384_none_35baeae20792cf65\Wordpad.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.10240.16384_none_55dcbf43bbc4daa2\Remote Desktop Connection.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.10240.16384_none_d2a1f4c6eb98bc14\Math Input Panel.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-sud-link_31bf3856ad364e35_10.0.10240.16384_none_d72e8d0d677dbba1\Default Programs.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-stickynotes-app_31bf3856ad364e35_10.0.10240.16384_none_f54728ac53f8da94\Sticky Notes.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.10240.16384_none_a1c473de24503e86\Snipping Tool.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.10240.16384_none_d7645452e0682f87\services.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-securestartup-cpl_31bf3856ad364e35_10.0.10240.16384_none_5f86c90325c5aa52
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Performance Monitor.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Resource Monitor.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.10240.16384_none_961df853893f03be\Paint.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.10240.16384_none_b3dcd885945b93dc\System Information.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.10240.16384_none_e27ab032386d5b35\System Configuration.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.10240.16384_none_b6d1e3f2e862a82a\Windows Media Player.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.10240.16384_none_9bd70deb1464ceed\Memory Diagnostics Tool.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_4c50590cd86456d1\ODBC Data Sources (64-bit).lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.10240.16384_none_dfeb9c5ff6bf29c8\iSCSI Initiator.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.10240.16384_none_80fa1e15c313af85\Windows Fax and Scan.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.10240.16384_none_a116806d2af23e0d\dfrgui.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.10240.16384_none_7544a80ff8391bd7\Disk Cleanup.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.10240.16384_none_fa5a2f0d3f08718c\Character Map.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.10240.16384_none_531691da110444d9\Computer Management.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.10240.16384_none_da92c3787526666b\Component Services.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.10240.16384_none_b6e74c8e862c9bea\Task Manager.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.10240.16384_none_e2f202dae5a70d92\Steps Recorder.lnk
Successfully took permissions for file or folder C:\WINDOWS\Winsxs\amd64_eventviewersettings_31bf3856ad364e35_10.0.10240.16384_none_fcf849b59e606ea6\Event Viewer.lnk

Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\x86_microsoft-windows-m..nts-mdac-rds-ce-jvs_31bf3856ad364e35_10.0.10240.16384_none_0d9b4ea224376197\adcjavas.inc to C:\WINDOWS\Winsxs\x86_microsoft-windows-m..nts-mdac-rds-ce-jvs_31bf3856ad364e35_10.0.10240.16384_none_0d9b4ea224376197\adcjavas.inc.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_56a5035f0cc518cc\ODBC Data Sources (32-bit).lnk to C:\WINDOWS\Winsxs\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_56a5035f0cc518cc\ODBC Data Sources (32-bit).lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_taskschedulersettings_31bf3856ad364e35_10.0.10240.16384_none_52eb75789f0a2f2a\Task Scheduler.lnk to C:\WINDOWS\Winsxs\amd64_taskschedulersettings_31bf3856ad364e35_10.0.10240.16384_none_52eb75789f0a2f2a\Task Scheduler.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_networking-mpssvc_31bf3856ad364e35_10.0.10240.16384_none_1279f88853d7ed1e\Windows Firewall with Advanced Security.lnk to C:\WINDOWS\Winsxs\amd64_networking-mpssvc_31bf3856ad364e35_10.0.10240.16384_none_1279f88853d7ed1e\Windows Firewall with Advanced Security.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-xpsreachviewer_31bf3856ad364e35_10.0.10240.16384_none_1d1bc52ee8e4cc32\XPS Viewer.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-xpsreachviewer_31bf3856ad364e35_10.0.10240.16384_none_1d1bc52ee8e4cc32\XPS Viewer.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.10240.16384_none_35baeae20792cf65\Wordpad.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.10240.16384_none_35baeae20792cf65\Wordpad.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.10240.16384_none_55dcbf43bbc4daa2\Remote Desktop Connection.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.10240.16384_none_55dcbf43bbc4daa2\Remote Desktop Connection.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.10240.16384_none_d2a1f4c6eb98bc14\Math Input Panel.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.10240.16384_none_d2a1f4c6eb98bc14\Math Input Panel.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-sud-link_31bf3856ad364e35_10.0.10240.16384_none_d72e8d0d677dbba1\Default Programs.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-sud-link_31bf3856ad364e35_10.0.10240.16384_none_d72e8d0d677dbba1\Default Programs.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-stickynotes-app_31bf3856ad364e35_10.0.10240.16384_none_f54728ac53f8da94\Sticky Notes.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-stickynotes-app_31bf3856ad364e35_10.0.10240.16384_none_f54728ac53f8da94\Sticky Notes.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.10240.16384_none_a1c473de24503e86\Snipping Tool.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.10240.16384_none_a1c473de24503e86\Snipping Tool.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.10240.16384_none_d7645452e0682f87\services.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.10240.16384_none_d7645452e0682f87\services.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-securestartup-cpl_31bf3856ad364e35_10.0.10240.16384_none_5f86c90325c5aa52\BitLockerWizard.exe to C:\WINDOWS\Winsxs\amd64_microsoft-windows-securestartup-cpl_31bf3856ad364e35_10.0.10240.16384_none_5f86c90325c5aa52\BitLockerWizard.exe.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-securestartup-cpl_31bf3856ad364e35_10.0.10240.16384_none_5f86c90325c5aa52\BitLockerWizardElev.exe to C:\WINDOWS\Winsxs\amd64_microsoft-windows-securestartup-cpl_31bf3856ad364e35_10.0.10240.16384_none_5f86c90325c5aa52\BitLockerWizardElev.exe.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Performance Monitor.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Performance Monitor.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Resource Monitor.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Resource Monitor.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.10240.16384_none_961df853893f03be\Paint.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.10240.16384_none_961df853893f03be\Paint.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.10240.16384_none_b3dcd885945b93dc\System Information.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.10240.16384_none_b3dcd885945b93dc\System Information.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.10240.16384_none_e27ab032386d5b35\System Configuration.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.10240.16384_none_e27ab032386d5b35\System Configuration.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.10240.16384_none_b6d1e3f2e862a82a\Windows Media Player.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.10240.16384_none_b6d1e3f2e862a82a\Windows Media Player.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.10240.16384_none_9bd70deb1464ceed\Memory Diagnostics Tool.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.10240.16384_none_9bd70deb1464ceed\Memory Diagnostics Tool.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_4c50590cd86456d1\ODBC Data Sources (64-bit).lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_4c50590cd86456d1\ODBC Data Sources (64-bit).lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.10240.16384_none_dfeb9c5ff6bf29c8\iSCSI Initiator.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.10240.16384_none_dfeb9c5ff6bf29c8\iSCSI Initiator.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.10240.16384_none_80fa1e15c313af85\Windows Fax and Scan.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.10240.16384_none_80fa1e15c313af85\Windows Fax and Scan.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.10240.16384_none_a116806d2af23e0d\dfrgui.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.10240.16384_none_a116806d2af23e0d\dfrgui.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.10240.16384_none_7544a80ff8391bd7\Disk Cleanup.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.10240.16384_none_7544a80ff8391bd7\Disk Cleanup.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.10240.16384_none_fa5a2f0d3f08718c\Character Map.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.10240.16384_none_fa5a2f0d3f08718c\Character Map.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.10240.16384_none_531691da110444d9\Computer Management.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.10240.16384_none_531691da110444d9\Computer Management.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.10240.16384_none_da92c3787526666b\Component Services.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.10240.16384_none_da92c3787526666b\Component Services.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.10240.16384_none_b6e74c8e862c9bea\Task Manager.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.10240.16384_none_b6e74c8e862c9bea\Task Manager.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.10240.16384_none_e2f202dae5a70d92\Steps Recorder.lnk to C:\WINDOWS\Winsxs\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.10240.16384_none_e2f202dae5a70d92\Steps Recorder.lnk.
Successfully copied file C:\Users\C\AppData\Local\niemiro\Archive\Winsxs\amd64_eventviewersettings_31bf3856ad364e35_10.0.10240.16384_none_fcf849b59e606ea6\Event Viewer.lnk to C:\WINDOWS\Winsxs\amd64_eventviewersettings_31bf3856ad364e35_10.0.10240.16384_none_fcf849b59e606ea6\Event Viewer.lnk.

Successfully restored ownership for C:\WINDOWS\Winsxs\x86_microsoft-windows-m..nts-mdac-rds-ce-jvs_31bf3856ad364e35_10.0.10240.16384_none_0d9b4ea224376197\adcjavas.inc
Successfully restored permissions on C:\WINDOWS\Winsxs\x86_microsoft-windows-m..nts-mdac-rds-ce-jvs_31bf3856ad364e35_10.0.10240.16384_none_0d9b4ea224376197\adcjavas.inc
Successfully restored ownership for C:\WINDOWS\Winsxs\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_56a5035f0cc518cc\ODBC Data Sources (32-bit).lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_56a5035f0cc518cc\ODBC Data Sources (32-bit).lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_taskschedulersettings_31bf3856ad364e35_10.0.10240.16384_none_52eb75789f0a2f2a\Task Scheduler.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_taskschedulersettings_31bf3856ad364e35_10.0.10240.16384_none_52eb75789f0a2f2a\Task Scheduler.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_networking-mpssvc_31bf3856ad364e35_10.0.10240.16384_none_1279f88853d7ed1e\Windows Firewall with Advanced Security.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_networking-mpssvc_31bf3856ad364e35_10.0.10240.16384_none_1279f88853d7ed1e\Windows Firewall with Advanced Security.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-xpsreachviewer_31bf3856ad364e35_10.0.10240.16384_none_1d1bc52ee8e4cc32\XPS Viewer.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-xpsreachviewer_31bf3856ad364e35_10.0.10240.16384_none_1d1bc52ee8e4cc32\XPS Viewer.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.10240.16384_none_35baeae20792cf65\Wordpad.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.10240.16384_none_35baeae20792cf65\Wordpad.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.10240.16384_none_55dcbf43bbc4daa2\Remote Desktop Connection.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.10240.16384_none_55dcbf43bbc4daa2\Remote Desktop Connection.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.10240.16384_none_d2a1f4c6eb98bc14\Math Input Panel.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.10240.16384_none_d2a1f4c6eb98bc14\Math Input Panel.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-sud-link_31bf3856ad364e35_10.0.10240.16384_none_d72e8d0d677dbba1\Default Programs.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-sud-link_31bf3856ad364e35_10.0.10240.16384_none_d72e8d0d677dbba1\Default Programs.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-stickynotes-app_31bf3856ad364e35_10.0.10240.16384_none_f54728ac53f8da94\Sticky Notes.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-stickynotes-app_31bf3856ad364e35_10.0.10240.16384_none_f54728ac53f8da94\Sticky Notes.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.10240.16384_none_a1c473de24503e86\Snipping Tool.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.10240.16384_none_a1c473de24503e86\Snipping Tool.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.10240.16384_none_d7645452e0682f87\services.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.10240.16384_none_d7645452e0682f87\services.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-securestartup-cpl_31bf3856ad364e35_10.0.10240.16384_none_5f86c90325c5aa52
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-securestartup-cpl_31bf3856ad364e35_10.0.10240.16384_none_5f86c90325c5aa52
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Performance Monitor.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Performance Monitor.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Resource Monitor.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.10240.16384_none_a40a2fda3ba13ab4\Resource Monitor.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.10240.16384_none_961df853893f03be\Paint.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.10240.16384_none_961df853893f03be\Paint.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.10240.16384_none_b3dcd885945b93dc\System Information.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.10240.16384_none_b3dcd885945b93dc\System Information.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.10240.16384_none_e27ab032386d5b35\System Configuration.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.10240.16384_none_e27ab032386d5b35\System Configuration.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.10240.16384_none_b6d1e3f2e862a82a\Windows Media Player.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.10240.16384_none_b6d1e3f2e862a82a\Windows Media Player.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.10240.16384_none_9bd70deb1464ceed\Memory Diagnostics Tool.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.10240.16384_none_9bd70deb1464ceed\Memory Diagnostics Tool.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_4c50590cd86456d1\ODBC Data Sources (64-bit).lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.10240.16384_none_4c50590cd86456d1\ODBC Data Sources (64-bit).lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.10240.16384_none_dfeb9c5ff6bf29c8\iSCSI Initiator.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.10240.16384_none_dfeb9c5ff6bf29c8\iSCSI Initiator.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.10240.16384_none_80fa1e15c313af85\Windows Fax and Scan.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.10240.16384_none_80fa1e15c313af85\Windows Fax and Scan.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.10240.16384_none_a116806d2af23e0d\dfrgui.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.10240.16384_none_a116806d2af23e0d\dfrgui.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.10240.16384_none_7544a80ff8391bd7\Disk Cleanup.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.10240.16384_none_7544a80ff8391bd7\Disk Cleanup.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.10240.16384_none_fa5a2f0d3f08718c\Character Map.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.10240.16384_none_fa5a2f0d3f08718c\Character Map.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.10240.16384_none_531691da110444d9\Computer Management.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.10240.16384_none_531691da110444d9\Computer Management.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.10240.16384_none_da92c3787526666b\Component Services.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.10240.16384_none_da92c3787526666b\Component Services.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.10240.16384_none_b6e74c8e862c9bea\Task Manager.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.10240.16384_none_b6e74c8e862c9bea\Task Manager.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.10240.16384_none_e2f202dae5a70d92\Steps Recorder.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.10240.16384_none_e2f202dae5a70d92\Steps Recorder.lnk
Successfully restored ownership for C:\WINDOWS\Winsxs\amd64_eventviewersettings_31bf3856ad364e35_10.0.10240.16384_none_fcf849b59e606ea6\Event Viewer.lnk
Successfully restored permissions on C:\WINDOWS\Winsxs\amd64_eventviewersettings_31bf3856ad364e35_10.0.10240.16384_none_fcf849b59e606ea6\Event Viewer.lnk
PowerCopy:: directive completed successfully.




Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 33 datablocks.
Finish time: 2016-04-30 11:12:14.182
Script hash: ONpiI/8pHpAZ+7WBeSnFiqseFzj7ikeYkofN2G1RMfg=
----------------------EOF-----------------------

View attachment cbs.zip

I think the corrupted files are fixed. Thank you very much. Should I try to update windows now?
 
Actually, when I try to "check for updates" from within my own Windows, I get a "catastrophic failure". See the image attached

Untitled.png
 
Now that the corrupted files are fixed, let's work on Windows Update. Please do the following.

Step#1 - Run Windows Repairs
Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.
1. Download Windows Repair (All-in-One) Portable to your desktop.
2. Once the file is downloaded, right-click on the file on your desktop and choose Extract All...
Extract.JPG

3. Keep the defaults and click the Extract button.
4. A folder named tweaking.com_windows_repair_aio will be extracted to the desktop. Once the extraction is complete the folder will open.
5. Inside this folder, there is a folder named Tweaking.com - Windows Repair. Open this folder as well.
Capture.JPG



6. Double-click on Repair_Windows.exe to open. Note: Please make sure all of your programs are closed and anything you were working on is saved as we will be rebooting.
7. When the program opens, click the Reboot to Safe Mode button at the bottom of the screen. Answer Yes to allow.
8. Once rebooted into Safe Mode, open the program again. When the program opens, click the Repairs tab and click the Open Repairs button.
9. A backup of your registry will be made. After a few moments you will have many options from which you can choose.
10. Keep all the defaults selected.
11. Ensure the Restart check box is selected and click the Start Repairs button in the lower right of the screen. This may take some time to run so be patient.
StartRepairsWithReboot.JPG

12. Once the fixes are complete you will be prompted to restart your machine. Answer Yes.
13. Let me know when complete.
 
I get the same catastrophic error as before. And now after running the tweaking Windows repair, the Windows calendar, Windows notifications and WIFI windows won't appear when I click on them. The ones that are on the task bar on the far right side. Nothing happens when I click on the icons.
 
Thanks for the info. Please do the following.

FRST Scan
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-05-2016
Ran by Zenbook (administrator) on ZENBOOK (01-05-2016 19:03:30)
Running from C:\Users\C\Desktop
Loaded Profiles: Zenbook (Available Profiles: Zenbook)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Windows\SysWOW64\UMonit64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [DriverTalent] => C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe [3201704 2016-04-12] (OSToto Co., Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\C\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2015-07-28] (Epic Privacy Browser)
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\Run: [Google Update] => C:\Users\C\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-11-24] (Google Inc.)
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50676864 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-09-13] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8fb2476c-3883-44ea-82db-dd9e24699340}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-11-12] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
Filter: application/x-ica - No CLSID Value
Filter: application/x-ica; charset=euc-jp - No CLSID Value
Filter: application/x-ica; charset=ISO-8859-1 - No CLSID Value
Filter: application/x-ica; charset=MS936 - No CLSID Value
Filter: application/x-ica; charset=MS949 - No CLSID Value
Filter: application/x-ica; charset=MS950 - No CLSID Value
Filter: application/x-ica; charset=UTF-8 - No CLSID Value
Filter: application/x-ica; charset=UTF8 - No CLSID Value
Filter: application/x-ica;charset=euc-jp - No CLSID Value
Filter: application/x-ica;charset=ISO-8859-1 - No CLSID Value
Filter: application/x-ica;charset=MS936 - No CLSID Value
Filter: application/x-ica;charset=MS949 - No CLSID Value
Filter: application/x-ica;charset=MS950 - No CLSID Value
Filter: application/x-ica;charset=UTF-8 - No CLSID Value
Filter: application/x-ica;charset=UTF8 - No CLSID Value
Filter: ica - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default
FF Homepage: hxxps://my.yahoo.com/
FF NetworkProxy: "http", "165.231.83.227"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, autofillmagic.com"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "ssl", "165.231.83.227"
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-11] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-11] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3994446418-2107919600-567850472-1001: @citrixonline.com/appdetectorplugin -> C:\Users\C\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-02] (Citrix Online)
FF Plugin HKU\S-1-5-21-3994446418-2107919600-567850472-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\C\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3994446418-2107919600-567850472-1001: @talk.google.com/O1DPlugin -> C:\Users\C\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3994446418-2107919600-567850472-1001: @tools.google.com/Google Update;version=3 -> C:\Users\C\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3994446418-2107919600-567850472-1001: @tools.google.com/Google Update;version=9 -> C:\Users\C\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3994446418-2107919600-567850472-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\C\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-07-28] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-3994446418-2107919600-567850472-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\C\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2015-07-28] (Epic Privacy Browser)
FF user.js: detected! => C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\user.js [2016-03-29]
FF Plugin ProgramFiles/Appdata: C:\Users\C\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\C\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\searchplugins\thesaurus---referencecom.xml [2015-08-06]
FF Extension: Copy Plain Text 2 - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\copyplaintext@teo.pl.xpi [2016-02-26]
FF Extension: LastPass - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\support@lastpass.com [2016-03-14]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\artur.dubovoy@gmail.com [2016-04-01]
FF Extension: Classic Theme Restorer - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-04-07]
FF Extension: S3.Google Translator - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\s3google@translator.xpi [2016-04-23]
FF Extension: MozBar - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\toolbar@seomoz.org.xpi [2016-04-24]
FF Extension: Webmaster SAPE - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\toolbar@sape.ru.xpi [2016-04-26]
FF Extension: Highlight NoFollow links - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\tobias@webfish.se2.xpi [2016-04-27]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: Blur - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\Extensions\donottrackplus@abine.com.xpi [2015-12-17]
FF Extension: Random Agent Spoofer - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\Extensions\jid1-AVgCeF1zoVzMjA@jetpack.xpi [2016-02-20]
FF Extension: Adblock Plus - C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-11-12] [not signed]

Chrome:
=======
CHR Profile: C:\Users\C\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-04-11]
CHR Extension: (Google Slides) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-28]
CHR Extension: (Google Docs) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-28]
CHR Extension: (Google Drive) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (MozBar) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2016-04-11]
CHR Extension: (Google Sheets) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-28]
CHR Extension: (AdBlock) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Gmail) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR Extension: (Majestic Backlink Analyzer) - C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmjaflneibolacpepklokkjnakmikmg [2016-04-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [165616 2015-11-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359856 2016-04-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LDrvSvc; C:\Program Files (x86)\OSTotoSoft\DriverTalent\LDrvSvc.dll [147216 2015-12-16] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S3 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-26] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-26] (Disc Soft Ltd)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S4 FileMonitor; no ImagePath
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [110824 2014-06-10] (GenesysLogic)
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [25600 2011-10-26] ()
R3 gMouUsb; C:\Windows\System32\drivers\gMouUsb.sys [14336 2009-11-02] ()
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-22] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2016-04-23] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [7075568 2015-08-23] (Intel Corporation)
S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7135504 2016-02-27] (Intel Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
S3 RegFilter; no ImagePath
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-11-04] (DEVGURU Co., LTD.(데브구루 | 데브구루에 오신것을 환영합니다.))
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 UrlFilter; no ImagePath
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-01 19:03 - 2016-05-01 19:06 - 00027770 _____ C:\Users\C\Desktop\FRST.txt
2016-05-01 19:01 - 2016-05-01 19:01 - 00016148 _____ C:\WINDOWS\system32\ZENBOOK_Zenbook_HistoryPrediction.bin
2016-05-01 18:56 - 2016-05-01 18:56 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-01 18:56 - 2015-06-16 09:41 - 00062080 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-05-01 18:55 - 2016-05-01 19:03 - 00000000 ____D C:\FRST
2016-05-01 18:53 - 2016-05-01 18:53 - 00003379 _____ C:\WINDOWS\Azon Product Inspector Uninstall Log.txt
2016-05-01 18:53 - 2016-05-01 18:53 - 00003344 _____ C:\WINDOWS\Azon Top 100 Analyzer Uninstall Log.txt
2016-05-01 18:52 - 2016-05-01 18:53 - 02377216 _____ (Farbar) C:\Users\C\Desktop\FRST64.exe
2016-05-01 18:49 - 2016-05-01 18:49 - 00069628 _____ C:\Users\C\Desktop\SFCFix.txt
2016-05-01 18:16 - 2016-05-01 18:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-05-01 16:30 - 2016-05-01 18:14 - 00020290 _____ C:\Users\C\Desktop\url_profile_results_160501212830.xlsx
2016-05-01 12:00 - 2016-05-01 12:00 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-05-01 07:55 - 2016-05-01 07:55 - 00171588 _____ C:\Users\C\Desktop\SFCFix.zip
2016-04-30 22:04 - 2016-04-30 22:05 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-30 19:31 - 2016-04-30 19:31 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-30 18:47 - 2016-04-30 18:47 - 00000000 ____D C:\Users\C\Desktop\tweaking.com_windows_repair_aio
2016-04-29 17:36 - 2016-04-29 17:36 - 01010720 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCHRT20.OCX
2016-04-29 17:36 - 2016-04-29 17:36 - 00224016 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2016-04-29 17:36 - 2016-04-29 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Technitium MAC Address Changer v6
2016-04-29 17:36 - 2016-04-29 17:36 - 00000000 ____D C:\Program Files (x86)\Technitium
2016-04-29 17:35 - 2016-04-29 17:35 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-04-29 13:52 - 2016-04-29 13:52 - 00000000 ____D C:\ESD
2016-04-29 09:38 - 2016-04-29 09:38 - 00000000 ___HD C:\$Windows.~WS
2016-04-29 06:48 - 2016-04-29 06:49 - 18447464 _____ (Microsoft Corporation) C:\Users\C\Desktop\MediaCreationTool.exe
2016-04-26 16:14 - 2016-05-01 18:49 - 00000000 ____D C:\SFCFix
2016-04-26 16:10 - 2016-05-01 18:49 - 00000000 ____D C:\Users\C\AppData\Local\niemiro
2016-04-26 16:09 - 2016-04-26 16:09 - 02884096 _____ (niemiro) C:\Users\C\Desktop\SFCFix.exe
2016-04-26 15:56 - 2016-04-26 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-04-26 15:56 - 2016-04-26 15:56 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-04-26 15:56 - 2016-02-10 08:21 - 00137280 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2016-04-26 15:46 - 2016-04-26 15:46 - 00003472 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Zenbook
2016-04-26 15:40 - 2016-04-26 15:40 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-04-26 15:33 - 2016-04-26 15:33 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-04-26 15:31 - 2016-04-26 15:32 - 00000000 ____D C:\Users\C\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-26 15:31 - 2016-04-26 15:31 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-26 15:30 - 2016-04-26 15:30 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-04-26 15:30 - 2016-04-26 15:30 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-04-26 10:08 - 2016-04-26 10:08 - 00108238 _____ C:\Users\C\Desktop\8027189600002016021.pdf
2016-04-25 17:45 - 2016-04-26 15:56 - 00000000 ____D C:\Program Files\PowerISO
2016-04-25 16:58 - 2016-04-26 15:45 - 119148544 _____ C:\Win10_1511_1_English_x64.iso
2016-04-25 14:36 - 2016-04-25 14:36 - 00000000 ____D C:\Users\C\AppData\Roaming\Obsidium
2016-04-25 13:56 - 2016-04-25 13:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-04-25 07:20 - 2016-04-25 07:20 - 00000165 ____H C:\Users\C\Desktop\~$moz results.xlsx
2016-04-24 19:45 - 2016-04-24 19:45 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-04-24 19:44 - 2016-04-24 19:44 - 37024424 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 36102744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 30689520 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 29887992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 29093384 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 19854320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 13999104 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 13272056 _____ (Intel Corporation) C:\WINDOWS\system32\ig8icd64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 13036944 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 11484712 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 10648768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 10057720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig8icd32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 06741482 _____ C:\WINDOWS\system32\igdclbif.bin
2016-04-24 19:44 - 2016-04-24 19:44 - 06412040 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-04-24 19:44 - 2016-04-24 19:44 - 06377536 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 05477880 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 05255664 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 05051704 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 05007008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 04898456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 04583944 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 04009464 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 03810312 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 02036736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01793904 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01789768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01603752 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01575928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01282224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01226232 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01165320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 01018792 _____ C:\WINDOWS\system32\igfxSDK.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00979464 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00940456 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00935344 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00816487 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2016-04-24 19:44 - 2016-04-24 19:44 - 00733192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00617472 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00602040 _____ C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00527280 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00459168 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00436232 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00406536 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00405432 _____ C:\WINDOWS\system32\igfxTray.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00394760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00385520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00363520 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00359856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00340512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00336816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00308744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00296720 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00291768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00282200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00266232 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-04-24 19:44 - 2016-04-24 19:44 - 00257976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00251912 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00232848 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00227760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00223152 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00222640 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00213600 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00194888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00180744 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00174168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00173144 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00171032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00165816 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-04-24 19:44 - 2016-04-24 19:44 - 00162312 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00151712 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00151216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00104440 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00095240 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00094720 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00092168 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00091144 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00082440 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00073216 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00045960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00045560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2016-04-24 19:44 - 2016-04-24 19:44 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2016-04-24 19:44 - 2016-04-24 19:44 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2016-04-24 19:44 - 2016-04-24 19:44 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2016-04-24 19:44 - 2016-04-24 19:44 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2016-04-24 19:44 - 2016-04-24 19:44 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2016-04-24 19:44 - 2016-04-24 19:44 - 00020488 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00020488 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00020472 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00013832 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-04-24 19:44 - 2016-04-24 19:44 - 00004674 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-04-24 19:44 - 2016-04-24 19:44 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2016-04-23 13:19 - 2016-04-24 19:46 - 00000000 ____D C:\WINDOWS\LastGood
2016-04-23 13:19 - 2016-04-23 13:19 - 00266512 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2016-04-23 13:19 - 2016-04-23 13:19 - 00242448 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2016-04-23 09:35 - 2016-04-23 09:35 - 00000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_126
2016-04-21 19:27 - 2016-04-26 11:33 - 00000000 ___HD C:\$SysReset
2016-04-21 19:23 - 2016-04-21 19:23 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-04-21 18:24 - 2016-05-01 18:16 - 00147392 ____N C:\WINDOWS\Minidump\050116-5703-01.dmp
2016-04-21 11:59 - 2016-04-21 22:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\TweakBit
2016-04-21 11:56 - 2016-04-21 11:56 - 00000218 _____ C:\Users\C\AppData\Local\recently-used.xbel
2016-04-21 11:46 - 2016-04-21 11:59 - 00000000 ____D C:\ProgramData\TweakBit
2016-04-21 11:46 - 2016-04-21 11:46 - 00000000 ____D C:\ProgramData\BSD
2016-04-20 12:57 - 2016-04-21 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2016-04-20 12:57 - 2016-04-21 22:16 - 00000000 ____D C:\Program Files (x86)\HTC
2016-04-20 12:57 - 2016-04-20 12:57 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2016-04-13 07:53 - 2016-04-06 13:32 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-13 07:53 - 2016-04-06 13:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-12 12:36 - 2016-03-29 01:40 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-12 12:36 - 2016-03-25 02:38 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-12 12:36 - 2016-03-25 02:25 - 12505600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-12 12:36 - 2016-03-25 02:14 - 07525376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-12 12:36 - 2016-03-25 02:13 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-12 12:36 - 2016-03-25 01:55 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-12 12:36 - 2016-03-15 23:56 - 03467784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-12 12:36 - 2016-03-15 23:55 - 02495768 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 12:36 - 2016-03-15 23:47 - 22610328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-12 12:36 - 2016-03-15 23:47 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-12 12:36 - 2016-03-15 23:45 - 00140536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-12 12:36 - 2016-03-15 23:37 - 01010016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 12:36 - 2016-03-15 23:21 - 01767000 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-12 12:36 - 2016-03-15 23:21 - 01531888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-12 12:36 - 2016-03-15 23:11 - 21088728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-12 12:36 - 2016-03-15 23:00 - 21859840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-12 12:36 - 2016-03-15 22:49 - 01416192 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 12:36 - 2016-03-15 22:49 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-12 12:36 - 2016-03-15 22:45 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-12 12:36 - 2016-03-15 22:42 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-12 12:36 - 2016-03-15 22:40 - 00931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-12 12:36 - 2016-03-15 22:40 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-12 12:36 - 2016-03-15 22:40 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 12:36 - 2016-03-15 22:39 - 03363328 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 12:36 - 2016-03-15 22:36 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-12 12:36 - 2016-03-15 22:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-12 12:36 - 2016-03-15 22:36 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-12 12:36 - 2016-03-15 22:35 - 01794560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-12 12:36 - 2016-03-15 22:35 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-04-12 12:36 - 2016-03-15 22:34 - 01871872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 12:36 - 2016-03-15 22:21 - 18796544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-12 12:36 - 2016-03-15 22:17 - 03680256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-12 12:36 - 2016-03-15 22:17 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-12 12:36 - 2016-03-15 22:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-12 12:36 - 2016-03-15 22:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-12 12:36 - 2016-03-15 22:13 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-12 12:36 - 2016-03-15 22:11 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-12 12:35 - 2016-03-29 01:40 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-12 12:35 - 2016-03-25 01:54 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-12 12:35 - 2016-03-15 23:56 - 01022664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 12:35 - 2016-03-15 23:56 - 00861512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 12:35 - 2016-03-15 23:55 - 01951872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-12 12:35 - 2016-03-15 23:55 - 01299032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 12:35 - 2016-03-15 23:55 - 01127024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 12:35 - 2016-03-15 23:55 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-12 12:35 - 2016-03-15 23:54 - 00595016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 12:35 - 2016-03-15 23:47 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-12 12:35 - 2016-03-15 23:46 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-12 12:35 - 2016-03-15 23:41 - 00607416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 12:35 - 2016-03-15 23:41 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-12 12:35 - 2016-03-15 23:39 - 00983904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 12:35 - 2016-03-15 23:11 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-12 12:35 - 2016-03-15 23:11 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-12 12:35 - 2016-03-15 23:08 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-04-12 12:35 - 2016-03-15 23:06 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-12 12:35 - 2016-03-15 23:05 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-12 12:35 - 2016-03-15 23:03 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-12 12:35 - 2016-03-15 23:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 12:35 - 2016-03-15 22:56 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-12 12:35 - 2016-03-15 22:56 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-04-12 12:35 - 2016-03-15 22:55 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-12 12:35 - 2016-03-15 22:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-04-12 12:35 - 2016-03-15 22:55 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-12 12:35 - 2016-03-15 22:55 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-12 12:35 - 2016-03-15 22:51 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-04-12 12:35 - 2016-03-15 22:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-04-12 12:35 - 2016-03-15 22:47 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-12 12:35 - 2016-03-15 22:47 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-12 12:35 - 2016-03-15 22:47 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-12 12:35 - 2016-03-15 22:46 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-12 12:35 - 2016-03-15 22:44 - 01016832 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-12 12:35 - 2016-03-15 22:43 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-04-12 12:35 - 2016-03-15 22:43 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 12:35 - 2016-03-15 22:42 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-12 12:35 - 2016-03-15 22:42 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-12 12:35 - 2016-03-15 22:41 - 00950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-12 12:35 - 2016-03-15 22:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 12:35 - 2016-03-15 22:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-12 12:35 - 2016-03-15 22:40 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-12 12:35 - 2016-03-15 22:40 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-12 12:35 - 2016-03-15 22:40 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-12 12:35 - 2016-03-15 22:39 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-12 12:35 - 2016-03-15 22:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 12:35 - 2016-03-15 22:38 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-12 12:35 - 2016-03-15 22:37 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-12 12:35 - 2016-03-15 22:37 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-12 12:35 - 2016-03-15 22:37 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-12 12:35 - 2016-03-15 22:37 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-12 12:35 - 2016-03-15 22:37 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-12 12:35 - 2016-03-15 22:37 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-12 12:35 - 2016-03-15 22:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-12 12:35 - 2016-03-15 22:35 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-12 12:35 - 2016-03-15 22:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-12 12:35 - 2016-03-15 22:35 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-12 12:35 - 2016-03-15 22:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-12 12:35 - 2016-03-15 22:32 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 12:35 - 2016-03-15 22:31 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-12 12:35 - 2016-03-15 22:31 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-12 12:35 - 2016-03-15 22:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-12 12:35 - 2016-03-15 22:28 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-12 12:35 - 2016-03-15 22:27 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-12 12:35 - 2016-03-15 22:24 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-12 12:35 - 2016-03-15 22:24 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-12 12:35 - 2016-03-15 22:24 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-12 12:35 - 2016-03-15 22:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-12 12:35 - 2016-03-15 22:18 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-12 12:35 - 2016-03-15 22:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-04-12 12:35 - 2016-03-15 22:17 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2016-04-12 12:35 - 2016-03-15 22:17 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-12 12:35 - 2016-03-15 22:16 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-12 12:35 - 2016-03-15 22:14 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-12 12:35 - 2016-03-15 22:14 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-12 12:35 - 2016-03-15 22:14 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-12 12:35 - 2016-03-15 22:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-12 12:35 - 2016-03-15 22:12 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-12 12:35 - 2016-03-15 22:10 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-11 21:00 - 2016-04-12 07:38 - 00000000 ____D C:\Users\C\AppData\Local\URLProfiler
2016-04-11 20:59 - 2016-04-11 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URL Profiler
2016-04-11 20:58 - 2016-04-11 20:59 - 00000000 ____D C:\Program Files (x86)\URL Profiler
2016-04-09 08:51 - 2016-04-26 15:56 - 00001123 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\paint.net.lnk
2016-04-01 17:05 - 2016-05-01 18:53 - 00000000 ____D C:\Program Files (x86)\AzonProductInspector
2016-04-01 16:59 - 2016-05-01 18:53 - 00000000 ____D C:\Program Files (x86)\AzonTop100Analyzer

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-01 19:06 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-01 19:02 - 2015-07-28 21:28 - 00000000 ____D C:\Users\C\AppData\Roaming\Skype
2016-05-01 19:01 - 2015-10-09 17:55 - 00739906 _____ C:\WINDOWS\system32\perfh00A.dat
2016-05-01 19:01 - 2015-10-09 17:55 - 00144196 _____ C:\WINDOWS\system32\perfc00A.dat
2016-05-01 19:01 - 2015-07-29 20:10 - 01698550 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-01 19:01 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF
2016-05-01 18:56 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-01 18:56 - 2015-07-10 04:05 - 04718592 ___SH C:\WINDOWS\system32\config\BBI
2016-05-01 18:54 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-01 18:53 - 2016-03-31 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azon Keyword Generator V4
2016-05-01 18:53 - 2015-07-28 13:14 - 00000000 ____D C:\Users\C\AppData\Local\ClassicShell
2016-05-01 18:49 - 2015-07-28 14:36 - 00000000 ____D C:\Users\C\AppData\LocalLow\LastPass
2016-05-01 18:28 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\WindowsApps
2016-05-01 18:16 - 2015-07-29 19:57 - 00000000 ____D C:\Users\C
2016-05-01 16:31 - 2015-08-03 08:32 - 00000000 ____D C:\Users\C\AppData\LocalLow\Temp
2016-05-01 09:15 - 2016-01-24 09:24 - 04276736 ___SH C:\Users\C\Desktop\Thumbs.db
2016-05-01 07:38 - 2016-03-22 14:18 - 00000000 ____D C:\Users\C\AppData\Roaming\eM Client
2016-04-30 22:05 - 2015-12-21 12:08 - 00000000 ____D C:\WINDOWS\Panther
2016-04-30 20:01 - 2015-07-10 07:20 - 00431232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-30 19:56 - 2015-07-10 04:05 - 55574528 _____ C:\WINDOWS\system32\config\components.old
2016-04-30 19:28 - 2015-08-27 22:14 - 01698550 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-04-30 09:54 - 2015-10-06 14:30 - 00000000 ___SD C:\Users\C\Documents\My Data Sources
2016-04-30 09:37 - 2015-07-29 09:43 - 00000000 ____D C:\Users\C\Desktop\TV
2016-04-29 14:48 - 2015-07-29 19:41 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-04-29 14:48 - 2015-07-29 19:41 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-04-29 10:21 - 2015-07-28 18:47 - 00000000 ____D C:\Users\C\Desktop\Website
2016-04-29 09:17 - 2016-03-17 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-29 09:17 - 2015-07-28 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-29 07:33 - 2015-07-28 16:29 - 00000000 ____D C:\Users\C\AppData\Roaming\vlc
2016-04-29 06:40 - 2015-07-28 10:59 - 00000000 ____D C:\Users\C\AppData\Roaming\Mozilla
2016-04-26 15:57 - 2016-03-31 17:27 - 00002222 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Azon Keyword Generator V4.lnk
2016-04-26 15:57 - 2016-03-31 17:27 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azon Keyword Generator V4.lnk
2016-04-26 15:57 - 2016-03-22 14:10 - 00001030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2016-04-26 15:57 - 2016-01-20 10:31 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2016-04-26 15:57 - 2015-10-06 15:27 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
2016-04-26 15:57 - 2015-07-29 20:01 - 00001564 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-26 15:57 - 2015-07-29 17:03 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-04-26 15:57 - 2015-07-28 14:57 - 00001216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-26 15:57 - 2015-07-28 14:37 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-26 15:57 - 2015-07-28 10:59 - 00001937 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-26 15:57 - 2015-02-15 01:26 - 00000712 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-04-26 15:56 - 2016-02-26 12:47 - 00001386 _____ C:\Users\C\Desktop\Firefox Portable.lnk
2016-04-26 15:56 - 2016-01-29 07:43 - 00003043 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft Word 2010.lnk
2016-04-26 15:56 - 2016-01-20 07:45 - 00001048 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\OpenOffice Calc.lnk
2016-04-26 15:56 - 2015-12-10 13:24 - 00000279 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2016-04-26 15:56 - 2015-11-29 09:54 - 00001458 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\IObit Uninstaller.lnk
2016-04-26 15:56 - 2015-11-18 17:52 - 00002973 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft Excel 2010.lnk
2016-04-26 15:56 - 2015-11-18 15:19 - 00001145 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Notepad++.lnk
2016-04-26 15:56 - 2015-07-28 10:22 - 00000080 _____ C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-04-26 15:41 - 2015-09-22 11:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-26 15:04 - 2015-07-28 10:15 - 00000000 ____D C:\Users\C\AppData\Local\Packages
2016-04-26 15:02 - 2015-07-28 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-04-26 15:01 - 2015-08-27 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-04-26 15:01 - 2015-08-02 13:12 - 00000000 ____D C:\Users\C\AppData\Roaming\ProductData
2016-04-26 15:01 - 2015-07-29 19:55 - 00000000 ____D C:\Program Files\Intel
2016-04-26 15:01 - 2015-07-28 16:26 - 00000000 ____D C:\Users\C\AppData\Roaming\Winamp
2016-04-26 15:01 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-04-26 15:01 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-26 15:00 - 2015-12-09 12:12 - 00000000 ____D C:\OSTotoFolder
2016-04-26 15:00 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SystemApps
2016-04-26 15:00 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
2016-04-25 08:02 - 2015-07-28 11:08 - 00000000 ____D C:\Users\C\AppData\Local\ElevatedDiagnostics
2016-04-25 07:59 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-25 07:20 - 2015-12-09 12:12 - 00000000 ____D C:\ProgramData\DriverTalent
2016-04-24 19:44 - 2015-07-29 19:56 - 00095240 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-04-24 19:44 - 2015-07-29 19:56 - 00091144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-04-21 22:17 - 2016-03-31 06:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2016-04-21 22:17 - 2015-07-29 19:54 - 00000000 ____D C:\Program Files\CONEXANT
2016-04-21 22:17 - 2015-07-28 13:44 - 00000000 ____D C:\Users\C\AppData\Roaming\IObit
2016-04-21 22:16 - 2015-02-15 01:24 - 00000000 ____D C:\Program Files (x86)\Intel
2016-04-20 16:44 - 2015-11-09 16:16 - 00000000 ____D C:\Users\C\AppData\Roaming\HTC
2016-04-20 16:44 - 2015-11-09 16:05 - 00000000 ____D C:\ProgramData\HTC
2016-04-19 14:56 - 2015-10-29 20:34 - 00000000 ____D C:\Users\C\AppData\Roaming\deluge
2016-04-19 05:24 - 2015-07-28 13:44 - 00000000 ____D C:\ProgramData\ProductData
2016-04-18 13:06 - 2016-01-27 18:47 - 00000000 ____D C:\Users\C\AppData\Roaming\Kodi
2016-04-13 12:06 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
2016-04-13 08:14 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2016-04-13 08:14 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-04-13 08:14 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-11 21:00 - 2016-03-19 18:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-11 11:25 - 2015-07-29 09:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-11 08:59 - 2015-07-29 09:09 - 00003818 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-06 08:45 - 2015-09-27 21:39 - 00000000 ____D C:\Users\C\AppData\Roaming\Canon
2016-04-06 08:45 - 2015-09-27 21:39 - 00000000 ____D C:\ProgramData\CanonIJScan
2016-04-06 06:22 - 2015-12-09 17:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-06 06:22 - 2014-11-12 03:49 - 00000000 ____D C:\ProgramData\Skype
2016-04-05 15:55 - 2015-09-20 07:36 - 00000236 _____ C:\Users\C\AppData\Roaming\RO39-2M3Q
2016-04-05 07:00 - 2016-03-22 10:42 - 00000000 ____D C:\ProgramData\Intel
2016-04-05 07:00 - 2015-02-15 01:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-02 20:43 - 2015-07-28 13:44 - 00000000 ____D C:\ProgramData\IObit
2016-04-02 20:40 - 2015-07-28 13:44 - 00000000 ____D C:\Program Files (x86)\IObit
2016-04-01 10:05 - 2015-11-04 10:07 - 00000000 ____D C:\ProgramData\HP

==================== Files in the root of some directories =======

2015-10-08 07:24 - 2015-10-08 07:24 - 0000088 _____ () C:\Users\C\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
2015-10-08 07:25 - 2015-10-08 07:25 - 0000088 _____ () C:\Users\C\AppData\Roaming\.c79792229cdae4d8fe4e261fc4d6976b.key
2015-09-22 04:29 - 2015-10-08 07:26 - 0000120 _____ () C:\Users\C\AppData\Roaming\GWMC-I92M
2015-09-20 07:36 - 2016-04-05 15:55 - 0000236 _____ () C:\Users\C\AppData\Roaming\RO39-2M3Q
2015-07-28 10:15 - 2016-03-30 06:20 - 0000125 _____ () C:\Users\C\AppData\Roaming\sp_data.sys
2015-09-04 16:12 - 2015-09-04 16:12 - 0000315 _____ () C:\Users\C\AppData\Local\LMIR0001.tmp_r.bat
2016-04-21 11:56 - 2016-04-21 11:56 - 0000218 _____ () C:\Users\C\AppData\Local\recently-used.xbel
2015-09-21 16:35 - 2015-09-21 16:35 - 0000017 _____ () C:\Users\C\AppData\Local\resmon.resmoncfg
2015-11-04 11:30 - 2015-11-04 11:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-10-15 09:56 - 2015-10-15 09:56 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-11-12 03:49 - 2014-11-12 03:49 - 0000032 _____ () C:\ProgramData\SetStretch.cmd
2014-11-12 03:49 - 2009-07-22 05:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-11-12 03:49 - 2012-09-07 06:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-29 12:29

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:01-05-2016
Ran by Zenbook (2016-05-01 19:06:32)
Running from C:\Users\C\Desktop
Windows 10 Home (X64) (2015-07-30 01:28:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3994446418-2107919600-567850472-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3994446418-2107919600-567850472-503 - Limited - Disabled)
Guest (S-1-5-21-3994446418-2107919600-567850472-501 - Limited - Disabled)
Zenbook (S-1-5-21-3994446418-2107919600-567850472-1001 - Administrator - Enabled) => C:\Users\C

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.)
1.62 (HKLM-x32\...\URL Profiler_is1) (Version: - Polychrome Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Any Video Converter Ultimate 5.8.2 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.03.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.31 - ICEpower a/s)
Azon Keyword Generator V4 (HKLM-x32\...\Azon Keyword Generator V44.0.0.1) (Version: 4.0.0.1 - InnAnTech Industries Inc.)
Bing Ads Editor (HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\{58ac8d5d-d0d0-41f6-8853-586dd6cb8284}) (Version: 10.8.2256.5288 - Microsoft Corporation)
Bing Ads Editor (x32 Version: 10.8.2256.5288 - Microsoft Corporation) Hidden
Bing Ads Intelligence (HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\BD4F486BB9396EFC30A39B83E40F2AE4C01690BF) (Version: 9.1.11204.7396 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Chvac Version 8 (HKLM-x32\...\{1DCD89D0-816C-11E0-6DF1-0F87DC211649}) (Version: 8 - Elite Software Development, Inc.)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version: - )
Driver Talent (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.4.36.124 - OSToto Co., Ltd.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
eM Client (HKLM-x32\...\{7B35918E-43E4-45AF-8F1B-C15D86CA919D}) (Version: 6.0.24928.0 - eM Client Inc.)
Epic Privacy Browser (HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\Epic) (Version: 40.0.2214.91 - Epic)
eQUEST 3-65 (HKLM-x32\...\{C736C310-ADF0-4D99-8397-478FDDB4D3F9}) (Version: 3.65.16 - JJHirsch)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.2.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoToMeeting 7.3.0.3499 (HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\GoToMeeting) (Version: 7.3.0.3499 - CitrixOnline)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4274 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.6.101 - IObit)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Kodi (HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\Kodi) (Version: - XBMC-Foundation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.73 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.73 - Alliance Software Pty Ltd) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 en-US)) (Version: 38.7.2 - Mozilla)
Netpeak Checker version 2.2.0.29 (HKLM-x32\...\{F38BE200-6918-4BEA-A2D2-9B68E90FFC9E}_is1) (Version: 2.2.0.29 - Netpeak)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security)
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
Plex Media Server (x32 Version: 0.9.1219 - Plex, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd)
Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Self-service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.8.5 - Tweaking.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 6.0.0.39) (HKLM\...\51B9B97722559D76D6429B83B71A86106A35BFCE) (Version: 07/02/2014 6.0.0.39 - ASUS)
Windows Driver Package - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3994446418-2107919600-567850472-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\C\AppData\Local\Citrix\GoToMeeting\3499\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3994446418-2107919600-567850472-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\C\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3994446418-2107919600-567850472-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\C\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {075DC3D4-FEA2-4826-82D8-20047D3A8BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {0C46091E-DBF6-4FF3-B0DE-AA9FCAAC6DE5} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {1BCEDA88-9772-48B7-8B3F-5EF3AD88AF97} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-09-11] (ASUS)
Task: {29754265-E017-4F56-A2F8-9A0289F925DB} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {466F51F6-E814-43A8-9A38-14C76228D913} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {4DA0A89B-AAEC-4CBF-BE1C-C6163C8F957F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5103F0AD-C6AC-4C79-8573-0AA9AADA01F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {680D7A87-5EFB-4AC0-BB29-AA0CE7EBC0AA} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-03-05] ()
Task: {688FB8C8-19FA-450C-B109-DBE179BB875D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7AD1DCFF-6653-4CEC-B0F7-FB9617412CD8} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {884D0E44-FC72-47FC-804F-C5DDF1316A20} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {88E8C78B-DCC5-42C4-AC1E-F5DD61E67EB8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {954C2F52-D1DE-4277-89E2-7FADCE844073} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-11] (Adobe Systems Incorporated)
Task: {975D5274-A7D1-4E19-9944-0FB6C4B45171} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {997F9AE1-EF12-4370-8936-9F2ABEE03CB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {B16C57BD-AFDB-4B5B-962F-141805CE4C6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B1E1454F-667C-4EB2-B874-09E770E1513A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {C49B9C08-FA10-4131-A42D-D4315E8DAB20} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {C81B31BB-4095-4E2D-A3DA-9138846718D8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CA815DBE-9805-4750-8059-65D5B40CCA76} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {E5406F7E-98C1-46D7-95F0-BEE0E32F9D93} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E6D37F8E-EA87-4475-A402-C7347B96B288} - System32\Tasks\Uninstaller_SkipUac_Zenbook => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-03-04] (IObit)
Task: {EC6F294D-0F36-4E57-841F-6B28E024F424} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {EC75B5F9-5E56-42B9-887C-BAE8CB5C8476} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F9415D86-CC8E-48E2-BBC4-BC02E6C4FA4F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3994446418-2107919600-567850472-1001Core.job => C:\Users\C\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3994446418-2107919600-567850472-1001Core1d1270b90760a5a.job => C:\Users\C\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3994446418-2107919600-567850472-1001Core1d12e5dd1b5dbcf.job => C:\Users\C\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-04-12 12:36 - 2016-03-15 23:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 12:36 - 2016-03-15 23:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-21 16:38 - 2016-02-21 16:38 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-02-15 01:31 - 2014-03-05 03:49 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2015-12-09 12:11 - 2015-12-16 04:45 - 00147216 _____ () c:\program files (x86)\ostotosoft\drivertalent\ldrvsvc.dll
2015-12-09 12:11 - 2015-12-16 04:45 - 00186640 _____ () c:\program files (x86)\ostotosoft\drivertalent\CrashCatch.dll
2015-12-09 12:11 - 2015-11-16 02:19 - 00254824 _____ () c:\program files (x86)\ostotosoft\drivertalent\updater\checkupdate.dll
2015-12-09 12:11 - 2016-03-09 20:38 - 00165088 _____ () c:\program files (x86)\ostotosoft\drivertalent\substat.dll
2015-12-09 12:11 - 2015-11-16 02:19 - 00103776 _____ () c:\program files (x86)\ostotosoft\drivertalent\dstudp.dll
2015-12-09 12:11 - 2015-11-16 02:19 - 00117088 _____ () c:\program files (x86)\ostotosoft\drivertalent\udp.dll
2015-07-28 13:45 - 2015-07-28 13:44 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2013-04-12 12:23 - 2013-04-12 12:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2016-03-29 07:50 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-03-29 07:50 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-03-14 15:05 - 2016-03-14 15:05 - 01114136 _____ () C:\Users\C\AppData\Roaming\Mozilla\Firefox\Profiles\uvofzas6.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRegRestore => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRegRestore => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\force.com -> hxxp://autodesk.force.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-04-30 19:31 - 2016-04-30 19:31 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3994446418-2107919600-567850472-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\C\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "ioCentre"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "CitrixReceiver"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "DriverTalent"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\StartupApproved\Run: => "Epic Privacy Browser Installer"
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3994446418-2107919600-567850472-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5EDC0506-1C14-48BD-8E3A-40B84B130166}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [TCP Query User{0D5D640B-9E23-47FB-BE98-F9D6B17712CC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E195E370-704F-4DF8-8C86-5C29DD378D10}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{B78333CD-255E-4C56-90DB-44B6F10BF9DB}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{0C286FB9-BEBF-4E11-904A-EEF2908BD5CA}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{3E98E0A9-2FF5-40D0-9F42-2509D53C2DF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9F78D200-5075-4CCA-9E8D-D3F18827F442}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
FirewallRules: [{369CADC0-D6BC-46A8-97DA-8FBF89DA1645}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
FirewallRules: [{125CC64D-7C6A-4872-A07E-CD20CB0BDF59}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe
FirewallRules: [TCP Query User{DCF354CA-B626-43D9-A61A-6E7601EE4057}C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{989152C3-9538-4ED8-AA45-6905C577E710}C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{C2C56820-C11B-4E08-AE16-BE7AF8A57F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0848DD97-7735-4855-9FFF-1D229C27A011}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AE6B95A5-C89C-4C0A-8B62-72B4D0C5EC04}C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{23EA4A28-2DC5-49F5-9ADA-8760AAB59456}C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe

==================== Restore Points =========================

28-04-2016 12:08:23 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2016 07:07:09 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:08 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:07 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:06 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:04 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:03 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:02 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:01 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:07:00 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.

Error: (05/01/2016 07:06:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3156) TILEREPOSITORYS-1-5-21-3994446418-2107919600-567850472-1001: Database recovery/restore failed with unexpected error -1018.


System errors:
=============
Error: (05/01/2016 06:56:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (05/01/2016 06:56:16 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (05/01/2016 06:55:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WWAN AutoConfig service terminated with the following error:
%%997

Error: (05/01/2016 06:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (05/01/2016 06:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (05/01/2016 06:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (05/01/2016 06:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (05/01/2016 06:29:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/01/2016 06:29:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/01/2016 06:29:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


CodeIntegrity:
===================================
Date: 2016-05-01 18:56:27.530
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-01 18:22:06.806
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-01 18:16:59.002
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-30 20:01:30.395
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-30 19:15:39.913
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-29 09:28:03.875
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-29 09:18:04.621
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-27 17:28:09.975
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-27 08:31:12.476
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-26 15:58:18.677
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 29%
Total physical RAM: 8095.08 MB
Available physical RAM: 5695.6 MB
Total Virtual: 8495.08 MB
Available Virtual: 6128.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:238.25 GB) (Free:41.59 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C28795B3)

Partition: GPT.

==================== End of Addition.txt ============================
 
Thanks for the info. Please create a new user on the machine for testing purposes. You can name it Zenbook2 or Sysnative or really whatever you want. Please make sure the user is an Administrative user. Following are some links with info if you need to know how.
Create a local user account in Windows 1 - Windows Help -
How to Create a New Local User Account in Windows 1


Once signed in with the new administrative user, please check for Windows Updates and let me know if you experience the same thing.

Thanks.
 
With the new user I can check for updates fine. After Windows is finished downloading the update files, Windows tries to install them, but can't. It just says that there was an error installing the updates and to try again. I tried again and it downloads the updates again and tries to install them but cant install them. I get the same error again. It doesn't tell you what the error is. Just that it couldn't install the updates. It's taking about 2-3 hours just to download the updates each time I try.

So I can download them, but not install them.
 
OK. Part of the issue may be a corrupt profile as we are getting a little further. When you check for updates, let me know about five different KB numbers that are listed that need to be installed.
 
This is all that Windows Update says when it's checking for and downloading the update

• Upgrade to Windows 10 Home, version 1511, 10586.

When I go to "details" it says the same thing.
 
Back
Top