Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC was full of Malware


  • Please log in to reply

#1
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Member
  • PipPip
  • 56 posts
My sisters PC was full of Malware.  I ran Malwarebytes, Spybot Search & Destroy, CC Cleaner, and the AntiVirus Eset 4 which is loaded on the PC.  I got the PC working but I would like your help looking for what the programs can't find.
Thank you in advance.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-12-2015
Ran by Lil Miss Cris (administrator) on STUDIOMIXER (14-12-2015 13:33:44)
Running from C:\Users\Lil Miss Cris\Downloads
Loaded Profiles: Lil Miss Cris (Available Profiles: Lil Miss Cris)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2054360 2009-09-11] (ESET)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\Run: [GoogleChromeAutoLaunch_BB610F089656C2493F2F32DE835E4545] => C:\Program Files\Google\Chrome\Application\chrome.exe [741704 2015-12-04] (Google Inc.)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: L - .\Encryption Tool\MaxtorEncryption.exe
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: {0806cf72-219e-11e0-b571-001e901d1ea9} - H:\setupSNK.exe
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: {20684e39-4d9f-11e0-8623-001e901d1ea9} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: {a084ff92-5e61-11e0-91ce-001e901d1ea9} - H:\LaunchU3.exe -a
AppInit_DLLs: c:\progra~1\suppor~1\suppor~1.dll => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk [2015-12-14]
ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files\ESET\MiNODLogin\launcher.exe ()
BootExecute: autocheck autochk /r \??\K:autocheck autochk * sdnclean.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49885;https=127.0.0.1:49885
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:49885;https=127.0.0.1:49885
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7E5FA66A-61AA-4F80-A05B-F1F94AC5CCCB}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.google.com/
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-13] (Oracle Corporation)
Toolbar: HKLM - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001 -> No Name - {4D503352-2D53-4154-00A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001 -> No Name - {4D503352-5636-006A-76A7-7A786E7484D7} -  No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_66-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0066-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_66-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_66\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-13] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> J:\Program Files\Veetle\plugins\npVeetle.dll [No File]
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> J:\Program Files\Veetle\Player\npvlc.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2413653160-3667274055-3905884914-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-12-24] [not signed]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://groovorio.com/?f=1&a=grv_installertech_14_22&cd=2XzuyEtN2Y1L1QzutDtDtC0EzytDtC0DtC0E0AzytC0C0A0DtN0D0Tzu0SzyzzyCtN1L2XzutAtFtBtFtCtFtDtN1L1Czu1N1C2X1V1L1G1B2Z1T1I1I1P1C2Z1P1R1M1VtCyE1VtBtBtN1L1G1B1V1N2Y1L1Qzu2SyEyC0CtDzz0D0CtAtGyBzy0F0FtGyDyC0F0EtGtCyC0DyCtGtByB0F0CyBtCtD0Azy0DtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtAyDyE0DyB0EzztGzzzyyDzztGyEtA0E0CtGzyyCtAzytGyCzzyEtBzzzyyEzz0AyEyB0A2Q&cr=1921466494&ir=
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (registryAccess) - C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojdbdbhbbkpenbmlejjngphokgnp\7.15.1.22764_0\background/registryAccess.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - K:\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Profile: C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-13]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [20680 2009-09-11] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [735960 2009-09-11] (ESET)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] () [File not signed]
R2 Verifies software is compatible; C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [99496 2015-04-20] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dsiarhwprog; C:\Windows\System32\Drivers\dsiarhwprog.sys [29184 2007-02-08] (Thesycon GmbH, Germany)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [116008 2009-09-11] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [108792 2009-09-11] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [135048 2009-09-11] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33096 2009-06-19] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [38240 2009-09-11] (ESET)
R1 netfilter; C:\Windows\System32\drivers\netfilter.sys [47488 2014-07-17] (NetFilterSDK.com) [File not signed]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 netwg311; system32\DRIVERS\netwg311.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 UsbGps; system32\DRIVERS\lgusbgps.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-14 13:33 - 2015-12-14 13:34 - 00016570 ____C C:\Users\Lil Miss Cris\Downloads\FRST.txt
2015-12-14 13:33 - 2015-12-14 13:33 - 00000000 ___DC C:\FRST
2015-12-14 13:31 - 2015-12-14 13:31 - 01720832 ____C (Farbar) C:\Users\Lil Miss Cris\Downloads\FRST.exe
2015-12-14 13:28 - 2015-12-14 13:28 - 00000913 ____C C:\Users\Public\Desktop\Aggiorna ESET license.lnk
2015-12-14 12:37 - 2015-12-14 13:27 - 00000162 ____C C:\Windows\wininit.ini
2015-12-14 09:22 - 2015-12-14 07:55 - 00000052 ____C C:\Windows\system32\Drivers\etc\hosts.20151214-092242.backup
2015-12-14 08:17 - 2015-08-13 06:15 - 00304640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-12-14 08:17 - 2015-08-13 06:15 - 00102912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-12-14 08:17 - 2015-07-21 08:07 - 00140224 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-12-14 08:17 - 2015-07-21 08:07 - 00056256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-12-14 08:17 - 2015-07-21 08:03 - 00010752 ____C (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-12-14 08:16 - 2015-09-02 13:26 - 01402368 ____C (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-12-14 08:16 - 2015-09-02 13:26 - 01253376 ____C (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-12-14 08:16 - 2015-07-21 08:03 - 00564224 ____C (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-12-14 08:15 - 2015-07-31 11:27 - 00103120 ____C (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-14 08:13 - 2015-11-06 09:05 - 00627712 ____C (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 01029120 ____C (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 00219648 ____C (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 00189952 ____C (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 00160768 ____C (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-14 08:13 - 2015-11-06 07:27 - 01172480 ____C (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-14 08:13 - 2015-11-06 07:26 - 00486400 ____C (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-14 08:13 - 2015-11-06 07:24 - 02068480 ____C (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-14 08:13 - 2015-11-06 07:20 - 01073152 ____C (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-14 08:13 - 2015-11-06 07:20 - 00682496 ____C (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-14 08:13 - 2015-11-06 07:19 - 00802304 ____C (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-14 08:13 - 2015-07-10 11:37 - 02067968 ____C (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-12-14 08:12 - 2015-10-13 06:31 - 00273408 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-12-14 08:12 - 2015-10-13 06:31 - 00072192 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-12-14 08:11 - 2015-11-02 09:04 - 00179200 ____C (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-14 08:10 - 2015-10-17 08:01 - 00501248 ____C (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-14 08:09 - 2015-07-18 08:03 - 00068608 ____C (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00901264 ____C (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00066400 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00022368 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00019808 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00017760 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00017760 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00016224 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00015712 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00015200 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00014176 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00014176 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00013664 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00013664 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00013664 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011104 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011104 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-12-14 08:07 - 2015-09-02 13:26 - 00034304 ____C (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-12-14 08:07 - 2015-09-02 11:54 - 00297472 ____C (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-12-14 08:07 - 2015-08-05 07:59 - 00602112 ____C (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-12-14 08:06 - 2015-10-14 12:22 - 01206192 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-14 08:06 - 2015-10-14 08:01 - 03606464 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-12-14 08:06 - 2015-10-14 08:01 - 03554752 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-14 08:06 - 2015-07-28 16:46 - 11588096 ____C (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-12-14 08:06 - 2015-07-21 08:03 - 00049664 ____C (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-12-14 08:05 - 2015-11-04 23:26 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-14 08:03 - 2015-10-10 08:02 - 00526272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-12-14 08:03 - 2015-07-09 06:25 - 00151040 ____C (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-12-14 08:03 - 2015-07-09 06:25 - 00151040 ____C (Microsoft Corporation) C:\Windows\notepad.exe
2015-12-14 08:03 - 2015-07-01 07:57 - 00199680 ____C (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-12-14 08:02 - 2015-11-10 09:03 - 01208832 ____C (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-14 08:02 - 2015-11-10 09:03 - 00488448 ____C (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-14 08:01 - 2015-11-04 23:34 - 00113664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-14 08:00 - 2015-09-26 08:05 - 00281600 ____C (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-14 08:00 - 2015-09-26 08:04 - 00206336 ____C (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-12-14 08:00 - 2015-09-26 05:21 - 00274432 ____C (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-12-14 08:00 - 2015-09-22 05:11 - 00440768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-12-14 07:56 - 2015-12-14 07:56 - 00000000 ___DC C:\Users\Lil Miss Cris\Documents\My eBooks
2015-12-14 06:47 - 2015-11-12 12:39 - 01814528 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-14 06:47 - 2015-11-12 12:37 - 12389376 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-14 06:47 - 2015-11-12 12:36 - 00367616 ____C (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-14 06:47 - 2015-11-12 12:34 - 09753088 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-14 06:47 - 2015-11-12 12:34 - 01140224 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-14 06:47 - 2015-11-12 12:33 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 01804288 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-14 06:47 - 2015-11-12 12:32 - 00718848 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00424448 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-14 06:47 - 2015-11-12 12:32 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00041472 ____C (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00011776 ____C (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-14 06:47 - 2015-11-12 12:31 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-14 06:47 - 2015-11-12 12:31 - 00353792 ____C (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00223232 ____C (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00010752 ____C (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-14 03:04 - 2015-07-03 08:04 - 01316864 ____C (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-12-14 03:03 - 2015-06-17 08:50 - 02264576 ____C (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-12-14 03:03 - 2015-06-17 07:09 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-12-14 03:03 - 2015-06-12 08:01 - 00298496 ____C (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-12-14 03:03 - 2015-04-24 07:54 - 00532480 ____C (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-12-14 03:02 - 2015-06-27 08:03 - 00783872 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-12-14 03:02 - 2015-06-27 08:02 - 00218112 ____C (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-12-14 03:02 - 2015-06-27 08:01 - 00801280 ____C (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-12-14 03:02 - 2015-06-27 06:21 - 00217088 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-12-14 03:02 - 2015-06-27 06:21 - 00081408 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-12-14 03:02 - 2015-05-31 00:11 - 00225792 ____C (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-12-14 03:02 - 2015-01-08 16:17 - 00107008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-12-14 03:01 - 2015-05-08 15:08 - 00894464 ____C (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-12-14 03:00 - 2015-05-04 14:51 - 10628608 ____C (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-12-14 03:00 - 2015-05-04 14:50 - 00007680 ____C (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-12-14 03:00 - 2015-05-04 14:50 - 00004096 ____C (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-12-14 03:00 - 2015-05-04 14:50 - 00004096 ____C (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-12-14 03:00 - 2015-05-04 13:21 - 08147456 ____C (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-12-14 00:02 - 2012-05-04 18:29 - 00772504 ____C (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-12-14 00:02 - 2012-05-04 18:29 - 00687504 ____C (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-12-14 00:00 - 2015-12-14 00:00 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Roaming\Sun
2015-12-14 00:00 - 2015-12-14 00:00 - 00000000 ___DC C:\Users\Lil Miss Cris\.oracle_jre_usage
2015-12-14 00:00 - 2015-12-14 00:00 - 00000000 ___DC C:\Program Files\Common Files\Java
2015-12-13 23:59 - 2015-12-13 23:59 - 00278624 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-12-13 23:59 - 2015-12-13 23:59 - 00095840 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-12-13 23:59 - 2015-12-13 23:59 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-13 23:58 - 2015-12-14 00:03 - 00000000 ___DC C:\ProgramData\Oracle
2015-12-13 23:28 - 2015-12-13 23:28 - 00000000 ___DC C:\Program Files\Common Files\AV
2015-12-13 23:28 - 2015-07-28 17:52 - 00821920 ____C (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-13 21:52 - 2015-12-13 21:53 - 06801752 ____C (Piriform Ltd) C:\Users\Lil Miss Cris\Downloads\cccsetup512.exe
2015-12-13 21:34 - 2015-12-14 13:27 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2015-12-13 21:33 - 2015-12-14 13:27 - 00000000 ___DC C:\Program Files\Spybot - Search & Destroy 2
2015-12-13 21:32 - 2015-12-13 21:12 - 46525608 ____C (Safer-Networking Ltd. ) C:\Users\Lil Miss Cris\Downloads\spy-2.4.exe
2015-12-13 21:32 - 2015-12-13 21:06 - 22908888 ____C (Malwarebytes ) C:\Users\Lil Miss Cris\Downloads\bam-setup-2.2.0.1024 (1).exe
2015-12-13 21:32 - 2015-12-13 20:56 - 04759456 ____C (LionSea Software co., ltd ) C:\Users\Lil Miss Cris\Downloads\kbsetup.exe
2015-12-13 19:42 - 2015-12-13 19:55 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Roaming\uTorrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-14 13:33 - 2006-11-02 03:18 - 00000000 ___DC C:\Windows
2015-12-14 13:30 - 2010-01-13 16:05 - 00000414 ___HC C:\Windows\Tasks\User_Feed_Synchronization-{A8A0AF40-97F1-4991-8E48-D5E60E12942B}.job
2015-12-14 13:30 - 2008-09-28 20:19 - 00000424 ___HC C:\Windows\Tasks\User_Feed_Synchronization-{52BAFC85-B3A5-4F27-849C-72DB237A68CA}.job
2015-12-14 13:29 - 2015-01-15 18:46 - 00000000 ___DC C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-12-14 13:29 - 2015-01-15 18:46 - 00000000 ___DC C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-12-14 13:28 - 2011-12-22 17:28 - 00000000 ___DC C:\Program Files\ESET
2015-12-14 13:27 - 2006-11-02 02:33 - 00006580 ____C C:\Windows\system32\PerfStringBackup.INI
2015-12-14 13:26 - 2006-11-02 04:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 13:26 - 2006-11-02 04:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 13:25 - 2006-11-02 03:18 - 00000000 ___DC C:\Windows\inf
2015-12-14 13:24 - 2011-10-30 17:29 - 00000886 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 13:22 - 2013-12-23 08:08 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 11:37 - 2014-11-15 15:44 - 00000000 ___DC C:\Program Files\Windows Live
2015-12-14 11:27 - 2011-12-06 18:30 - 00065536 ____C C:\Windows\system32\Ikeext.etl
2015-12-14 11:27 - 2011-10-30 17:29 - 00000882 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 11:27 - 2009-12-25 01:08 - 00080208 ____C C:\Users\Lil Miss Cris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-14 11:27 - 2006-11-02 04:47 - 00320288 ____C C:\Windows\system32\FNTCACHE.DAT
2015-12-14 11:26 - 2014-04-12 18:56 - 00000456 ____C C:\Windows\Tasks\istcleaner Task.job
2015-12-14 11:26 - 2006-11-02 05:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-12-14 11:21 - 2006-11-02 05:01 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-14 11:16 - 2008-09-28 17:16 - 00000000 ___DC C:\Program Files\Adobe
2015-12-14 11:15 - 2008-09-28 19:29 - 00000000 ___DC C:\Program Files\Common Files\Adobe
2015-12-14 11:15 - 2008-09-28 17:17 - 00000000 ___DC C:\Users\Public\Documents\Adobe PDF 6.0
2015-12-14 11:12 - 2011-03-12 04:55 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Local\MigWiz
2015-12-14 11:12 - 2008-09-28 09:48 - 00000000 ___DC C:\Windows\Panther
2015-12-14 09:10 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache
2015-12-14 08:36 - 2011-10-05 18:57 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2015-12-14 08:34 - 2006-11-02 04:37 - 00000000 ___DC C:\Windows\system32\XPSViewer
2015-12-14 08:33 - 2006-11-02 04:37 - 00000000 ___DC C:\Program Files\Windows Journal
2015-12-14 08:14 - 2011-10-05 18:57 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-14 08:00 - 2013-09-15 07:50 - 00000000 ___DC C:\Windows\system32\MRT
2015-12-14 07:51 - 2013-12-23 08:15 - 00002425 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-12-14 00:22 - 2013-03-01 20:29 - 00796864 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-14 00:22 - 2011-06-11 21:08 - 00142528 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-14 00:04 - 2011-01-02 20:18 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Local\Adobe
2015-12-14 00:00 - 2009-12-25 01:08 - 00000000 ___DC C:\Users\Lil Miss Cris
2015-12-13 23:58 - 2010-03-22 05:17 - 00000000 ___DC C:\Program Files\Java
2015-12-13 23:21 - 2014-12-19 17:55 - 00000000 ___DC C:\ProgramData\DigiCoupon
2015-12-13 23:21 - 2013-03-25 15:08 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\LocalLow\Delta
2015-12-13 23:21 - 2013-03-25 09:06 - 00000000 ___DC C:\ProgramData\APN
2015-12-13 22:17 - 2015-01-25 13:36 - 00000000 ___DC C:\Program Files\Chrome Virtual Keyboard
2015-12-13 22:17 - 2015-01-25 13:35 - 00000000 ___DC C:\Program Files\FFindBestDieal
2015-12-13 22:17 - 2015-01-25 13:16 - 00000000 ___DC C:\Program Files\CoupExtenSIonn
2015-12-13 22:17 - 2015-01-25 13:16 - 00000000 ___DC C:\Program Files\AAlLCheApProIce
2015-12-13 22:17 - 2014-06-25 16:16 - 00000000 ___DC C:\ProgramData\ReguularDeals
2015-12-13 22:17 - 2013-12-23 08:17 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Local\genienext
2015-12-13 22:17 - 2013-11-23 16:53 - 00000000 ___DC C:\temp
2015-12-13 22:17 - 2011-12-24 16:59 - 00000000 ___DC C:\Program Files\TNod-1.4.1-Final-Portable
2015-12-13 21:56 - 2011-12-16 17:00 - 00000000 ___DC C:\ProgramData\Malwarebytes
2015-12-13 20:52 - 2012-01-01 22:19 - 00000000 ___DC C:\Program Files\Datel
2015-12-13 17:45 - 2006-11-02 03:18 - 00000000 __HDC C:\Windows\tracing
2015-12-13 14:53 - 2015-01-15 18:50 - 00000112 ____C C:\ProgramData\PE3J0AQP0.dat
2015-12-02 13:25 - 2009-10-02 12:55 - 00247976 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-23 19:09 - 2006-11-02 02:24 - 137798368 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
 
==================== Files in the root of some directories =======
 
2015-02-09 17:39 - 2015-08-02 19:28 - 0000020 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\appdataFr3.bin
2014-04-12 19:16 - 2014-04-12 19:17 - 0001196 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\aps.scan.quick.results
2014-04-12 19:16 - 2014-04-12 19:16 - 0000000 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\aps.scan.results
2014-04-12 19:04 - 2014-04-12 19:17 - 0000316 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\aps.uninstall.scan.results
2014-09-01 00:18 - 2014-09-01 00:18 - 0002086 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\MYQ
2014-09-01 00:18 - 2014-09-01 00:18 - 0001248 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\UQYTJJ
2014-04-19 10:16 - 2015-05-26 16:16 - 0000105 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\WB.CFG
2014-09-01 00:18 - 2014-09-01 00:18 - 0002086 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\XLBN
2014-09-01 00:18 - 2014-09-01 00:18 - 0001248 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\ZPJMJ
2014-11-17 21:04 - 2014-11-17 21:41 - 0000680 ____C () C:\Users\Lil Miss Cris\AppData\Local\d3d9caps.dat
2010-02-14 09:20 - 2014-09-28 16:13 - 0057856 ___HC () C:\Users\Lil Miss Cris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-07 21:16 - 2015-01-07 21:16 - 0937071 ____C (                                                            ) C:\Users\Lil Miss Cris\AppData\Local\setup_v1582505.exe
2011-12-04 02:01 - 2011-12-04 02:01 - 0000000 ____C () C:\Users\Lil Miss Cris\AppData\Local\{102DD751-A98C-4407-88AC-2E5F7DF905EE}
2011-12-24 16:34 - 2014-04-12 19:32 - 0053879 ____C () C:\ProgramData\nvModes.001
2013-02-10 15:04 - 2014-04-12 19:32 - 0053879 ____C () C:\ProgramData\nvModes.dat
2015-01-15 18:50 - 2015-12-13 14:53 - 0000112 ____C () C:\ProgramData\PE3J0AQP0.dat
2014-11-17 21:20 - 2014-11-17 21:20 - 0001779 ____C () C:\ProgramData\tempimage.bmp
 
Files to move or delete:
====================
C:\ProgramData\PE3J0AQP0.dat
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-14 12:01
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-12-2015
Ran by Lil Miss Cris (2015-12-14 13:34:27)
Running from C:\Users\Lil Miss Cris\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-09-28 16:55:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2413653160-3667274055-3905884914-500 - Administrator - Disabled)
Guest (S-1-5-21-2413653160-3667274055-3905884914-501 - Limited - Enabled)
Lil Miss Cris (S-1-5-21-2413653160-3667274055-3905884914-1001 - Administrator - Enabled) => C:\Users\Lil Miss Cris
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Smart Security 4.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
AS: ESET Smart Security 4.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: ESET Personal firewall (Enabled) {F3340042-195E-BB41-42D1-CDB495BB46DE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Antivirus License Finder (MiNODLogin) (HKLM\...\MiNODLogin) (Version: 4.0.2.66 - GuillerSoft)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
14-12-2015 11:13:59 Removed Adobe Acrobat 6.0 Professional
14-12-2015 11:16:22 Removed Adobe AIR
14-12-2015 11:16:49 Removed Java™ SE Runtime Environment 6 Update 1
14-12-2015 11:17:23 Removed Java™ SE Runtime Environment 6 Update 1
14-12-2015 11:17:43 Removed JavaFX 2.1.1
14-12-2015 11:19:17 Removed MP3 Rocket Toolbar
14-12-2015 11:19:54 Removed PVSonyDll.
14-12-2015 11:20:42 Removed VC80CRTRedist - 8.0.50727.762
14-12-2015 11:34:33 Removed Java™ SE Runtime Environment 6 Update 1
14-12-2015 11:35:16 Removed Windows Mobile Device Updater Component
14-12-2015 11:36:12 Removed Security Update for CAPICOM (KB931906)
14-12-2015 11:36:58 Removed Windows Live Mesh ActiveX Control for Remote Connections
14-12-2015 11:38:26 Removed Java™ SE Runtime Environment 6 Update 1
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 02:23 - 2015-12-14 09:22 - 00899950 ___RC C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123simsen.com
 
There are 15463 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {11522B98-C7E8-43CE-B38D-696B2A378771} - System32\Tasks\istcleaner Task => C:\Users\Lil Miss Cris\AppData\Roaming\UpdateServ\ISTCleaner.exe
Task: {12B35CB6-A54F-4305-9713-71325ABCD769} - \MySearchDial -> No File <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {29050A32-F07C-4854-9BD0-8E3DAE0731BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2F1E3884-72F5-40C2-A6F4-9248A41F8640} - System32\Tasks\{2B75FE0D-8CBA-4EB2-AB2D-79DB404BF3B2} => pcalua.exe -a K:\Software\wg311v2_v2_0_0_7\1.2B6\Setup.exe -d K:\Software\wg311v2_v2_0_0_7\1.2B6
Task: {40A0D466-B37E-43A9-9201-3A4ADF1CCCAF} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe
Task: {5FC6D63E-F2E0-45F8-A631-6AC020EF2AD9} - \APSnotifierPP3 -> No File <==== ATTENTION
Task: {670D0563-8371-4116-BA3A-495584CE796C} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {8802479F-624C-4751-A9B6-E16DB7A602AF} - System32\Tasks\{DA40C9A5-B06C-4E53-9271-99694B7974A8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.3.0.108.260&amp;LastError=2
Task: {8A45397E-68B2-42CA-B04F-63C274664F92} - System32\Tasks\{15210CA6-7380-4AA8-BC9A-FD747368C06B} => pcalua.exe -a F:\installers\Zuma_mj.exe -d F:\installers
Task: {8CF4A65C-6715-4472-98FA-FF3AF4EF3B1A} - System32\Tasks\{D68CEDA4-D515-4AB2-9543-97D6273B2571} => pcalua.exe -a F:\installers\Insaniquarium_mj.exe -d F:\installers
Task: {8F7D8917-6356-4073-877E-812B307A5FF3} - System32\Tasks\{7ADE34A4-2249-4D22-955D-8133E6F5B887} => pcalua.exe -a F:\setup.exe -d F:\
Task: {93EF11A3-2E2D-49F0-B82D-E4F06A69CC6F} - System32\Tasks\{8C234EE3-BC51-4E00-9B59-7955F2BE2E0A} => pcalua.exe -a F:\installers\Bookworm_mj.exe -d F:\installers
Task: {99CE30AD-5E52-481C-807C-FC7794983451} - System32\Tasks\{535DD105-5212-45BD-9A59-680A6E349073} => pcalua.exe -a F:\installers\Bejeweled2_mj.exe -d F:\installers
Task: {A8D7EAE6-8C25-4792-95C4-9178C64A4644} - System32\Tasks\{44A4D073-38D2-4AD0-949B-A63C5DFDA889} => pcalua.exe -a "C:\Program Files\PopCap Games\TipTop Deluxe\PopUninstall.exe" -c C:\Program Files\PopCap Games\TipTop Deluxe\Install.log
Task: {B1C9CC6F-A9F7-4D82-879E-5C18A1A4E674} - System32\Tasks\{0A793A8B-4CB2-4857-B82C-080355E3CF58} => pcalua.exe -a F:\installers\Chuzzle_mj.exe -d F:\installers
Task: {B4427E05-D3E3-49F6-8B8B-5BA0E10B4CED} - \APSnotifierPP2 -> No File <==== ATTENTION
Task: {B9944F29-A5AF-4B7E-A363-5445D411306D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C5188329-A27B-455A-BF35-BF0281A1976B} - System32\Tasks\{EA16E77E-EA3F-4944-8508-B88585C72C6D} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {CA8DCA6B-8B6D-47F9-A0B2-9AA876591397} - \APSnotifierPP1 -> No File <==== ATTENTION
Task: {CD8A0F75-487B-4264-A90B-B97B811027F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-13] (Google Inc.)
Task: {E37E0711-AD5F-4F28-BA0C-B2FAB3D92F8B} - System32\Tasks\{A16D459E-ABA3-4788-8F68-77523640B52D} => pcalua.exe -a "C:\Program Files\PopCap Games\Seven Seas Deluxe\PopUninstall.exe" -c C:\Program Files\PopCap Games\Seven Seas Deluxe\Install.log
Task: {E851D857-500A-47CE-B53F-60327981AB9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-13] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\istcleaner Task.job => C:\Users\Lil Miss Cris\AppData\Roaming\UpdateServ\ISTCleaner.exe
Task: C:\Windows\Tasks\MYQ.job => C:\Users\Lil Miss Cris\AppData\Roaming\MYQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\UQYTJJ.job => C:\Users\Lil Miss Cris\AppData\Roaming\UQYTJJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\User_Feed_Synchronization-{52BAFC85-B3A5-4F27-849C-72DB237A68CA}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A8A0AF40-97F1-4991-8E48-D5E60E12942B}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\XLBN.job => C:\Users\Lil Miss Cris\AppData\Roaming\XLBN.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZPJMJ.job => C:\Users\Lil Miss Cris\AppData\Roaming\ZPJMJ.exe <==== ATTENTION
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2008-09-28 16:01 - 2007-09-20 17:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2015-12-13 21:34 - 2014-05-13 12:04 - 00109400 ____C () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-13 21:34 - 2014-05-13 12:04 - 00416600 ____C () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-15 18:46 - 2015-04-20 19:52 - 00099496 ____C () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
2015-01-15 18:46 - 2015-04-20 19:48 - 51332776 ____C () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
2015-01-15 18:46 - 2015-01-07 22:22 - 00985768 ____C () C:\Users\Default\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7866 more sites.
 
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-se.com -> 1-se.com
 
There are 11702 more sites.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\Control Panel\Desktop\\Wallpaper -> K:\pictures\Summer 2012\P6.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IJPLMSVC => 3
MSCONFIG\Services: MediaDevSrv => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Update BrowseMark => 2
MSCONFIG\Services: WinDevSrv => 2
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: iTunesHelper => "J:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{5FF15FC5-7F47-453C-B7B6-2A056319CF50}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{52E49E8D-03E2-4CD7-A9DA-3BBC342F3CEF}] => (Allow) LPort=2869
FirewallRules: [{055E99E1-87A1-4AA4-860C-78227057D94B}] => (Allow) LPort=1900
FirewallRules: [{9EB33631-499E-4662-8816-83152F946F47}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{65EBAB5D-13CE-4F61-AD86-6A62919932FE}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{AB955825-A96D-4530-B7D2-3CFE541A2CBC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{22BC919D-7CC1-4965-811B-ECD23854106F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/14/2015 01:27:53 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8
 
Error: (12/14/2015 01:27:53 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16
 
Error: (12/14/2015 12:34:51 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume e:\ are not active. 
 
Context: Windows Application
 
Details:
The device is not ready.   (0x80070015)
 
Error: (12/14/2015 11:37:55 AM) (Source: MsiInstaller) (EventID: 11706) (User: Studiomixer)
Description: Product: Java™ SE Runtime Environment 6 Update 1 -- Error 1706.No valid source could be found for product Java™ SE Runtime Environment 6 Update 1.  The Windows Installer cannot continue.
 
Error: (12/14/2015 11:34:45 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8
 
Error: (12/14/2015 11:34:45 AM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16
 
Error: (12/14/2015 11:27:57 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 11:27:57 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 11:27:57 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 11:27:57 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (12/14/2015 11:27:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
 
Error: (12/14/2015 11:01:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
 
Error: (12/14/2015 08:43:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80242016Security Update for Windows Vista (KB3073921){1080FCD8-DC0D-40B1-ACC1-191E90D5DB6C}202
 
Error: (12/14/2015 08:39:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
 
Error: (12/14/2015 08:33:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Windows Update
 
Error: (12/14/2015 07:51:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
 
Error: (12/14/2015 07:51:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search
 
Error: (12/14/2015 07:51:05 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (12/14/2015 03:25:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
 
Error: (12/13/2015 11:50:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
 
CodeIntegrity:
===================================
  Date: 2015-12-14 13:14:51.836
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:49.918
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:47.999
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:46.111
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:44.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:42.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:49.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:47.124
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:45.236
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:43.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ 8400 Triple-Core Processor
Percentage of memory in use: 60%
Total physical RAM: 2941.76 MB
Available physical RAM: 1171.7 MB
Total Virtual: 6106.02 MB
Available Virtual: 4344.78 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:48.83 GB) (Free:7.92 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:10.95 GB) (Free:5.17 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Vault) (Fixed) (Total:238.31 GB) (Free:238.18 GB) NTFS
Drive g: () (Removable) (Total:60.48 GB) (Free:60.12 GB) exFAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 7D826B35)
Partition 1: (Active) - (Size=10.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=287.1 GB) - (Type=OF Extended)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 60.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=60.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  
 
 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
 
Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

  • 0

#3
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
I ran ADWCleaner before I noticed the top of the post about the text file.  Sorry I was rushing it.  So the log below is after the running ADWClean, but with the text file downloaded.
 
Fix result of Farbar Recovery Scan Tool (x86) Version:14-12-2015
Ran by Lil Miss Cris (2015-12-14 16:47:09) Run:1
Running from C:\Users\Lil Miss Cris\Downloads
Loaded Profiles: Lil Miss Cris (Available Profiles: Lil Miss Cris)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49885;https=127.0.0.1:49885
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:49885;https=127.0.0.1:49885
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
Toolbar: HKLM - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001 -> No Name - {4D503352-2D53-4154-00A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001 -> No Name - {4D503352-5636-006A-76A7-7A786E7484D7} -  No File
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> J:\Program Files\Veetle\plugins\npVeetle.dll [No File]
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> J:\Program Files\Veetle\Player\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-2413653160-3667274055-3905884914-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
CHR HomePage: Default -> hxxp://groovorio.com/?f=1&a=grv_installertech_14_22&cd=2XzuyEtN2Y1L1QzutDtDtC0EzytDtC0DtC0E0AzytC0C0A0DtN0D0Tzu0SzyzzyCtN1L2XzutAtFtBtFtCtFtDtN1L1Czu1N1C2X1V1L1G1B2Z1T1I1I1P1C2Z1P1R1M1VtCyE1VtBtBtN1L1G1B1V1N2Y1L1Qzu2SyEyC0CtDzz0D0CtAtGyBzy0F0FtGyDyC0F0EtGtCyC0DyCtGtByB0F0CyBtCtD0Azy0DtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtAyDyE0DyB0EzztGzzzyyDzztGyEtA0E0CtGzyyCtAzytGyCzzyEtBzzzyyEzz0AyEyB0A2Q&cr=1921466494&ir=
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (registryAccess) - C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojdbdbhbbkpenbmlejjngphokgnp\7.15.1.22764_0\background/registryAccess.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (iTunes Application Detector) - K:\iTunes\Mozilla Plugins\npitunes.dll => No File
R2 Verifies software is compatible; C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [99496 2015-04-20] () [File not signed]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 netwg311; system32\DRIVERS\netwg311.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 UsbGps; system32\DRIVERS\lgusbgps.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
2014-09-01 00:18 - 2014-09-01 00:18 - 0002086 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\MYQ
2014-09-01 00:18 - 2014-09-01 00:18 - 0001248 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\UQYTJJ
2014-04-19 10:16 - 2015-05-26 16:16 - 0000105 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\WB.CFG
2014-09-01 00:18 - 2014-09-01 00:18 - 0002086 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\XLBN
2014-09-01 00:18 - 2014-09-01 00:18 - 0001248 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\ZPJMJ 
2015-01-07 21:16 - 2015-01-07 21:16 - 0937071 ____C (                                                            ) C:\Users\Lil Miss Cris\AppData\Local\setup_v1582505.exe
2015-01-15 18:50 - 2015-12-13 14:53 - 0000112 ____C () C:\ProgramData\PE3J0AQP0.dat
Task: {11522B98-C7E8-43CE-B38D-696B2A378771} - System32\Tasks\istcleaner Task => C:\Users\Lil Miss Cris\AppData\Roaming\UpdateServ\ISTCleaner.exe
Task: {12B35CB6-A54F-4305-9713-71325ABCD769} - \MySearchDial -> No File <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2F1E3884-72F5-40C2-A6F4-9248A41F8640} - System32\Tasks\{2B75FE0D-8CBA-4EB2-AB2D-79DB404BF3B2} => pcalua.exe -a K:\Software\wg311v2_v2_0_0_7\1.2B6\Setup.exe -d K:\Software\wg311v2_v2_0_0_7\1.2B6
Task: {5FC6D63E-F2E0-45F8-A631-6AC020EF2AD9} - \APSnotifierPP3 -> No File <==== ATTENTION
Task: {8A45397E-68B2-42CA-B04F-63C274664F92} - System32\Tasks\{15210CA6-7380-4AA8-BC9A-FD747368C06B} => pcalua.exe -a F:\installers\Zuma_mj.exe -d F:\installers
Task: {8CF4A65C-6715-4472-98FA-FF3AF4EF3B1A} - System32\Tasks\{D68CEDA4-D515-4AB2-9543-97D6273B2571} => pcalua.exe -a F:\installers\Insaniquarium_mj.exe -d F:\installers
Task: {8F7D8917-6356-4073-877E-812B307A5FF3} - System32\Tasks\{7ADE34A4-2249-4D22-955D-8133E6F5B887} => pcalua.exe -a F:\setup.exe -d F:\
Task: {93EF11A3-2E2D-49F0-B82D-E4F06A69CC6F} - System32\Tasks\{8C234EE3-BC51-4E00-9B59-7955F2BE2E0A} => pcalua.exe -a F:\installers\Bookworm_mj.exe -d F:\installers
Task: {99CE30AD-5E52-481C-807C-FC7794983451} - System32\Tasks\{535DD105-5212-45BD-9A59-680A6E349073} => pcalua.exe -a F:\installers\Bejeweled2_mj.exe -d F:\installers
Task: {B1C9CC6F-A9F7-4D82-879E-5C18A1A4E674} - System32\Tasks\{0A793A8B-4CB2-4857-B82C-080355E3CF58} => pcalua.exe -a F:\installers\Chuzzle_mj.exe -d F:\installers
Task: {B4427E05-D3E3-49F6-8B8B-5BA0E10B4CED} - \APSnotifierPP2 -> No File <==== ATTENTION
Task: {CA8DCA6B-8B6D-47F9-A0B2-9AA876591397} - \APSnotifierPP1 -> No File <==== ATTENTION
Task: C:\Windows\Tasks\istcleaner Task.job => C:\Users\Lil Miss Cris\AppData\Roaming\UpdateServ\ISTCleaner.exe
Task: C:\Windows\Tasks\MYQ.job => C:\Users\Lil Miss Cris\AppData\Roaming\MYQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\UQYTJJ.job => C:\Users\Lil Miss Cris\AppData\Roaming\UQYTJJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\XLBN.job => C:\Users\Lil Miss Cris\AppData\Roaming\XLBN.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZPJMJ.job => C:\Users\Lil Miss Cris\AppData\Roaming\ZPJMJ.exe <==== ATTENTION
C:\Users\Default\AppData\Roaming\Compatibility Verifier\
EmptyTemp:
 
 
 
 
 
*****************
 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value not found.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found. 
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4D503352-2D53-4154-00A7-7A786E7484D7} => value removed successfully.
HKCR\CLSID\{4D503352-2D53-4154-00A7-7A786E7484D7} => key not found. 
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4D503352-5636-006A-76A7-7A786E7484D7} => value removed successfully.
HKCR\CLSID\{4D503352-5636-006A-76A7-7A786E7484D7} => key not found. 
"HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18" => key removed successfully.
"HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18" => key removed successfully.
"HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1" => key removed successfully.
C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll => not found.
Chrome HomePage => not found.
C:\Program Files\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files\Google\Chrome\Application\47.0.2526.80\pdf.dll => not found.
C:\Program Files\Google\Chrome\Application\47.0.2526.80\gcswf32.dll => not found.
C:\Windows\system32\Macromed\Flash\NPSWF32.dll => not found.
C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojdbdbhbbkpenbmlejjngphokgnp\7.15.1.22764_0\background/registryAccess.dll => not found.
C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Browser\nppdf32.dll => not found.
C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => not found.
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => not found.
C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => not found.
C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => not found.
K:\iTunes\Mozilla Plugins\npitunes.dll => not found.
Verifies software is compatible => Unable to stop service.
Verifies software is compatible => service removed successfully.
HTCAND32 => service removed successfully.
IpInIp => service removed successfully.
netwg311 => service removed successfully.
NwlnkFlt => service removed successfully.
NwlnkFwd => service removed successfully.
usbbus => service removed successfully.
UsbDiag => service removed successfully.
UsbGps => service removed successfully.
USBModem => service removed successfully.
C:\Users\Lil Miss Cris\AppData\Roaming\MYQ => moved successfully
C:\Users\Lil Miss Cris\AppData\Roaming\UQYTJJ => moved successfully
C:\Users\Lil Miss Cris\AppData\Roaming\WB.CFG => moved successfully
C:\Users\Lil Miss Cris\AppData\Roaming\XLBN => moved successfully
C:\Users\Lil Miss Cris\AppData\Roaming\ZPJMJ => moved successfully
C:\Users\Lil Miss Cris\AppData\Local\setup_v1582505.exe => moved successfully
C:\ProgramData\PE3J0AQP0.dat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11522B98-C7E8-43CE-B38D-696B2A378771}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11522B98-C7E8-43CE-B38D-696B2A378771}" => key removed successfully.
C:\Windows\System32\Tasks\istcleaner Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\istcleaner Task" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12B35CB6-A54F-4305-9713-71325ABCD769}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12B35CB6-A54F-4305-9713-71325ABCD769}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1CC81347-6204-4B83-900C-01E02F50F067}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CC81347-6204-4B83-900C-01E02F50F067}" => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC\TMM => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\TMM" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F1E3884-72F5-40C2-A6F4-9248A41F8640}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F1E3884-72F5-40C2-A6F4-9248A41F8640}" => key removed successfully.
C:\Windows\System32\Tasks\{2B75FE0D-8CBA-4EB2-AB2D-79DB404BF3B2} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2B75FE0D-8CBA-4EB2-AB2D-79DB404BF3B2}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FC6D63E-F2E0-45F8-A631-6AC020EF2AD9}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FC6D63E-F2E0-45F8-A631-6AC020EF2AD9}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A45397E-68B2-42CA-B04F-63C274664F92}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A45397E-68B2-42CA-B04F-63C274664F92}" => key removed successfully.
C:\Windows\System32\Tasks\{15210CA6-7380-4AA8-BC9A-FD747368C06B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{15210CA6-7380-4AA8-BC9A-FD747368C06B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CF4A65C-6715-4472-98FA-FF3AF4EF3B1A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CF4A65C-6715-4472-98FA-FF3AF4EF3B1A}" => key removed successfully.
C:\Windows\System32\Tasks\{D68CEDA4-D515-4AB2-9543-97D6273B2571} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D68CEDA4-D515-4AB2-9543-97D6273B2571}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F7D8917-6356-4073-877E-812B307A5FF3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F7D8917-6356-4073-877E-812B307A5FF3}" => key removed successfully.
C:\Windows\System32\Tasks\{7ADE34A4-2249-4D22-955D-8133E6F5B887} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7ADE34A4-2249-4D22-955D-8133E6F5B887}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93EF11A3-2E2D-49F0-B82D-E4F06A69CC6F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93EF11A3-2E2D-49F0-B82D-E4F06A69CC6F}" => key removed successfully.
C:\Windows\System32\Tasks\{8C234EE3-BC51-4E00-9B59-7955F2BE2E0A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8C234EE3-BC51-4E00-9B59-7955F2BE2E0A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99CE30AD-5E52-481C-807C-FC7794983451}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99CE30AD-5E52-481C-807C-FC7794983451}" => key removed successfully.
C:\Windows\System32\Tasks\{535DD105-5212-45BD-9A59-680A6E349073} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{535DD105-5212-45BD-9A59-680A6E349073}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1C9CC6F-A9F7-4D82-879E-5C18A1A4E674}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1C9CC6F-A9F7-4D82-879E-5C18A1A4E674}" => key removed successfully.
C:\Windows\System32\Tasks\{0A793A8B-4CB2-4857-B82C-080355E3CF58} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0A793A8B-4CB2-4857-B82C-080355E3CF58}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4427E05-D3E3-49F6-8B8B-5BA0E10B4CED}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4427E05-D3E3-49F6-8B8B-5BA0E10B4CED}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA8DCA6B-8B6D-47F9-A0B2-9AA876591397}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA8DCA6B-8B6D-47F9-A0B2-9AA876591397}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => key not found. 
C:\Windows\Tasks\istcleaner Task.job => moved successfully
C:\Windows\Tasks\MYQ.job => moved successfully
C:\Windows\Tasks\UQYTJJ.job => moved successfully
C:\Windows\Tasks\XLBN.job => moved successfully
C:\Windows\Tasks\ZPJMJ.job => moved successfully
 
"C:\Users\Default\AppData\Roaming\Compatibility Verifier" folder move:
 
Could not move "C:\Users\Default\AppData\Roaming\Compatibility Verifier" => Scheduled to move on reboot.
 
EmptyTemp: => 143.7 MB temporary data Removed.
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-12-14 16:48:58)
 
C:\Users\Default\AppData\Roaming\Compatibility Verifier => is moved successfully
 
==== End of Fixlog 16:48:58 ====
 
This is the log from running ADWCleaner. It was created before the log posted right above.
 
# AdwCleaner v5.025 - Logfile created 14/12/2015 at 16:40:52
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (x86)
# Username : Lil Miss Cris - STUDIOMIXER
# Running from : C:\Users\Lil Miss Cris\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
File Found : C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iagcajndpnfncplednpbnkahadegklfa
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask search
[C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : conduit.search
[C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : mysearchdial.com
[C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : search.snapdo.com
[C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : Groovorio.com
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1593 bytes] ##########
 
 

  • 0

#4
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-12-2015
Ran by Lil Miss Cris (administrator) on STUDIOMIXER (14-12-2015 16:57:38)
Running from C:\Users\Lil Miss Cris\Downloads
Loaded Profiles: Lil Miss Cris (Available Profiles: Lil Miss Cris)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2054360 2009-09-11] (ESET)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\Run: [GoogleChromeAutoLaunch_BB610F089656C2493F2F32DE835E4545] => C:\Program Files\Google\Chrome\Application\chrome.exe [741704 2015-12-04] (Google Inc.)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: L - .\Encryption Tool\MaxtorEncryption.exe
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: {0806cf72-219e-11e0-b571-001e901d1ea9} - H:\setupSNK.exe
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: {20684e39-4d9f-11e0-8623-001e901d1ea9} - H:\LaunchU3.exe -a
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\MountPoints2: {a084ff92-5e61-11e0-91ce-001e901d1ea9} - H:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aggiorna ESET license.lnk [2015-12-14]
ShortcutTarget: Aggiorna ESET license.lnk -> C:\Program Files\ESET\MiNODLogin\LAUNCHER.EXE (GuillerSoft)
BootExecute: autocheck autochk /r \??\K:autocheck autochk * sdnclean.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7E5FA66A-61AA-4F80-A05B-F1F94AC5CCCB}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.google.com/
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-13] (Oracle Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_66-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0066-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_66-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_66\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-13] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-12-24] [not signed]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (registryAccess) - C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojdbdbhbbkpenbmlejjngphokgnp\7.15.1.22764_0\background/registryAccess.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - K:\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Profile: C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lil Miss Cris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-13]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [20680 2009-09-11] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [735960 2009-09-11] (ESET)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dsiarhwprog; C:\Windows\System32\Drivers\dsiarhwprog.sys [29184 2007-02-08] (Thesycon GmbH, Germany)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [116008 2009-09-11] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [108792 2009-09-11] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [135048 2009-09-11] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33096 2009-06-19] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [38240 2009-09-11] (ESET)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-07-28] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-14 16:47 - 2015-12-14 16:48 - 00018697 ____C C:\Users\Lil Miss Cris\Downloads\Fixlog.txt
2015-12-14 16:27 - 2015-12-14 16:40 - 00000000 ___DC C:\AdwCleaner
2015-12-14 16:25 - 2015-12-14 16:25 - 01740288 ____C C:\Users\Lil Miss Cris\Downloads\AdwCleaner.exe
2015-12-14 14:00 - 2015-12-14 14:00 - 00001664 ____C C:\Users\Public\Desktop\iTunes.lnk
2015-12-14 14:00 - 2015-12-14 14:00 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-14 13:59 - 2015-12-14 14:00 - 00000000 ___DC C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-12-14 13:59 - 2015-12-14 14:00 - 00000000 ___DC C:\Program Files\iTunes
2015-12-14 13:59 - 2015-12-14 13:59 - 00000000 ___DC C:\Program Files\iPod
2015-12-14 13:53 - 2015-12-14 13:53 - 00000000 ___DC C:\Program Files\Apple Software Update
2015-12-14 13:34 - 2015-12-14 16:46 - 00031735 ____C C:\Users\Lil Miss Cris\Downloads\Addition.txt
2015-12-14 13:33 - 2015-12-14 16:57 - 00014109 ____C C:\Users\Lil Miss Cris\Downloads\FRST.txt
2015-12-14 13:33 - 2015-12-14 16:57 - 00000000 ___DC C:\FRST
2015-12-14 13:31 - 2015-12-14 13:31 - 01720832 ____C (Farbar) C:\Users\Lil Miss Cris\Downloads\FRST.exe
2015-12-14 13:28 - 2015-12-14 13:28 - 00000913 ____C C:\Users\Public\Desktop\Aggiorna ESET license.lnk
2015-12-14 12:37 - 2015-12-14 13:27 - 00000162 ____C C:\Windows\wininit.ini
2015-12-14 09:22 - 2015-12-14 07:55 - 00000052 ____C C:\Windows\system32\Drivers\etc\hosts.20151214-092242.backup
2015-12-14 08:17 - 2015-08-13 06:15 - 00304640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-12-14 08:17 - 2015-08-13 06:15 - 00102912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-12-14 08:17 - 2015-07-21 08:07 - 00140224 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-12-14 08:17 - 2015-07-21 08:07 - 00056256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-12-14 08:17 - 2015-07-21 08:03 - 00010752 ____C (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-12-14 08:16 - 2015-09-02 13:26 - 01402368 ____C (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-12-14 08:16 - 2015-09-02 13:26 - 01253376 ____C (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-12-14 08:16 - 2015-07-21 08:03 - 00564224 ____C (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-12-14 08:15 - 2015-07-31 11:27 - 00103120 ____C (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-14 08:13 - 2015-11-06 09:05 - 00627712 ____C (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 01029120 ____C (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 00219648 ____C (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 00189952 ____C (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-14 08:13 - 2015-11-06 08:32 - 00160768 ____C (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-14 08:13 - 2015-11-06 07:27 - 01172480 ____C (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-14 08:13 - 2015-11-06 07:26 - 00486400 ____C (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-14 08:13 - 2015-11-06 07:24 - 02068480 ____C (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-14 08:13 - 2015-11-06 07:20 - 01073152 ____C (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-14 08:13 - 2015-11-06 07:20 - 00682496 ____C (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-14 08:13 - 2015-11-06 07:19 - 00802304 ____C (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-14 08:13 - 2015-07-10 11:37 - 02067968 ____C (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-12-14 08:12 - 2015-10-13 06:31 - 00273408 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-12-14 08:12 - 2015-10-13 06:31 - 00072192 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-12-14 08:11 - 2015-11-02 09:04 - 00179200 ____C (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-14 08:10 - 2015-10-17 08:01 - 00501248 ____C (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-14 08:09 - 2015-07-18 08:03 - 00068608 ____C (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00901264 ____C (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00066400 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00022368 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00019808 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00017760 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00017760 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00016224 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00015712 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00015200 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00014176 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00014176 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00013664 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00013664 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00013664 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012640 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00012128 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011616 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011104 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-12-14 08:08 - 2015-07-18 05:14 - 00011104 ____C (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-12-14 08:07 - 2015-09-02 13:26 - 00034304 ____C (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-12-14 08:07 - 2015-09-02 11:54 - 00297472 ____C (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-12-14 08:07 - 2015-08-05 07:59 - 00602112 ____C (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-12-14 08:06 - 2015-10-14 12:22 - 01206192 ____C (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-14 08:06 - 2015-10-14 08:01 - 03606464 ____C (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-12-14 08:06 - 2015-10-14 08:01 - 03554752 ____C (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-14 08:06 - 2015-07-28 16:46 - 11588096 ____C (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-12-14 08:06 - 2015-07-21 08:03 - 00049664 ____C (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-12-14 08:05 - 2015-11-04 23:26 - 00002048 ____C (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-14 08:03 - 2015-10-10 08:02 - 00526272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-12-14 08:03 - 2015-07-09 06:25 - 00151040 ____C (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-12-14 08:03 - 2015-07-09 06:25 - 00151040 ____C (Microsoft Corporation) C:\Windows\notepad.exe
2015-12-14 08:03 - 2015-07-01 07:57 - 00199680 ____C (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-12-14 08:02 - 2015-11-10 09:03 - 01208832 ____C (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-14 08:02 - 2015-11-10 09:03 - 00488448 ____C (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-14 08:01 - 2015-11-04 23:34 - 00113664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-14 08:00 - 2015-09-26 08:05 - 00281600 ____C (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-14 08:00 - 2015-09-26 08:04 - 00206336 ____C (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-12-14 08:00 - 2015-09-26 05:21 - 00274432 ____C (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-12-14 08:00 - 2015-09-22 05:11 - 00440768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-12-14 07:56 - 2015-12-14 07:56 - 00000000 ___DC C:\Users\Lil Miss Cris\Documents\My eBooks
2015-12-14 06:47 - 2015-11-12 12:39 - 01814528 ____C (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-14 06:47 - 2015-11-12 12:37 - 12389376 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-14 06:47 - 2015-11-12 12:36 - 00367616 ____C (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-14 06:47 - 2015-11-12 12:34 - 09753088 ____C (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-14 06:47 - 2015-11-12 12:34 - 01140224 ____C (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-14 06:47 - 2015-11-12 12:33 - 01129472 ____C (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 01804288 ____C (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 01427968 ____C (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-14 06:47 - 2015-11-12 12:32 - 00718848 ____C (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00607744 ____C (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00424448 ____C (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00231936 ____C (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00142848 ____C (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-14 06:47 - 2015-11-12 12:32 - 00065536 ____C (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00041472 ____C (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-14 06:47 - 2015-11-12 12:32 - 00011776 ____C (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-14 06:47 - 2015-11-12 12:31 - 02382848 ____C (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-14 06:47 - 2015-11-12 12:31 - 00353792 ____C (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00223232 ____C (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00176640 ____C (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-14 06:47 - 2015-11-12 12:31 - 00010752 ____C (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-14 03:04 - 2015-07-03 08:04 - 01316864 ____C (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-12-14 03:03 - 2015-06-17 08:50 - 02264576 ____C (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-12-14 03:03 - 2015-06-17 07:09 - 00073216 ____C (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-12-14 03:03 - 2015-06-12 08:01 - 00298496 ____C (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-12-14 03:03 - 2015-04-24 07:54 - 00532480 ____C (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-12-14 03:02 - 2015-06-27 08:03 - 00783872 ____C (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-12-14 03:02 - 2015-06-27 08:02 - 00218112 ____C (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-12-14 03:02 - 2015-06-27 08:01 - 00801280 ____C (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-12-14 03:02 - 2015-06-27 06:21 - 00217088 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-12-14 03:02 - 2015-06-27 06:21 - 00081408 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-12-14 03:02 - 2015-05-31 00:11 - 00225792 ____C (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-12-14 03:02 - 2015-01-08 16:17 - 00107008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-12-14 03:01 - 2015-05-08 15:08 - 00894464 ____C (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-12-14 03:00 - 2015-05-04 14:51 - 10628608 ____C (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-12-14 03:00 - 2015-05-04 14:50 - 00007680 ____C (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-12-14 03:00 - 2015-05-04 14:50 - 00004096 ____C (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-12-14 03:00 - 2015-05-04 14:50 - 00004096 ____C (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-12-14 03:00 - 2015-05-04 13:21 - 08147456 ____C (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-12-14 00:02 - 2012-05-04 18:29 - 00772504 ____C (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2015-12-14 00:02 - 2012-05-04 18:29 - 00687504 ____C (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2015-12-14 00:00 - 2015-12-14 00:00 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Roaming\Sun
2015-12-14 00:00 - 2015-12-14 00:00 - 00000000 ___DC C:\Users\Lil Miss Cris\.oracle_jre_usage
2015-12-14 00:00 - 2015-12-14 00:00 - 00000000 ___DC C:\Program Files\Common Files\Java
2015-12-13 23:59 - 2015-12-13 23:59 - 00278624 ____C (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-12-13 23:59 - 2015-12-13 23:59 - 00095840 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-12-13 23:59 - 2015-12-13 23:59 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-13 23:58 - 2015-12-14 00:03 - 00000000 ___DC C:\ProgramData\Oracle
2015-12-13 23:28 - 2015-12-13 23:28 - 00000000 ___DC C:\Program Files\Common Files\AV
2015-12-13 21:52 - 2015-12-13 21:53 - 06801752 ____C (Piriform Ltd) C:\Users\Lil Miss Cris\Downloads\cccsetup512.exe
2015-12-13 21:34 - 2015-12-14 13:27 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2015-12-13 21:33 - 2015-12-14 14:02 - 00000000 ___DC C:\Program Files\Spybot - Search & Destroy 2
2015-12-13 21:32 - 2015-12-13 21:12 - 46525608 ____C (Safer-Networking Ltd. ) C:\Users\Lil Miss Cris\Downloads\spy-2.4.exe
2015-12-13 21:32 - 2015-12-13 21:06 - 22908888 ____C (Malwarebytes ) C:\Users\Lil Miss Cris\Downloads\bam-setup-2.2.0.1024 (1).exe
2015-12-13 21:32 - 2015-12-13 20:56 - 04759456 ____C (LionSea Software co., ltd ) C:\Users\Lil Miss Cris\Downloads\kbsetup.exe
2015-12-13 19:42 - 2015-12-13 19:55 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Roaming\uTorrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-14 16:55 - 2010-01-13 16:05 - 00000414 ___HC C:\Windows\Tasks\User_Feed_Synchronization-{A8A0AF40-97F1-4991-8E48-D5E60E12942B}.job
2015-12-14 16:55 - 2008-09-28 20:19 - 00000424 ___HC C:\Windows\Tasks\User_Feed_Synchronization-{52BAFC85-B3A5-4F27-849C-72DB237A68CA}.job
2015-12-14 16:55 - 2006-11-02 02:33 - 00006580 ____C C:\Windows\system32\PerfStringBackup.INI
2015-12-14 16:48 - 2011-12-06 18:30 - 00065536 ____C C:\Windows\system32\Ikeext.etl
2015-12-14 16:48 - 2011-10-30 17:29 - 00000882 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 16:48 - 2006-11-02 05:01 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-12-14 16:48 - 2006-11-02 04:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 16:48 - 2006-11-02 04:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 16:47 - 2006-11-02 05:01 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-14 16:24 - 2011-10-30 17:29 - 00000886 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 16:22 - 2013-12-23 08:08 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 14:04 - 2006-11-02 03:18 - 00000000 ___DC C:\Windows
2015-12-14 13:59 - 2013-03-09 18:09 - 00000000 ___DC C:\ProgramData\Apple Computer
2015-12-14 13:59 - 2011-07-24 09:55 - 00000000 ___DC C:\Program Files\Common Files\Apple
2015-12-14 13:54 - 2009-12-25 01:08 - 00000000 ___DC C:\Users\Lil Miss Cris
2015-12-14 13:54 - 2006-11-02 03:18 - 00000000 ___DC C:\Windows\inf
2015-12-14 13:53 - 2013-03-09 18:08 - 00001830 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-14 13:28 - 2011-12-22 17:28 - 00000000 ___DC C:\Program Files\ESET
2015-12-14 11:37 - 2014-11-15 15:44 - 00000000 ___DC C:\Program Files\Windows Live
2015-12-14 11:27 - 2009-12-25 01:08 - 00080208 ____C C:\Users\Lil Miss Cris\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-14 11:27 - 2006-11-02 04:47 - 00320288 ____C C:\Windows\system32\FNTCACHE.DAT
2015-12-14 11:16 - 2008-09-28 17:16 - 00000000 ___DC C:\Program Files\Adobe
2015-12-14 11:15 - 2008-09-28 19:29 - 00000000 ___DC C:\Program Files\Common Files\Adobe
2015-12-14 11:15 - 2008-09-28 17:17 - 00000000 ___DC C:\Users\Public\Documents\Adobe PDF 6.0
2015-12-14 11:12 - 2011-03-12 04:55 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Local\MigWiz
2015-12-14 11:12 - 2008-09-28 09:48 - 00000000 ___DC C:\Windows\Panther
2015-12-14 09:10 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache
2015-12-14 08:36 - 2011-10-05 18:57 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2015-12-14 08:34 - 2006-11-02 04:37 - 00000000 ___DC C:\Windows\system32\XPSViewer
2015-12-14 08:33 - 2006-11-02 04:37 - 00000000 ___DC C:\Program Files\Windows Journal
2015-12-14 08:14 - 2011-10-05 18:57 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-14 08:00 - 2013-09-15 07:50 - 00000000 ___DC C:\Windows\system32\MRT
2015-12-14 07:51 - 2013-12-23 08:15 - 00002425 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-12-14 00:22 - 2013-03-01 20:29 - 00796864 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-14 00:22 - 2011-06-11 21:08 - 00142528 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-14 00:04 - 2011-01-02 20:18 - 00000000 ___DC C:\Users\Lil Miss Cris\AppData\Local\Adobe
2015-12-13 23:58 - 2010-03-22 05:17 - 00000000 ___DC C:\Program Files\Java
2015-12-13 22:17 - 2015-01-25 13:36 - 00000000 ___DC C:\Program Files\Chrome Virtual Keyboard
2015-12-13 22:17 - 2013-11-23 16:53 - 00000000 ___DC C:\temp
2015-12-13 22:17 - 2011-12-24 16:59 - 00000000 ___DC C:\Program Files\TNod-1.4.1-Final-Portable
2015-12-13 21:56 - 2011-12-16 17:00 - 00000000 ___DC C:\ProgramData\Malwarebytes
2015-12-13 20:52 - 2012-01-01 22:19 - 00000000 ___DC C:\Program Files\Datel
2015-12-13 17:45 - 2006-11-02 03:18 - 00000000 __HDC C:\Windows\tracing
2015-12-02 13:25 - 2009-10-02 12:55 - 00247976 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-23 19:09 - 2006-11-02 02:24 - 137798368 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
 
==================== Files in the root of some directories =======
 
2015-02-09 17:39 - 2015-08-02 19:28 - 0000020 ____C () C:\Users\Lil Miss Cris\AppData\Roaming\appdataFr3.bin
2014-11-17 21:04 - 2014-11-17 21:41 - 0000680 ____C () C:\Users\Lil Miss Cris\AppData\Local\d3d9caps.dat
2010-02-14 09:20 - 2014-09-28 16:13 - 0057856 ___HC () C:\Users\Lil Miss Cris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-04 02:01 - 2011-12-04 02:01 - 0000000 ____C () C:\Users\Lil Miss Cris\AppData\Local\{102DD751-A98C-4407-88AC-2E5F7DF905EE}
2011-12-24 16:34 - 2014-04-12 19:32 - 0053879 ____C () C:\ProgramData\nvModes.001
2013-02-10 15:04 - 2014-04-12 19:32 - 0053879 ____C () C:\ProgramData\nvModes.dat
2014-11-17 21:20 - 2014-11-17 21:20 - 0001779 ____C () C:\ProgramData\tempimage.bmp
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-14 16:57
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-12-2015
Ran by Lil Miss Cris (2015-12-14 16:58:04)
Running from C:\Users\Lil Miss Cris\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-09-28 16:55:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2413653160-3667274055-3905884914-500 - Administrator - Disabled)
Guest (S-1-5-21-2413653160-3667274055-3905884914-501 - Limited - Enabled)
Lil Miss Cris (S-1-5-21-2413653160-3667274055-3905884914-1001 - Administrator - Enabled) => C:\Users\Lil Miss Cris
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Smart Security 4.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
AS: ESET Smart Security 4.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {F3340042-195E-BB41-42D1-CDB495BB46DE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Antivirus License Finder (MiNODLogin) (HKLM\...\MiNODLogin) (Version: 4.0.2.66 - GuillerSoft)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
14-12-2015 11:19:54 Removed PVSonyDll.
14-12-2015 11:20:42 Removed VC80CRTRedist - 8.0.50727.762
14-12-2015 11:34:33 Removed Java™ SE Runtime Environment 6 Update 1
14-12-2015 11:35:16 Removed Windows Mobile Device Updater Component
14-12-2015 11:36:12 Removed Security Update for CAPICOM (KB931906)
14-12-2015 11:36:58 Removed Windows Live Mesh ActiveX Control for Remote Connections
14-12-2015 11:38:26 Removed Java™ SE Runtime Environment 6 Update 1
14-12-2015 13:53:59 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 02:23 - 2015-12-14 09:22 - 00899950 ___RC C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123simsen.com
 
There are 15463 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {40A0D466-B37E-43A9-9201-3A4ADF1CCCAF} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe
Task: {65E9CC6C-E9E4-4FAA-BEFC-AB3229661A01} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {670D0563-8371-4116-BA3A-495584CE796C} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {8802479F-624C-4751-A9B6-E16DB7A602AF} - System32\Tasks\{DA40C9A5-B06C-4E53-9271-99694B7974A8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.3.0.108.260&amp;LastError=2
Task: {A8D7EAE6-8C25-4792-95C4-9178C64A4644} - System32\Tasks\{44A4D073-38D2-4AD0-949B-A63C5DFDA889} => pcalua.exe -a "C:\Program Files\PopCap Games\TipTop Deluxe\PopUninstall.exe" -c C:\Program Files\PopCap Games\TipTop Deluxe\Install.log
Task: {B9944F29-A5AF-4B7E-A363-5445D411306D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C5188329-A27B-455A-BF35-BF0281A1976B} - System32\Tasks\{EA16E77E-EA3F-4944-8508-B88585C72C6D} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {CD8A0F75-487B-4264-A90B-B97B811027F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-13] (Google Inc.)
Task: {E37E0711-AD5F-4F28-BA0C-B2FAB3D92F8B} - System32\Tasks\{A16D459E-ABA3-4788-8F68-77523640B52D} => pcalua.exe -a "C:\Program Files\PopCap Games\Seven Seas Deluxe\PopUninstall.exe" -c C:\Program Files\PopCap Games\Seven Seas Deluxe\Install.log
Task: {E851D857-500A-47CE-B53F-60327981AB9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-13] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{52BAFC85-B3A5-4F27-849C-72DB237A68CA}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A8A0AF40-97F1-4991-8E48-D5E60E12942B}.job => C:\Windows\system32\msfeedssync.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2008-09-28 16:01 - 2007-09-20 17:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7866 more sites.
 
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\...\1-se.com -> 1-se.com
 
There are 11702 more sites.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2413653160-3667274055-3905884914-1001\Control Panel\Desktop\\Wallpaper -> K:\pictures\Summer 2012\P6.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IJPLMSVC => 3
MSCONFIG\Services: MediaDevSrv => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Update BrowseMark => 2
MSCONFIG\Services: WinDevSrv => 2
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: iTunesHelper => "J:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{5FF15FC5-7F47-453C-B7B6-2A056319CF50}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{52E49E8D-03E2-4CD7-A9DA-3BBC342F3CEF}] => (Allow) LPort=2869
FirewallRules: [{055E99E1-87A1-4AA4-860C-78227057D94B}] => (Allow) LPort=1900
FirewallRules: [{9EB33631-499E-4662-8816-83152F946F47}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{65EBAB5D-13CE-4F61-AD86-6A62919932FE}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{22BC919D-7CC1-4965-811B-ECD23854106F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{381B3983-11F6-423F-905E-489502C06893}] => (Allow) C:\Program Files\iTunes\iTunes.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/14/2015 04:55:47 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8
 
Error: (12/14/2015 04:55:47 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16
 
Error: (12/14/2015 04:51:17 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 04:51:17 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 04:51:16 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 04:51:16 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 04:51:08 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 04:51:08 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 04:51:08 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/14/2015 04:51:08 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053".
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (12/14/2015 04:50:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
 
Error: (12/14/2015 04:30:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
 
Error: (12/14/2015 04:28:42 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: 1Restart the serviceWindows Search%%1056
 
Error: (12/14/2015 04:28:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Player Network Sharing Service1300001Restart the service
 
Error: (12/14/2015 04:28:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: iPod Service1
 
Error: (12/14/2015 04:28:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service
 
Error: (12/14/2015 04:28:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Live ID Sign-in Assistant1100001Restart the service
 
Error: (12/14/2015 04:28:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Compatibility Check1
 
Error: (12/14/2015 04:28:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Bonjour Service1
 
Error: (12/14/2015 04:28:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Apple Mobile Device1600001Restart the service
 
 
CodeIntegrity:
===================================
  Date: 2015-12-14 13:14:51.836
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:49.918
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:47.999
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:46.111
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:44.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:14:42.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:49.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:47.124
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:45.236
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-14 13:08:43.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ 8400 Triple-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 2941.76 MB
Available physical RAM: 1796.78 MB
Total Virtual: 6114.02 MB
Available Virtual: 4967.46 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:48.83 GB) (Free:7.11 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:10.95 GB) (Free:5.17 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Vault) (Fixed) (Total:238.31 GB) (Free:238.17 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 7D826B35)
Partition 1: (Active) - (Size=10.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=287.1 GB) - (Type=OF Extended)
 
==================== End of Addition.txt ============================

  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
In either case do:
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.
 
 (Second time you run vew it will overwrite the first log so copy it to a reply or rename it first.)

  • 0

#6
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
2015-12-14 17:32:59, Info                  CSI    00000006 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:32:59, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:04, Info                  CSI    00000009 [SR] Verify complete
2015-12-14 17:33:05, Info                  CSI    0000000a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:05, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:11, Info                  CSI    0000000d [SR] Verify complete
2015-12-14 17:33:11, Info                  CSI    0000000e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:11, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:14, Info                  CSI    00000011 [SR] Verify complete
2015-12-14 17:33:14, Info                  CSI    00000012 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:14, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:16, Info                  CSI    00000015 [SR] Verify complete
2015-12-14 17:33:16, Info                  CSI    00000016 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:16, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:18, Info                  CSI    00000019 [SR] Verify complete
2015-12-14 17:33:18, Info                  CSI    0000001a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:18, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:20, Info                  CSI    0000001d [SR] Verify complete
2015-12-14 17:33:20, Info                  CSI    0000001e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:20, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:22, Info                  CSI    00000021 [SR] Verify complete
2015-12-14 17:33:22, Info                  CSI    00000022 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:22, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:24, Info                  CSI    00000025 [SR] Verify complete
2015-12-14 17:33:24, Info                  CSI    00000026 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:24, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:26, Info                  CSI    00000029 [SR] Verify complete
2015-12-14 17:33:26, Info                  CSI    0000002a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:26, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:28, Info                  CSI    0000002d [SR] Verify complete
2015-12-14 17:33:28, Info                  CSI    0000002e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:28, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:30, Info                  CSI    00000031 [SR] Verify complete
2015-12-14 17:33:30, Info                  CSI    00000032 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:30, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:32, Info                  CSI    00000035 [SR] Verify complete
2015-12-14 17:33:32, Info                  CSI    00000036 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:32, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:34, Info                  CSI    00000039 [SR] Verify complete
2015-12-14 17:33:34, Info                  CSI    0000003a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:34, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:36, Info                  CSI    0000003d [SR] Verify complete
2015-12-14 17:33:36, Info                  CSI    0000003e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:36, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:38, Info                  CSI    00000041 [SR] Verify complete
2015-12-14 17:33:38, Info                  CSI    00000042 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:38, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:40, Info                  CSI    00000045 [SR] Verify complete
2015-12-14 17:33:40, Info                  CSI    00000046 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:40, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:42, Info                  CSI    00000049 [SR] Verify complete
2015-12-14 17:33:42, Info                  CSI    0000004a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:42, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:44, Info                  CSI    0000004d [SR] Verify complete
2015-12-14 17:33:44, Info                  CSI    0000004e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:44, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:46, Info                  CSI    00000051 [SR] Verify complete
2015-12-14 17:33:46, Info                  CSI    00000052 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:46, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:48, Info                  CSI    00000055 [SR] Verify complete
2015-12-14 17:33:48, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:48, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:49, Info                  CSI    00000059 [SR] Verify complete
2015-12-14 17:33:50, Info                  CSI    0000005a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:50, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:51, Info                  CSI    0000005d [SR] Verify complete
2015-12-14 17:33:52, Info                  CSI    0000005e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:52, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:53, Info                  CSI    00000061 [SR] Verify complete
2015-12-14 17:33:53, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:53, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:55, Info                  CSI    00000065 [SR] Verify complete
2015-12-14 17:33:55, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:55, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:57, Info                  CSI    00000069 [SR] Verify complete
2015-12-14 17:33:58, Info                  CSI    0000006a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:58, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:59, Info                  CSI    0000006d [SR] Verify complete
2015-12-14 17:33:59, Info                  CSI    0000006e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:59, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:01, Info                  CSI    00000071 [SR] Verify complete
2015-12-14 17:34:01, Info                  CSI    00000072 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:01, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:02, Info                  CSI    00000075 [SR] Verify complete
2015-12-14 17:34:03, Info                  CSI    00000076 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:03, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:04, Info                  CSI    00000079 [SR] Verify complete
2015-12-14 17:34:05, Info                  CSI    0000007a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:05, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:06, Info                  CSI    0000007d [SR] Verify complete
2015-12-14 17:34:07, Info                  CSI    0000007e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:07, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:08, Info                  CSI    00000081 [SR] Verify complete
2015-12-14 17:34:08, Info                  CSI    00000082 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:08, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:10, Info                  CSI    00000085 [SR] Verify complete
2015-12-14 17:34:10, Info                  CSI    00000086 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:10, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:12, Info                  CSI    00000089 [SR] Verify complete
2015-12-14 17:34:13, Info                  CSI    0000008a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:13, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:15, Info                  CSI    0000008d [SR] Verify complete
2015-12-14 17:34:15, Info                  CSI    0000008e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:15, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:16, Info                  CSI    00000091 [SR] Verify complete
2015-12-14 17:34:17, Info                  CSI    00000092 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:17, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:19, Info                  CSI    00000095 [SR] Verify complete
2015-12-14 17:34:19, Info                  CSI    00000096 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:19, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:22, Info                  CSI    00000099 [SR] Verify complete
2015-12-14 17:34:23, Info                  CSI    0000009a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:23, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:25, Info                  CSI    0000009d [SR] Verify complete
2015-12-14 17:34:25, Info                  CSI    0000009e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:25, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:28, Info                  CSI    000000a1 [SR] Verify complete
2015-12-14 17:34:28, Info                  CSI    000000a2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:28, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:31, Info                  CSI    000000a5 [SR] Verify complete
2015-12-14 17:34:32, Info                  CSI    000000a6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:32, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:34, Info                  CSI    000000a9 [SR] Verify complete
2015-12-14 17:34:34, Info                  CSI    000000aa [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:34, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:35, Info                  CSI    000000ad [SR] Verify complete
2015-12-14 17:34:36, Info                  CSI    000000ae [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:36, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:39, Info                  CSI    000000b1 [SR] Verify complete
2015-12-14 17:34:39, Info                  CSI    000000b2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:39, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:40, Info                  CSI    000000b5 [SR] Verify complete
2015-12-14 17:34:41, Info                  CSI    000000b6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:41, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:42, Info                  CSI    000000b9 [SR] Verify complete
2015-12-14 17:34:42, Info                  CSI    000000ba [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:42, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:44, Info                  CSI    000000bd [SR] Verify complete
2015-12-14 17:34:45, Info                  CSI    000000be [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:45, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:46, Info                  CSI    000000c1 [SR] Verify complete
2015-12-14 17:34:46, Info                  CSI    000000c2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:46, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:48, Info                  CSI    000000c5 [SR] Verify complete
2015-12-14 17:34:48, Info                  CSI    000000c6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:48, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:53, Info                  CSI    000000c9 [SR] Verify complete
2015-12-14 17:34:54, Info                  CSI    000000ca [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:54, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:58, Info                  CSI    000000cd [SR] Verify complete
2015-12-14 17:34:58, Info                  CSI    000000ce [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:58, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:03, Info                  CSI    000000d1 [SR] Verify complete
2015-12-14 17:35:03, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:03, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:07, Info                  CSI    000000d6 [SR] Verify complete
2015-12-14 17:35:08, Info                  CSI    000000d7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:08, Info                  CSI    000000d8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:12, Info                  CSI    000000db [SR] Verify complete
2015-12-14 17:35:12, Info                  CSI    000000dc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:12, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:17, Info                  CSI    000000df [SR] Verify complete
2015-12-14 17:35:17, Info                  CSI    000000e0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:17, Info                  CSI    000000e1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:25, Info                  CSI    000000eb [SR] Verify complete
2015-12-14 17:35:25, Info                  CSI    000000ec [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:25, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:30, Info                  CSI    000000ef [SR] Verify complete
2015-12-14 17:35:30, Info                  CSI    000000f0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:30, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:35, Info                  CSI    000000f3 [SR] Verify complete
2015-12-14 17:35:36, Info                  CSI    000000f4 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:36, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:40, Info                  CSI    000000f7 [SR] Verify complete
2015-12-14 17:35:40, Info                  CSI    000000f8 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:40, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:47, Info                  CSI    000000fb [SR] Verify complete
2015-12-14 17:35:47, Info                  CSI    000000fc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:47, Info                  CSI    000000fd [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:54, Info                  CSI    000000ff [SR] Verify complete
2015-12-14 17:35:55, Info                  CSI    00000100 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:55, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:05, Info                  CSI    00000105 [SR] Verify complete
2015-12-14 17:36:06, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:06, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:22, Info                  CSI    00000109 [SR] Verify complete
2015-12-14 17:36:22, Info                  CSI    0000010a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:22, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:38, Info                  CSI    0000010d [SR] Verify complete
2015-12-14 17:36:38, Info                  CSI    0000010e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:38, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:42, Info                  CSI    00000111 [SR] Verify complete
2015-12-14 17:36:42, Info                  CSI    00000112 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:42, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:45, Info                  CSI    00000115 [SR] Verify complete
2015-12-14 17:36:46, Info                  CSI    00000116 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:46, Info                  CSI    00000117 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:48, Info                  CSI    00000119 [SR] Verify complete
2015-12-14 17:36:49, Info                  CSI    0000011a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:49, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:01, Info                  CSI    00000139 [SR] Verify complete
2015-12-14 17:37:02, Info                  CSI    0000013a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:02, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:03, Info                  CSI    0000013d [SR] Verify complete
2015-12-14 17:37:04, Info                  CSI    0000013e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:04, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:08, Info                  CSI    00000141 [SR] Verify complete
2015-12-14 17:37:08, Info                  CSI    00000142 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:08, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:12, Info                  CSI    00000145 [SR] Verify complete
2015-12-14 17:37:12, Info                  CSI    00000146 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:12, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:19, Info                  CSI    00000148 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:37:21, Info                  CSI    0000014a [SR] Verify complete
2015-12-14 17:37:22, Info                  CSI    0000014b [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:22, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:31, Info                  CSI    0000014f [SR] Verify complete
2015-12-14 17:37:31, Info                  CSI    00000150 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:31, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:34, Info                  CSI    00000153 [SR] Verify complete
2015-12-14 17:37:35, Info                  CSI    00000154 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:35, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:44, Info                  CSI    00000157 [SR] Verify complete
2015-12-14 17:37:44, Info                  CSI    00000158 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:44, Info                  CSI    00000159 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:49, Info                  CSI    0000015b [SR] Verify complete
2015-12-14 17:37:49, Info                  CSI    0000015c [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:49, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:55, Info                  CSI    0000015f [SR] Verify complete
2015-12-14 17:37:55, Info                  CSI    00000160 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:55, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:08, Info                  CSI    0000017f [SR] Verify complete
2015-12-14 17:38:08, Info                  CSI    00000180 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:08, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:20, Info                  CSI    0000018a [SR] Verify complete
2015-12-14 17:38:21, Info                  CSI    0000018b [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:21, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:42, Info                  CSI    0000018e [SR] Verify complete
2015-12-14 17:38:42, Info                  CSI    0000018f [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:42, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:58, Info                  CSI    00000192 [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:38:59, Info                  CSI    00000194 [SR] Verify complete
2015-12-14 17:38:59, Info                  CSI    00000195 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:59, Info                  CSI    00000196 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:07, Info                  CSI    00000198 [SR] Verify complete
2015-12-14 17:39:07, Info                  CSI    00000199 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:07, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:17, Info                  CSI    0000019c [SR] Verify complete
2015-12-14 17:39:17, Info                  CSI    0000019d [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:17, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:23, Info                  CSI    000001a0 [SR] Verify complete
2015-12-14 17:39:24, Info                  CSI    000001a1 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:24, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:30, Info                  CSI    000001a5 [SR] Verify complete
2015-12-14 17:39:30, Info                  CSI    000001a6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:30, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:35, Info                  CSI    000001a9 [SR] Verify complete
2015-12-14 17:39:36, Info                  CSI    000001aa [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:36, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:53, Info                  CSI    000001ad [SR] Verify complete
2015-12-14 17:39:54, Info                  CSI    000001ae [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:54, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:01, Info                  CSI    000001b1 [SR] Verify complete
2015-12-14 17:40:02, Info                  CSI    000001b2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:02, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:10, Info                  CSI    000001b4 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:40:10, Info                  CSI    000001b5 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:40:11, Info                  CSI    000001b7 [SR] Verify complete
2015-12-14 17:40:12, Info                  CSI    000001b8 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:12, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:22, Info                  CSI    000001bb [SR] Verify complete
2015-12-14 17:40:23, Info                  CSI    000001bc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:23, Info                  CSI    000001bd [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:30, Info                  CSI    000001bf [SR] Verify complete
2015-12-14 17:40:30, Info                  CSI    000001c0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:30, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:40, Info                  CSI    000001c3 [SR] Verify complete
2015-12-14 17:40:40, Info                  CSI    000001c4 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:40, Info                  CSI    000001c5 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:54, Info                  CSI    000001c8 [SR] Verify complete
2015-12-14 17:40:54, Info                  CSI    000001c9 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:54, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:59, Info                  CSI    000001cc [SR] Verify complete
2015-12-14 17:41:00, Info                  CSI    000001cd [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:00, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:07, Info                  CSI    000001d0 [SR] Verify complete
2015-12-14 17:41:07, Info                  CSI    000001d1 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:07, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:14, Info                  CSI    000001d5 [SR] Verify complete
2015-12-14 17:41:14, Info                  CSI    000001d6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:14, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:20, Info                  CSI    000001d8 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:41:20, Info                  CSI    000001d9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:41:22, Info                  CSI    000001dd [SR] Verify complete
2015-12-14 17:41:22, Info                  CSI    000001de [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:22, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:30, Info                  CSI    000001e1 [SR] Verify complete
2015-12-14 17:41:31, Info                  CSI    000001e2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:31, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:39, Info                  CSI    000001e4 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:41:39, Info                  CSI    000001e6 [SR] Verify complete
2015-12-14 17:41:39, Info                  CSI    000001e7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:39, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:42, Info                  CSI    000001ea [SR] Verify complete
2015-12-14 17:41:42, Info                  CSI    000001eb [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:42, Info                  CSI    000001ec [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:50, Info                  CSI    000001ee [SR] Verify complete
2015-12-14 17:41:50, Info                  CSI    000001ef [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:50, Info                  CSI    000001f0 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:59, Info                  CSI    000001f2 [SR] Verify complete
2015-12-14 17:41:59, Info                  CSI    000001f3 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:59, Info                  CSI    000001f4 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:06, Info                  CSI    000001f6 [SR] Verify complete
2015-12-14 17:42:06, Info                  CSI    000001f7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:06, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:27, Info                  CSI    000001fa [SR] Verify complete
2015-12-14 17:42:28, Info                  CSI    000001fb [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:28, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:33, Info                  CSI    000001fe [SR] Verify complete
2015-12-14 17:42:33, Info                  CSI    000001ff [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:33, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:40, Info                  CSI    00000202 [SR] Verify complete
2015-12-14 17:42:40, Info                  CSI    00000203 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:40, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:49, Info                  CSI    0000020f [SR] Verify complete
2015-12-14 17:42:50, Info                  CSI    00000210 [SR] Verifying 32 (0x00000020) components
2015-12-14 17:42:50, Info                  CSI    00000211 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:51, Info                  CSI    00000213 [SR] Verify complete
2015-12-14 17:42:51, Info                  CSI    00000214 [SR] Repairing 5 components
2015-12-14 17:42:51, Info                  CSI    00000215 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:51, Info                  CSI    00000216 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:42:52, Info                  CSI    00000217 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000218 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000219 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:42:52, Info                  CSI    0000021a [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:42:52, Info                  CSI    0000021b [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:42:52, Info                  CSI    0000021d [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:42:52, Info                  CSI    0000021f [SR] Repair complete
2015-12-14 17:42:52, Info                  CSI    00000220 [SR] Committing transaction
2015-12-14 17:42:52, Info                  CSI    00000221 [SR] Cannot commit interactively, there are boot critical components being repaired
2015-12-14 17:42:52, Info                  CSI    00000222 [SR] Repairing 5 components
2015-12-14 17:42:52, Info                  CSI    00000223 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:52, Info                  CSI    00000224 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:42:52, Info                  CSI    00000225 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000226 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000227 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:42:52, Info                  CSI    00000228 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:42:52, Info                  CSI    00000229 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:42:52, Info                  CSI    0000022b [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:42:52, Info                  CSI    0000022d [SR] Repair complete
 

  • 0

#7
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
System:
 
2015-12-14 17:32:59, Info                  CSI    00000006 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:32:59, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:04, Info                  CSI    00000009 [SR] Verify complete
2015-12-14 17:33:05, Info                  CSI    0000000a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:05, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:11, Info                  CSI    0000000d [SR] Verify complete
2015-12-14 17:33:11, Info                  CSI    0000000e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:11, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:14, Info                  CSI    00000011 [SR] Verify complete
2015-12-14 17:33:14, Info                  CSI    00000012 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:14, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:16, Info                  CSI    00000015 [SR] Verify complete
2015-12-14 17:33:16, Info                  CSI    00000016 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:16, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:18, Info                  CSI    00000019 [SR] Verify complete
2015-12-14 17:33:18, Info                  CSI    0000001a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:18, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:20, Info                  CSI    0000001d [SR] Verify complete
2015-12-14 17:33:20, Info                  CSI    0000001e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:20, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:22, Info                  CSI    00000021 [SR] Verify complete
2015-12-14 17:33:22, Info                  CSI    00000022 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:22, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:24, Info                  CSI    00000025 [SR] Verify complete
2015-12-14 17:33:24, Info                  CSI    00000026 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:24, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:26, Info                  CSI    00000029 [SR] Verify complete
2015-12-14 17:33:26, Info                  CSI    0000002a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:26, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:28, Info                  CSI    0000002d [SR] Verify complete
2015-12-14 17:33:28, Info                  CSI    0000002e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:28, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:30, Info                  CSI    00000031 [SR] Verify complete
2015-12-14 17:33:30, Info                  CSI    00000032 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:30, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:32, Info                  CSI    00000035 [SR] Verify complete
2015-12-14 17:33:32, Info                  CSI    00000036 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:32, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:34, Info                  CSI    00000039 [SR] Verify complete
2015-12-14 17:33:34, Info                  CSI    0000003a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:34, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:36, Info                  CSI    0000003d [SR] Verify complete
2015-12-14 17:33:36, Info                  CSI    0000003e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:36, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:38, Info                  CSI    00000041 [SR] Verify complete
2015-12-14 17:33:38, Info                  CSI    00000042 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:38, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:40, Info                  CSI    00000045 [SR] Verify complete
2015-12-14 17:33:40, Info                  CSI    00000046 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:40, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:42, Info                  CSI    00000049 [SR] Verify complete
2015-12-14 17:33:42, Info                  CSI    0000004a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:42, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:44, Info                  CSI    0000004d [SR] Verify complete
2015-12-14 17:33:44, Info                  CSI    0000004e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:44, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:46, Info                  CSI    00000051 [SR] Verify complete
2015-12-14 17:33:46, Info                  CSI    00000052 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:46, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:48, Info                  CSI    00000055 [SR] Verify complete
2015-12-14 17:33:48, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:48, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:49, Info                  CSI    00000059 [SR] Verify complete
2015-12-14 17:33:50, Info                  CSI    0000005a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:50, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:51, Info                  CSI    0000005d [SR] Verify complete
2015-12-14 17:33:52, Info                  CSI    0000005e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:52, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:53, Info                  CSI    00000061 [SR] Verify complete
2015-12-14 17:33:53, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:53, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:55, Info                  CSI    00000065 [SR] Verify complete
2015-12-14 17:33:55, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:55, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:57, Info                  CSI    00000069 [SR] Verify complete
2015-12-14 17:33:58, Info                  CSI    0000006a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:58, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:59, Info                  CSI    0000006d [SR] Verify complete
2015-12-14 17:33:59, Info                  CSI    0000006e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:59, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:01, Info                  CSI    00000071 [SR] Verify complete
2015-12-14 17:34:01, Info                  CSI    00000072 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:01, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:02, Info                  CSI    00000075 [SR] Verify complete
2015-12-14 17:34:03, Info                  CSI    00000076 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:03, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:04, Info                  CSI    00000079 [SR] Verify complete
2015-12-14 17:34:05, Info                  CSI    0000007a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:05, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:06, Info                  CSI    0000007d [SR] Verify complete
2015-12-14 17:34:07, Info                  CSI    0000007e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:07, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:08, Info                  CSI    00000081 [SR] Verify complete
2015-12-14 17:34:08, Info                  CSI    00000082 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:08, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:10, Info                  CSI    00000085 [SR] Verify complete
2015-12-14 17:34:10, Info                  CSI    00000086 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:10, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:12, Info                  CSI    00000089 [SR] Verify complete
2015-12-14 17:34:13, Info                  CSI    0000008a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:13, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:15, Info                  CSI    0000008d [SR] Verify complete
2015-12-14 17:34:15, Info                  CSI    0000008e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:15, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:16, Info                  CSI    00000091 [SR] Verify complete
2015-12-14 17:34:17, Info                  CSI    00000092 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:17, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:19, Info                  CSI    00000095 [SR] Verify complete
2015-12-14 17:34:19, Info                  CSI    00000096 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:19, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:22, Info                  CSI    00000099 [SR] Verify complete
2015-12-14 17:34:23, Info                  CSI    0000009a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:23, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:25, Info                  CSI    0000009d [SR] Verify complete
2015-12-14 17:34:25, Info                  CSI    0000009e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:25, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:28, Info                  CSI    000000a1 [SR] Verify complete
2015-12-14 17:34:28, Info                  CSI    000000a2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:28, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:31, Info                  CSI    000000a5 [SR] Verify complete
2015-12-14 17:34:32, Info                  CSI    000000a6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:32, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:34, Info                  CSI    000000a9 [SR] Verify complete
2015-12-14 17:34:34, Info                  CSI    000000aa [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:34, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:35, Info                  CSI    000000ad [SR] Verify complete
2015-12-14 17:34:36, Info                  CSI    000000ae [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:36, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:39, Info                  CSI    000000b1 [SR] Verify complete
2015-12-14 17:34:39, Info                  CSI    000000b2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:39, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:40, Info                  CSI    000000b5 [SR] Verify complete
2015-12-14 17:34:41, Info                  CSI    000000b6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:41, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:42, Info                  CSI    000000b9 [SR] Verify complete
2015-12-14 17:34:42, Info                  CSI    000000ba [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:42, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:44, Info                  CSI    000000bd [SR] Verify complete
2015-12-14 17:34:45, Info                  CSI    000000be [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:45, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:46, Info                  CSI    000000c1 [SR] Verify complete
2015-12-14 17:34:46, Info                  CSI    000000c2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:46, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:48, Info                  CSI    000000c5 [SR] Verify complete
2015-12-14 17:34:48, Info                  CSI    000000c6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:48, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:53, Info                  CSI    000000c9 [SR] Verify complete
2015-12-14 17:34:54, Info                  CSI    000000ca [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:54, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:58, Info                  CSI    000000cd [SR] Verify complete
2015-12-14 17:34:58, Info                  CSI    000000ce [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:58, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:03, Info                  CSI    000000d1 [SR] Verify complete
2015-12-14 17:35:03, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:03, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:07, Info                  CSI    000000d6 [SR] Verify complete
2015-12-14 17:35:08, Info                  CSI    000000d7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:08, Info                  CSI    000000d8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:12, Info                  CSI    000000db [SR] Verify complete
2015-12-14 17:35:12, Info                  CSI    000000dc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:12, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:17, Info                  CSI    000000df [SR] Verify complete
2015-12-14 17:35:17, Info                  CSI    000000e0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:17, Info                  CSI    000000e1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:25, Info                  CSI    000000eb [SR] Verify complete
2015-12-14 17:35:25, Info                  CSI    000000ec [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:25, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:30, Info                  CSI    000000ef [SR] Verify complete
2015-12-14 17:35:30, Info                  CSI    000000f0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:30, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:35, Info                  CSI    000000f3 [SR] Verify complete
2015-12-14 17:35:36, Info                  CSI    000000f4 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:36, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:40, Info                  CSI    000000f7 [SR] Verify complete
2015-12-14 17:35:40, Info                  CSI    000000f8 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:40, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:47, Info                  CSI    000000fb [SR] Verify complete
2015-12-14 17:35:47, Info                  CSI    000000fc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:47, Info                  CSI    000000fd [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:54, Info                  CSI    000000ff [SR] Verify complete
2015-12-14 17:35:55, Info                  CSI    00000100 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:55, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:05, Info                  CSI    00000105 [SR] Verify complete
2015-12-14 17:36:06, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:06, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:22, Info                  CSI    00000109 [SR] Verify complete
2015-12-14 17:36:22, Info                  CSI    0000010a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:22, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:38, Info                  CSI    0000010d [SR] Verify complete
2015-12-14 17:36:38, Info                  CSI    0000010e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:38, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:42, Info                  CSI    00000111 [SR] Verify complete
2015-12-14 17:36:42, Info                  CSI    00000112 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:42, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:45, Info                  CSI    00000115 [SR] Verify complete
2015-12-14 17:36:46, Info                  CSI    00000116 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:46, Info                  CSI    00000117 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:48, Info                  CSI    00000119 [SR] Verify complete
2015-12-14 17:36:49, Info                  CSI    0000011a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:49, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:01, Info                  CSI    00000139 [SR] Verify complete
2015-12-14 17:37:02, Info                  CSI    0000013a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:02, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:03, Info                  CSI    0000013d [SR] Verify complete
2015-12-14 17:37:04, Info                  CSI    0000013e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:04, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:08, Info                  CSI    00000141 [SR] Verify complete
2015-12-14 17:37:08, Info                  CSI    00000142 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:08, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:12, Info                  CSI    00000145 [SR] Verify complete
2015-12-14 17:37:12, Info                  CSI    00000146 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:12, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:19, Info                  CSI    00000148 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:37:21, Info                  CSI    0000014a [SR] Verify complete
2015-12-14 17:37:22, Info                  CSI    0000014b [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:22, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:31, Info                  CSI    0000014f [SR] Verify complete
2015-12-14 17:37:31, Info                  CSI    00000150 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:31, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:34, Info                  CSI    00000153 [SR] Verify complete
2015-12-14 17:37:35, Info                  CSI    00000154 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:35, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:44, Info                  CSI    00000157 [SR] Verify complete
2015-12-14 17:37:44, Info                  CSI    00000158 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:44, Info                  CSI    00000159 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:49, Info                  CSI    0000015b [SR] Verify complete
2015-12-14 17:37:49, Info                  CSI    0000015c [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:49, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:55, Info                  CSI    0000015f [SR] Verify complete
2015-12-14 17:37:55, Info                  CSI    00000160 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:55, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:08, Info                  CSI    0000017f [SR] Verify complete
2015-12-14 17:38:08, Info                  CSI    00000180 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:08, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:20, Info                  CSI    0000018a [SR] Verify complete
2015-12-14 17:38:21, Info                  CSI    0000018b [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:21, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:42, Info                  CSI    0000018e [SR] Verify complete
2015-12-14 17:38:42, Info                  CSI    0000018f [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:42, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:58, Info                  CSI    00000192 [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:38:59, Info                  CSI    00000194 [SR] Verify complete
2015-12-14 17:38:59, Info                  CSI    00000195 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:59, Info                  CSI    00000196 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:07, Info                  CSI    00000198 [SR] Verify complete
2015-12-14 17:39:07, Info                  CSI    00000199 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:07, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:17, Info                  CSI    0000019c [SR] Verify complete
2015-12-14 17:39:17, Info                  CSI    0000019d [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:17, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:23, Info                  CSI    000001a0 [SR] Verify complete
2015-12-14 17:39:24, Info                  CSI    000001a1 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:24, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:30, Info                  CSI    000001a5 [SR] Verify complete
2015-12-14 17:39:30, Info                  CSI    000001a6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:30, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:35, Info                  CSI    000001a9 [SR] Verify complete
2015-12-14 17:39:36, Info                  CSI    000001aa [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:36, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:53, Info                  CSI    000001ad [SR] Verify complete
2015-12-14 17:39:54, Info                  CSI    000001ae [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:54, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:01, Info                  CSI    000001b1 [SR] Verify complete
2015-12-14 17:40:02, Info                  CSI    000001b2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:02, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:10, Info                  CSI    000001b4 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:40:10, Info                  CSI    000001b5 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:40:11, Info                  CSI    000001b7 [SR] Verify complete
2015-12-14 17:40:12, Info                  CSI    000001b8 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:12, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:22, Info                  CSI    000001bb [SR] Verify complete
2015-12-14 17:40:23, Info                  CSI    000001bc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:23, Info                  CSI    000001bd [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:30, Info                  CSI    000001bf [SR] Verify complete
2015-12-14 17:40:30, Info                  CSI    000001c0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:30, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:40, Info                  CSI    000001c3 [SR] Verify complete
2015-12-14 17:40:40, Info                  CSI    000001c4 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:40, Info                  CSI    000001c5 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:54, Info                  CSI    000001c8 [SR] Verify complete
2015-12-14 17:40:54, Info                  CSI    000001c9 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:54, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:59, Info                  CSI    000001cc [SR] Verify complete
2015-12-14 17:41:00, Info                  CSI    000001cd [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:00, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:07, Info                  CSI    000001d0 [SR] Verify complete
2015-12-14 17:41:07, Info                  CSI    000001d1 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:07, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:14, Info                  CSI    000001d5 [SR] Verify complete
2015-12-14 17:41:14, Info                  CSI    000001d6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:14, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:20, Info                  CSI    000001d8 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:41:20, Info                  CSI    000001d9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:41:22, Info                  CSI    000001dd [SR] Verify complete
2015-12-14 17:41:22, Info                  CSI    000001de [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:22, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:30, Info                  CSI    000001e1 [SR] Verify complete
2015-12-14 17:41:31, Info                  CSI    000001e2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:31, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:39, Info                  CSI    000001e4 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:41:39, Info                  CSI    000001e6 [SR] Verify complete
2015-12-14 17:41:39, Info                  CSI    000001e7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:39, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:42, Info                  CSI    000001ea [SR] Verify complete
2015-12-14 17:41:42, Info                  CSI    000001eb [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:42, Info                  CSI    000001ec [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:50, Info                  CSI    000001ee [SR] Verify complete
2015-12-14 17:41:50, Info                  CSI    000001ef [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:50, Info                  CSI    000001f0 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:59, Info                  CSI    000001f2 [SR] Verify complete
2015-12-14 17:41:59, Info                  CSI    000001f3 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:59, Info                  CSI    000001f4 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:06, Info                  CSI    000001f6 [SR] Verify complete
2015-12-14 17:42:06, Info                  CSI    000001f7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:06, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:27, Info                  CSI    000001fa [SR] Verify complete
2015-12-14 17:42:28, Info                  CSI    000001fb [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:28, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:33, Info                  CSI    000001fe [SR] Verify complete
2015-12-14 17:42:33, Info                  CSI    000001ff [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:33, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:40, Info                  CSI    00000202 [SR] Verify complete
2015-12-14 17:42:40, Info                  CSI    00000203 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:40, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:49, Info                  CSI    0000020f [SR] Verify complete
2015-12-14 17:42:50, Info                  CSI    00000210 [SR] Verifying 32 (0x00000020) components
2015-12-14 17:42:50, Info                  CSI    00000211 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:51, Info                  CSI    00000213 [SR] Verify complete
2015-12-14 17:42:51, Info                  CSI    00000214 [SR] Repairing 5 components
2015-12-14 17:42:51, Info                  CSI    00000215 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:51, Info                  CSI    00000216 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:42:52, Info                  CSI    00000217 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000218 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000219 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:42:52, Info                  CSI    0000021a [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:42:52, Info                  CSI    0000021b [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:42:52, Info                  CSI    0000021d [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:42:52, Info                  CSI    0000021f [SR] Repair complete
2015-12-14 17:42:52, Info                  CSI    00000220 [SR] Committing transaction
2015-12-14 17:42:52, Info                  CSI    00000221 [SR] Cannot commit interactively, there are boot critical components being repaired
2015-12-14 17:42:52, Info                  CSI    00000222 [SR] Repairing 5 components
2015-12-14 17:42:52, Info                  CSI    00000223 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:52, Info                  CSI    00000224 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:42:52, Info                  CSI    00000225 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000226 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000227 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:42:52, Info                  CSI    00000228 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:42:52, Info                  CSI    00000229 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:42:52, Info                  CSI    0000022b [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:42:52, Info                  CSI    0000022d [SR] Repair complete
 
 
Application:
 
2015-12-14 17:32:59, Info                  CSI    00000006 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:32:59, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:04, Info                  CSI    00000009 [SR] Verify complete
2015-12-14 17:33:05, Info                  CSI    0000000a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:05, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:11, Info                  CSI    0000000d [SR] Verify complete
2015-12-14 17:33:11, Info                  CSI    0000000e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:11, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:14, Info                  CSI    00000011 [SR] Verify complete
2015-12-14 17:33:14, Info                  CSI    00000012 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:14, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:16, Info                  CSI    00000015 [SR] Verify complete
2015-12-14 17:33:16, Info                  CSI    00000016 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:16, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:18, Info                  CSI    00000019 [SR] Verify complete
2015-12-14 17:33:18, Info                  CSI    0000001a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:18, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:20, Info                  CSI    0000001d [SR] Verify complete
2015-12-14 17:33:20, Info                  CSI    0000001e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:20, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:22, Info                  CSI    00000021 [SR] Verify complete
2015-12-14 17:33:22, Info                  CSI    00000022 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:22, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:24, Info                  CSI    00000025 [SR] Verify complete
2015-12-14 17:33:24, Info                  CSI    00000026 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:24, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:26, Info                  CSI    00000029 [SR] Verify complete
2015-12-14 17:33:26, Info                  CSI    0000002a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:26, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:28, Info                  CSI    0000002d [SR] Verify complete
2015-12-14 17:33:28, Info                  CSI    0000002e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:28, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:30, Info                  CSI    00000031 [SR] Verify complete
2015-12-14 17:33:30, Info                  CSI    00000032 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:30, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:32, Info                  CSI    00000035 [SR] Verify complete
2015-12-14 17:33:32, Info                  CSI    00000036 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:32, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:34, Info                  CSI    00000039 [SR] Verify complete
2015-12-14 17:33:34, Info                  CSI    0000003a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:34, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:36, Info                  CSI    0000003d [SR] Verify complete
2015-12-14 17:33:36, Info                  CSI    0000003e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:36, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:38, Info                  CSI    00000041 [SR] Verify complete
2015-12-14 17:33:38, Info                  CSI    00000042 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:38, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:40, Info                  CSI    00000045 [SR] Verify complete
2015-12-14 17:33:40, Info                  CSI    00000046 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:40, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:42, Info                  CSI    00000049 [SR] Verify complete
2015-12-14 17:33:42, Info                  CSI    0000004a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:42, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:44, Info                  CSI    0000004d [SR] Verify complete
2015-12-14 17:33:44, Info                  CSI    0000004e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:44, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:46, Info                  CSI    00000051 [SR] Verify complete
2015-12-14 17:33:46, Info                  CSI    00000052 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:46, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:48, Info                  CSI    00000055 [SR] Verify complete
2015-12-14 17:33:48, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:48, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:49, Info                  CSI    00000059 [SR] Verify complete
2015-12-14 17:33:50, Info                  CSI    0000005a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:50, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:51, Info                  CSI    0000005d [SR] Verify complete
2015-12-14 17:33:52, Info                  CSI    0000005e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:52, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:53, Info                  CSI    00000061 [SR] Verify complete
2015-12-14 17:33:53, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:53, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:55, Info                  CSI    00000065 [SR] Verify complete
2015-12-14 17:33:55, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:55, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:57, Info                  CSI    00000069 [SR] Verify complete
2015-12-14 17:33:58, Info                  CSI    0000006a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:58, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2015-12-14 17:33:59, Info                  CSI    0000006d [SR] Verify complete
2015-12-14 17:33:59, Info                  CSI    0000006e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:33:59, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:01, Info                  CSI    00000071 [SR] Verify complete
2015-12-14 17:34:01, Info                  CSI    00000072 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:01, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:02, Info                  CSI    00000075 [SR] Verify complete
2015-12-14 17:34:03, Info                  CSI    00000076 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:03, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:04, Info                  CSI    00000079 [SR] Verify complete
2015-12-14 17:34:05, Info                  CSI    0000007a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:05, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:06, Info                  CSI    0000007d [SR] Verify complete
2015-12-14 17:34:07, Info                  CSI    0000007e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:07, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:08, Info                  CSI    00000081 [SR] Verify complete
2015-12-14 17:34:08, Info                  CSI    00000082 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:08, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:10, Info                  CSI    00000085 [SR] Verify complete
2015-12-14 17:34:10, Info                  CSI    00000086 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:10, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:12, Info                  CSI    00000089 [SR] Verify complete
2015-12-14 17:34:13, Info                  CSI    0000008a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:13, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:15, Info                  CSI    0000008d [SR] Verify complete
2015-12-14 17:34:15, Info                  CSI    0000008e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:15, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:16, Info                  CSI    00000091 [SR] Verify complete
2015-12-14 17:34:17, Info                  CSI    00000092 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:17, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:19, Info                  CSI    00000095 [SR] Verify complete
2015-12-14 17:34:19, Info                  CSI    00000096 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:19, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:22, Info                  CSI    00000099 [SR] Verify complete
2015-12-14 17:34:23, Info                  CSI    0000009a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:23, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:25, Info                  CSI    0000009d [SR] Verify complete
2015-12-14 17:34:25, Info                  CSI    0000009e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:25, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:28, Info                  CSI    000000a1 [SR] Verify complete
2015-12-14 17:34:28, Info                  CSI    000000a2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:28, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:31, Info                  CSI    000000a5 [SR] Verify complete
2015-12-14 17:34:32, Info                  CSI    000000a6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:32, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:34, Info                  CSI    000000a9 [SR] Verify complete
2015-12-14 17:34:34, Info                  CSI    000000aa [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:34, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:35, Info                  CSI    000000ad [SR] Verify complete
2015-12-14 17:34:36, Info                  CSI    000000ae [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:36, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:39, Info                  CSI    000000b1 [SR] Verify complete
2015-12-14 17:34:39, Info                  CSI    000000b2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:39, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:40, Info                  CSI    000000b5 [SR] Verify complete
2015-12-14 17:34:41, Info                  CSI    000000b6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:41, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:42, Info                  CSI    000000b9 [SR] Verify complete
2015-12-14 17:34:42, Info                  CSI    000000ba [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:42, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:44, Info                  CSI    000000bd [SR] Verify complete
2015-12-14 17:34:45, Info                  CSI    000000be [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:45, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:46, Info                  CSI    000000c1 [SR] Verify complete
2015-12-14 17:34:46, Info                  CSI    000000c2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:46, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:48, Info                  CSI    000000c5 [SR] Verify complete
2015-12-14 17:34:48, Info                  CSI    000000c6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:48, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:53, Info                  CSI    000000c9 [SR] Verify complete
2015-12-14 17:34:54, Info                  CSI    000000ca [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:54, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2015-12-14 17:34:58, Info                  CSI    000000cd [SR] Verify complete
2015-12-14 17:34:58, Info                  CSI    000000ce [SR] Verifying 100 (0x00000064) components
2015-12-14 17:34:58, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:03, Info                  CSI    000000d1 [SR] Verify complete
2015-12-14 17:35:03, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:03, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:07, Info                  CSI    000000d6 [SR] Verify complete
2015-12-14 17:35:08, Info                  CSI    000000d7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:08, Info                  CSI    000000d8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:12, Info                  CSI    000000db [SR] Verify complete
2015-12-14 17:35:12, Info                  CSI    000000dc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:12, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:17, Info                  CSI    000000df [SR] Verify complete
2015-12-14 17:35:17, Info                  CSI    000000e0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:17, Info                  CSI    000000e1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:25, Info                  CSI    000000eb [SR] Verify complete
2015-12-14 17:35:25, Info                  CSI    000000ec [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:25, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:30, Info                  CSI    000000ef [SR] Verify complete
2015-12-14 17:35:30, Info                  CSI    000000f0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:30, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:35, Info                  CSI    000000f3 [SR] Verify complete
2015-12-14 17:35:36, Info                  CSI    000000f4 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:36, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:40, Info                  CSI    000000f7 [SR] Verify complete
2015-12-14 17:35:40, Info                  CSI    000000f8 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:40, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:47, Info                  CSI    000000fb [SR] Verify complete
2015-12-14 17:35:47, Info                  CSI    000000fc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:47, Info                  CSI    000000fd [SR] Beginning Verify and Repair transaction
2015-12-14 17:35:54, Info                  CSI    000000ff [SR] Verify complete
2015-12-14 17:35:55, Info                  CSI    00000100 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:35:55, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:05, Info                  CSI    00000105 [SR] Verify complete
2015-12-14 17:36:06, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:06, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:22, Info                  CSI    00000109 [SR] Verify complete
2015-12-14 17:36:22, Info                  CSI    0000010a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:22, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:38, Info                  CSI    0000010d [SR] Verify complete
2015-12-14 17:36:38, Info                  CSI    0000010e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:38, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:42, Info                  CSI    00000111 [SR] Verify complete
2015-12-14 17:36:42, Info                  CSI    00000112 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:42, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:45, Info                  CSI    00000115 [SR] Verify complete
2015-12-14 17:36:46, Info                  CSI    00000116 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:46, Info                  CSI    00000117 [SR] Beginning Verify and Repair transaction
2015-12-14 17:36:48, Info                  CSI    00000119 [SR] Verify complete
2015-12-14 17:36:49, Info                  CSI    0000011a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:36:49, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:01, Info                  CSI    00000139 [SR] Verify complete
2015-12-14 17:37:02, Info                  CSI    0000013a [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:02, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:03, Info                  CSI    0000013d [SR] Verify complete
2015-12-14 17:37:04, Info                  CSI    0000013e [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:04, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:08, Info                  CSI    00000141 [SR] Verify complete
2015-12-14 17:37:08, Info                  CSI    00000142 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:08, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:12, Info                  CSI    00000145 [SR] Verify complete
2015-12-14 17:37:12, Info                  CSI    00000146 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:12, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:19, Info                  CSI    00000148 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:37:21, Info                  CSI    0000014a [SR] Verify complete
2015-12-14 17:37:22, Info                  CSI    0000014b [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:22, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:31, Info                  CSI    0000014f [SR] Verify complete
2015-12-14 17:37:31, Info                  CSI    00000150 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:31, Info                  CSI    00000151 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:34, Info                  CSI    00000153 [SR] Verify complete
2015-12-14 17:37:35, Info                  CSI    00000154 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:35, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:44, Info                  CSI    00000157 [SR] Verify complete
2015-12-14 17:37:44, Info                  CSI    00000158 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:44, Info                  CSI    00000159 [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:49, Info                  CSI    0000015b [SR] Verify complete
2015-12-14 17:37:49, Info                  CSI    0000015c [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:49, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2015-12-14 17:37:55, Info                  CSI    0000015f [SR] Verify complete
2015-12-14 17:37:55, Info                  CSI    00000160 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:37:55, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:08, Info                  CSI    0000017f [SR] Verify complete
2015-12-14 17:38:08, Info                  CSI    00000180 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:08, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:20, Info                  CSI    0000018a [SR] Verify complete
2015-12-14 17:38:21, Info                  CSI    0000018b [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:21, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:42, Info                  CSI    0000018e [SR] Verify complete
2015-12-14 17:38:42, Info                  CSI    0000018f [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:42, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2015-12-14 17:38:58, Info                  CSI    00000192 [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:38:59, Info                  CSI    00000194 [SR] Verify complete
2015-12-14 17:38:59, Info                  CSI    00000195 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:38:59, Info                  CSI    00000196 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:07, Info                  CSI    00000198 [SR] Verify complete
2015-12-14 17:39:07, Info                  CSI    00000199 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:07, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:17, Info                  CSI    0000019c [SR] Verify complete
2015-12-14 17:39:17, Info                  CSI    0000019d [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:17, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:23, Info                  CSI    000001a0 [SR] Verify complete
2015-12-14 17:39:24, Info                  CSI    000001a1 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:24, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:30, Info                  CSI    000001a5 [SR] Verify complete
2015-12-14 17:39:30, Info                  CSI    000001a6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:30, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:35, Info                  CSI    000001a9 [SR] Verify complete
2015-12-14 17:39:36, Info                  CSI    000001aa [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:36, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2015-12-14 17:39:53, Info                  CSI    000001ad [SR] Verify complete
2015-12-14 17:39:54, Info                  CSI    000001ae [SR] Verifying 100 (0x00000064) components
2015-12-14 17:39:54, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:01, Info                  CSI    000001b1 [SR] Verify complete
2015-12-14 17:40:02, Info                  CSI    000001b2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:02, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:10, Info                  CSI    000001b4 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:40:10, Info                  CSI    000001b5 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:40:11, Info                  CSI    000001b7 [SR] Verify complete
2015-12-14 17:40:12, Info                  CSI    000001b8 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:12, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:22, Info                  CSI    000001bb [SR] Verify complete
2015-12-14 17:40:23, Info                  CSI    000001bc [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:23, Info                  CSI    000001bd [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:30, Info                  CSI    000001bf [SR] Verify complete
2015-12-14 17:40:30, Info                  CSI    000001c0 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:30, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:40, Info                  CSI    000001c3 [SR] Verify complete
2015-12-14 17:40:40, Info                  CSI    000001c4 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:40, Info                  CSI    000001c5 [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:54, Info                  CSI    000001c8 [SR] Verify complete
2015-12-14 17:40:54, Info                  CSI    000001c9 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:40:54, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2015-12-14 17:40:59, Info                  CSI    000001cc [SR] Verify complete
2015-12-14 17:41:00, Info                  CSI    000001cd [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:00, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:07, Info                  CSI    000001d0 [SR] Verify complete
2015-12-14 17:41:07, Info                  CSI    000001d1 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:07, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:14, Info                  CSI    000001d5 [SR] Verify complete
2015-12-14 17:41:14, Info                  CSI    000001d6 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:14, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:20, Info                  CSI    000001d8 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:41:20, Info                  CSI    000001d9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:41:22, Info                  CSI    000001dd [SR] Verify complete
2015-12-14 17:41:22, Info                  CSI    000001de [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:22, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:30, Info                  CSI    000001e1 [SR] Verify complete
2015-12-14 17:41:31, Info                  CSI    000001e2 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:31, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:39, Info                  CSI    000001e4 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:41:39, Info                  CSI    000001e6 [SR] Verify complete
2015-12-14 17:41:39, Info                  CSI    000001e7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:39, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:42, Info                  CSI    000001ea [SR] Verify complete
2015-12-14 17:41:42, Info                  CSI    000001eb [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:42, Info                  CSI    000001ec [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:50, Info                  CSI    000001ee [SR] Verify complete
2015-12-14 17:41:50, Info                  CSI    000001ef [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:50, Info                  CSI    000001f0 [SR] Beginning Verify and Repair transaction
2015-12-14 17:41:59, Info                  CSI    000001f2 [SR] Verify complete
2015-12-14 17:41:59, Info                  CSI    000001f3 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:41:59, Info                  CSI    000001f4 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:06, Info                  CSI    000001f6 [SR] Verify complete
2015-12-14 17:42:06, Info                  CSI    000001f7 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:06, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:27, Info                  CSI    000001fa [SR] Verify complete
2015-12-14 17:42:28, Info                  CSI    000001fb [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:28, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:33, Info                  CSI    000001fe [SR] Verify complete
2015-12-14 17:42:33, Info                  CSI    000001ff [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:33, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:40, Info                  CSI    00000202 [SR] Verify complete
2015-12-14 17:42:40, Info                  CSI    00000203 [SR] Verifying 100 (0x00000064) components
2015-12-14 17:42:40, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:49, Info                  CSI    0000020f [SR] Verify complete
2015-12-14 17:42:50, Info                  CSI    00000210 [SR] Verifying 32 (0x00000020) components
2015-12-14 17:42:50, Info                  CSI    00000211 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:51, Info                  CSI    00000213 [SR] Verify complete
2015-12-14 17:42:51, Info                  CSI    00000214 [SR] Repairing 5 components
2015-12-14 17:42:51, Info                  CSI    00000215 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:51, Info                  CSI    00000216 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:42:52, Info                  CSI    00000217 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000218 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000219 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:42:52, Info                  CSI    0000021a [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:42:52, Info                  CSI    0000021b [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:42:52, Info                  CSI    0000021d [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:42:52, Info                  CSI    0000021f [SR] Repair complete
2015-12-14 17:42:52, Info                  CSI    00000220 [SR] Committing transaction
2015-12-14 17:42:52, Info                  CSI    00000221 [SR] Cannot commit interactively, there are boot critical components being repaired
2015-12-14 17:42:52, Info                  CSI    00000222 [SR] Repairing 5 components
2015-12-14 17:42:52, Info                  CSI    00000223 [SR] Beginning Verify and Repair transaction
2015-12-14 17:42:52, Info                  CSI    00000224 [SR] Repairing corrupted file [ml:520{260},l:86{43}]"\??\C:\Windows\system32\spool\drivers\color"\[l:56{28}]"sRGB Color Space Profile.icm" from store
2015-12-14 17:42:52, Info                  CSI    00000225 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000226 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2015-12-14 17:42:52, Info                  CSI    00000227 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:82{41}]"Compressed (zipped) Folder.ZFSendToTarget" from store
2015-12-14 17:42:52, Info                  CSI    00000228 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:68{34}]"Desktop (create shortcut).DeskLink" from store
2015-12-14 17:42:52, Info                  CSI    00000229 [SR] Repairing corrupted file [ml:520{260},l:122{61}]"\??\C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo"\[l:46{23}]"Mail Recipient.MAPIMail" from store
2015-12-14 17:42:52, Info                  CSI    0000022b [SR] Repairing corrupted file [ml:520{260},l:62{31}]"\??\C:\Windows\System32\drivers"\[l:22{11}]"netbios.sys" from store
2015-12-14 17:42:52, Info                  CSI    0000022d [SR] Repair complete
 

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

SFC appears to have been able to fix everything.

 

Multiple copies of the same log.  Did you mean to post the VEW System and Application event logs?


  • 0

#9
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
Must have done it by accident.  Here is the System Log
 
 
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 14/12/2015 7:59:32 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/12/2015 1:18:35 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load:  i8042prt
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/12/2015 1:16:50 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

Application log?


  • 0

Advertisements


#11
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 15/12/2015 7:51:46 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 15/12/2015 1:24:41 AM
Type: Error Category: 0
Event: 3011 Source: Microsoft-Windows-LoadPerf
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Log: 'Application' Date/Time: 15/12/2015 1:24:41 AM
Type: Error Category: 0
Event: 3012 Source: Microsoft-Windows-LoadPerf
The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:34 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:18:20 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:17:59 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
Log: 'Application' Date/Time: 15/12/2015 1:17:59 AM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\ESET\ESET Smart Security\MFC80U.DLL".Error in manifest or policy file "C:\Program Files\ESET\ESET Smart Security\Microsoft.VC80.MFCLOC.MANIFEST" on line 5. Component identity found in manifest does not match the identity of the component requested. Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Please use sxstrace.exe for detailed diagnosis.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

The 3010 and 3011 errors can probably be fixed with the procedure on:

 

http://www.repairwin...11-event-error/

 

They talk about Windows 7 but it should work OK for Vista.

 

The 10 error can be ignored.

 

I'm not sure ESET is happy on this computer.  Lots of errors from it.  You can try reinstalling it from a fresh download.  Save the license info before you uninstall it.

 

How is it running now?  Any signs of malware?


  • 0

#13
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts

I installed a newer version of ESET, but there are still a bunch of errors from ESET.  Other than that the PC is running much better.  Any last scans?


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
We can check the hard drive and the temps with Speccy:
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  
 
Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down if it's still there.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.
 
 
Then we can check to make sure nothing is hogging the CPU with Process Explorer.
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 

  • 0

#15
Lorenzo Baltazar Perez

Lorenzo Baltazar Perez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 97.44 0 K 24 K 0
procexp.exe 2.05 29,688 K 42,212 K 5156 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.51 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe < 0.01 38,992 K 31,256 K 800 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 3,844 K 6,668 K 1368 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,640 K 7,232 K 1216 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
explorer.exe < 0.01 55,960 K 63,416 K 1044 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
System < 0.01 0 K 40,028 K 4
iPodService.exe < 0.01 2,768 K 4,744 K 3564 iPodService Module (32-bit) Apple Inc. (Verified) Apple Inc.
wmpnetwk.exe < 0.01 4,688 K 9,336 K 3072 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 1,876 K 4,532 K 916 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 41,884 K 18,400 K 2808 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 4,080 K 5,316 K 2288 MobileDeviceService Apple Inc. (Verified) Apple Inc.
egui.exe < 0.01 6,180 K 9,792 K 1628 ESET Main GUI ESET (Verified) ESET
audiodg.exe < 0.01 12,676 K 10,024 K 1688 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
ekrn.exe < 0.01 130,456 K 78,152 K 2360 ESET Service ESET (Verified) ESET
mDNSResponder.exe < 0.01 1,532 K 3,744 K 2328 Bonjour Service Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 91,572 K 92,632 K 1520 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe < 0.01 18,884 K 24,260 K 3212 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 43,268 K 38,308 K 1460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe < 0.01 4,568 K 6,932 K 1552 iTunesHelper Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 90,364 K 94,268 K 1572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe < 0.01 6,268 K 8,040 K 272 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 2,872 K 3,496 K 3152 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
wmdSync.exe 1,716 K 4,684 K 1724 User session Windows Mobile device handler Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 920 K 2,688 K 3004 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE 6,880 K 7,960 K 2660 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 2,164 K 5,012 K 1340 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,276 K 3,552 K 628 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,304 K 4,364 K 3100 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 8,764 K 8,392 K 464 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,000 K 5,544 K 856 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7,856 K 9,976 K 1784 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 16,888 K 12,936 K 1920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 18,888 K 13,884 K 1516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,828 K 6,180 K 1300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,208 K 4,556 K 1712 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 12,672 K 14,308 K 332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,608 K 4,076 K 2548 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,808 K 5,876 K 2588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 600 K 2,108 K 2644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,528 K 5,500 K 3528 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,636 K 14,924 K 2492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
smss.exe 340 K 780 K 956 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe 6,284 K 4,504 K 1756 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
services.exe 2,612 K 6,632 K 1196 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
MSASCui.exe 10,032 K 10,232 K 496 Windows Defender User Interface Microsoft Corporation (Verified) Microsoft Windows
mobsync.exe 3,308 K 5,908 K 3664 Microsoft Sync Center Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 1,956 K 3,628 K 1152 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 3,336 K 2,016 K 788 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 2,188 K 4,228 K 640 Java Update Scheduler Oracle Corporation (Verified) Oracle America
ehtray.exe 1,468 K 1,648 K 1852 Media Center Tray Applet Microsoft Corporation (Verified) Microsoft Windows
ehmsas.exe 1,116 K 3,716 K 2080 Media Center Media Status Aggregator Service Microsoft Corporation (Verified) Microsoft Windows
BJMYPRT.EXE 1,348 K 3,224 K 836 Canon My Printer CANON INC. (Verified) Canon Inc.
armsvc.exe 2,124 K 3,076 K 2268 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
 

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP