My computer stays busy, becomes real slow, the processes in my task manager arent showing much memory being used, but the harddrive stays racing.
now blue-screening.
im using windows 7 64 bit.
Here are my Farbar results:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by kuma (administrator) on PHANTOMBOXIII (19-03-2017 04:06:59)
Running from C:\Users\kuma\Downloads
Loaded Profiles: kuma (Available Profiles: kuma)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\Backblaze\bzserv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\nav.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Backblaze\bzbui.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\nav.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
(Lenovo) C:\Users\kuma\AppData\Local\Apps\2.0\OGZOGDN6.6RT\AY8O331B.NKO\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
() C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [597672 2017-02-18] ()
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\MountPoints2: {8e8d59c7-9c07-11e5-9c4a-3052cbb8f9cc} - L:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\MountPoints2: {ac975c47-aae0-11e6-82d9-b8aeeddd086a} - I:\VerizonWirelessUpgradeAssistantSetup.exe -a
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [597672 2017-02-18] ()
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk [2015-12-02]
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
Startup: C:\Users\kuma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2015-12-03]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{0555AD46-2111-4294-B85B-5A432A1375B0}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{33D53205-7326-4796-9591-E30772AD36DB}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Internet Explorer:
==================
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 2bzfbcwi.default
FF ProfilePath: C:\Users\kuma\AppData\Roaming\Mozilla\Firefox\Profiles\2bzfbcwi.default [2017-03-19]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\2bzfbcwi.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\2bzfbcwi.default -> hxxps://www.google.com/webhp?ie=utf-8&oe=utf-8
FF Extension: (ADB Helper) - C:\Users\kuma\AppData\Roaming\Mozilla\Firefox\Profiles\2bzfbcwi.default\Extensions\[email protected] [2017-03-16]
FF Extension: (Xmarks) - C:\Users\kuma\AppData\Roaming\Mozilla\Firefox\Profiles\2bzfbcwi.default\Extensions\[email protected] [2017-02-07]
FF Extension: (Valence) - C:\Users\kuma\AppData\Roaming\Mozilla\Firefox\Profiles\2bzfbcwi.default\Extensions\[email protected] [2017-01-27]
FF Extension: (JavaScript Debugger) - C:\Users\kuma\AppData\Roaming\Mozilla\Firefox\Profiles\2bzfbcwi.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-04-27]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFAddon [2017-03-13]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2842312947-2456017352-2829207900-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\kuma\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default [2017-03-13]
CHR Extension: (Google Slides) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-04]
CHR Extension: (Google Docs) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-04]
CHR Extension: (Google Drive) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-04]
CHR Extension: (YouTube) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-04]
CHR Extension: (Norton Security Toolbar) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-03-10]
CHR Extension: (Google Sheets) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-04]
CHR Extension: (Google Docs Offline) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-04]
CHR Extension: (Norton Identity Safe) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-04-04]
CHR Extension: (Norton Safe) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\kuma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-10]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-03]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S4 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [79872 2014-01-06] () [File not signed]
R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [444584 2017-02-18] ()
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-16] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-16] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-01-20] (Dropbox, Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-01-11] (Macrovision Europe Ltd.) [File not signed]
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-12-11] (Intel Corporation)
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S4 MIDISPORTAudioDevMon; C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe [1636872 2010-10-06] (M-Audio)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\NAV.exe [326152 2017-02-20] (Symantec Corporation)
S4 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
S4 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S4 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-09-10] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S4 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-11-11] ()
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\BASHDefs\20170314.001\BHDrvx64.sys [1831064 2017-03-03] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1609000.047\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)
S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-02-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-25] (Symantec Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\IPSDefs\20170317.002\IDSvia64.sys [1038024 2017-03-06] (Symantec Corporation)
S3 MAUSBMIDISPORT; C:\Windows\System32\DRIVERS\MAudioMIDISPORT.sys [199176 2010-10-06] (M-Audio)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-19] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-19] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-19] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-19] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82208 2017-03-19] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 RtkA2dp; C:\Windows\System32\drivers\RtkA2dp.sys [178904 2013-11-05] (Realtek Semiconductor Corporation)
S3 RtkAvrcpCtrlr; C:\Windows\System32\DRIVERS\RtkAvrcpCtrlr.sys [66904 2013-06-21] (Realtek Semiconductor Corporation)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [556760 2013-12-19] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3344088 2014-03-13] (Realtek Semiconductor Corporation )
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1609000.047\SRTSP64.SYS [760992 2017-02-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1609000.047\SRTSPX64.SYS [49312 2017-02-20] (Symantec Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [213088 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1609000.047\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1609000.047\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)
S3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2015-12-22] (Windows ® Win 7 DDK provider)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\SDSDefs\20170318.003\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\SDSDefs\20170318.003\NAVEX15.SYS [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 04:06 - 2017-03-19 04:10 - 00034085 _____ C:\Users\kuma\Downloads\FRST.txt
2017-03-19 04:06 - 2017-03-19 04:06 - 00000000 ____D C:\FRST
2017-03-19 04:05 - 2017-03-19 04:05 - 02424832 _____ (Farbar) C:\Users\kuma\Downloads\FRST64.exe
2017-03-18 09:44 - 2017-03-18 09:44 - 00289752 _____ C:\Windows\Minidump\031817-40232-01.dmp
2017-03-18 00:04 - 2017-03-18 00:04 - 00289696 _____ C:\Windows\Minidump\031817-42806-01.dmp
2017-03-17 22:10 - 2017-03-17 22:10 - 00289696 _____ C:\Windows\Minidump\031717-32963-01.dmp
2017-03-17 12:21 - 2017-03-17 12:22 - 00289752 _____ C:\Windows\Minidump\031717-35771-01.dmp
2017-03-17 04:58 - 2017-03-19 03:07 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-17 04:58 - 2017-03-19 03:03 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-17 04:57 - 2017-03-19 03:03 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-17 04:57 - 2017-03-19 03:03 - 00082208 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-17 04:57 - 2017-03-19 03:03 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-17 04:57 - 2017-03-17 04:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-17 04:57 - 2017-03-17 04:57 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-17 04:57 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-17 04:55 - 2017-03-17 04:56 - 57131432 _____ (Malwarebytes ) C:\Users\kuma\Downloads\mb3-setup-35891.35891-3.0.6.1469-1075(1).exe
2017-03-17 04:34 - 2017-03-17 04:35 - 57131432 _____ (Malwarebytes ) C:\Users\kuma\Downloads\mb3-setup-35891.35891-3.0.6.1469-1075.exe
2017-03-17 01:09 - 2017-03-17 01:09 - 00000373 _____ C:\Users\kuma\Documents\Tomorrow Night Web.txt
2017-03-16 23:57 - 2017-03-16 23:57 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsignbb5a60fd28c4cc14
2017-03-16 23:55 - 2017-03-16 23:55 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign9b6f7d25595d8eef
2017-03-16 23:55 - 2017-03-16 23:55 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign784b6afefdf2568b
2017-03-16 23:55 - 2017-03-16 23:55 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign3864b8222f32e9db
2017-03-16 23:47 - 2017-03-16 23:47 - 00015639 _____ C:\Users\kuma\Downloads\vintage.zip
2017-03-16 23:47 - 2017-03-16 23:47 - 00000000 _____ C:\Users\kuma\Desktop\vintage.ttf
2017-03-16 17:42 - 2017-03-16 17:42 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign955870974d89fb74
2017-03-16 17:40 - 2017-03-16 17:43 - 60726402 _____ C:\Users\kuma\Downloads\AllStarsbk.psd
2017-03-16 17:36 - 2017-03-16 17:36 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign9106bb9c8601b12e
2017-03-16 17:31 - 2017-03-16 17:31 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign6ba7c198621dc298
2017-03-16 17:31 - 2017-03-16 17:31 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign4a92b85ca268d7a9
2017-03-16 17:31 - 2017-03-16 17:31 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign2bc3bce9a322615d
2017-03-15 22:57 - 2017-03-15 22:57 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign22e5920b9b419735
2017-03-15 22:38 - 2017-03-15 22:38 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsignacd1916e7459f892
2017-03-15 22:37 - 2017-03-15 22:37 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign76757d0e418325f9
2017-03-15 22:37 - 2017-03-15 22:37 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign2df8d6c0e3a8deb0
2017-03-15 22:35 - 2017-03-15 22:35 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsignee6dcb5a378243ed
2017-03-15 22:35 - 2017-03-15 22:35 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsigndca2875e2daaff1f
2017-03-15 22:35 - 2017-03-15 22:35 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign1f0de03f1a048e6a
2017-03-14 03:15 - 2017-03-14 03:29 - 00000000 ____D C:\Users\kuma\Desktop\All Star Cuts
2017-03-10 08:22 - 2017-03-13 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-07 23:25 - 2017-03-07 23:27 - 00537016 _____ C:\Users\kuma\Documents\Mast.rns
2017-03-07 02:26 - 2017-03-07 02:37 - 00496170 _____ C:\Users\kuma\Documents\UP THE AUNTIE.rns
2017-03-06 14:50 - 2017-03-06 14:50 - 00046184 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-06 02:49 - 2017-03-06 02:49 - 00086280 _____ C:\Users\kuma\Downloads\Statement_06-23-2016.PDF
2017-03-05 04:00 - 2017-03-11 03:53 - 00090032 _____ C:\Users\kuma\Documents\Tales from the Crypt.cdp
2017-03-05 04:00 - 2017-03-10 23:43 - 00090032 _____ C:\Users\kuma\Documents\Tales from the Crypt.cdp.bak
2017-03-04 21:43 - 2017-03-13 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2017-03-04 21:38 - 2017-03-04 21:38 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2017-03-04 01:38 - 2017-03-04 02:12 - 00579790 _____ C:\Users\kuma\Documents\Beater.rns
2017-03-02 20:31 - 2017-03-02 20:32 - 72045844 _____ C:\Users\kuma\Downloads\Raridades 1778.wav
2017-03-02 19:29 - 2017-03-02 19:30 - 62108348 _____ C:\Users\kuma\Downloads\The Bomb - 91.wav
2017-03-02 04:49 - 2017-03-02 04:49 - 00083376 _____ C:\Users\kuma\Downloads\Killah Preist Flood Take 2.sfk
2017-03-02 04:08 - 2017-03-02 04:14 - 10663772 _____ C:\Users\kuma\Downloads\Killah Preist Flood Take 2.wav
2017-03-02 04:08 - 2017-03-02 04:14 - 00125116 _____ C:\Users\kuma\Downloads\Killah Preist Flood Take 2.pk
2017-03-02 04:08 - 2017-03-02 04:08 - 00613012 _____ C:\Users\kuma\Downloads\Killah Preist Flood.pk
2017-03-02 04:03 - 2017-03-02 04:08 - 00083776 _____ C:\Users\kuma\Downloads\Killah Preist Flood.mp4.sfk
2017-03-02 03:59 - 2017-03-02 03:59 - 119105000 _____ C:\Users\kuma\Downloads\Killah Preist Flood.mp4
2017-03-02 03:25 - 2017-03-02 03:55 - 00560564 _____ C:\Users\kuma\Documents\Wind Blow.rns
2017-02-27 19:12 - 2017-02-27 19:12 - 00000000 ____D C:\Users\kuma\AppData\Roaming\PDAppFlex
2017-02-27 19:11 - 2017-02-27 19:11 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign6f98cd9b470672c3
2017-02-27 19:11 - 2017-02-27 19:11 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign15418b11a5d1dc03
2017-02-27 19:11 - 2017-02-27 19:11 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign0cc13affa36435ff
2017-02-27 19:11 - 2017-02-27 19:11 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign04a6ba3230949ee1
2017-02-26 06:48 - 2017-02-26 06:48 - 05476417 _____ C:\Users\kuma\Downloads\Dosent_matter_Anyway-1
2017-02-25 06:51 - 2008-07-03 16:12 - 03171452 _____ C:\Users\kuma\Desktop\sook drama intro (2).wav
2017-02-25 06:51 - 2001-07-24 19:51 - 05949484 _____ C:\Users\kuma\Desktop\slaughter intro.wav
2017-02-25 06:50 - 2007-09-18 20:25 - 04234984 _____ C:\Users\kuma\Desktop\satamn intro.wav
2017-02-25 06:50 - 2006-08-11 00:43 - 05798256 _____ C:\Users\kuma\Desktop\opera intro (2).wav
2017-02-25 06:47 - 2007-12-11 22:15 - 08504224 _____ C:\Users\kuma\Desktop\INTROI.wav
2017-02-25 06:44 - 2009-07-20 16:43 - 09548608 _____ C:\Users\kuma\Desktop\intro.wav
2017-02-25 06:38 - 2013-05-29 18:14 - 09098288 _____ C:\Users\kuma\Desktop\Evil Intro .wav
2017-02-24 18:24 - 2017-03-19 03:42 - 00000000 ____D C:\Program Files (x86)\Voxengo
2017-02-24 18:23 - 2017-02-24 18:23 - 00678219 _____ C:\Users\kuma\Downloads\Voxengor8brain_19_WinGUI_setup.exe
2017-02-23 14:40 - 2017-02-23 14:40 - 00000000 ____D C:\Users\kuma\AppData\Roaming\HPPSDr
2017-02-22 01:02 - 2017-02-22 21:51 - 00000000 ____D C:\Users\kuma\Desktop\Flood Videos
2017-02-22 00:39 - 2017-02-22 00:39 - 00000000 ____D C:\Users\kuma\Desktop\The Torture! The Horror!
2017-02-22 00:39 - 2017-02-22 00:39 - 00000000 ____D C:\Users\kuma\Desktop\The Flood-Flood Ritual
2017-02-20 23:44 - 2017-02-20 23:44 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsignff7c3e82f6bd9acd
2017-02-20 23:42 - 2017-02-20 23:42 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign45698d3edd3ffcae
2017-02-20 23:41 - 2017-02-20 23:41 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign46d0aec76a479263
2017-02-20 23:41 - 2017-02-20 23:41 - 00000000 ____D C:\Users\kuma\AppData\Local\Tempzxpsign30622a1c24b94c8b
2017-02-20 15:32 - 2017-02-20 23:28 - 00557266 _____ C:\Users\kuma\Documents\SEWER.rns
2017-02-18 12:10 - 2017-02-18 20:28 - 00771642 _____ C:\Users\kuma\Documents\Ohhhh.rns
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-19 04:08 - 2009-07-13 22:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 04:08 - 2009-07-13 22:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-19 03:56 - 2016-11-17 19:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-19 03:56 - 2015-12-23 18:47 - 00000000 ____D C:\Program Files (x86)\Backblaze
2017-03-19 03:56 - 2015-12-03 06:50 - 00000000 ____D C:\Windows\system32\MRT
2017-03-19 03:52 - 2015-12-03 06:50 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-19 03:49 - 2016-11-18 23:21 - 00000000 ____D C:\Users\kuma\AppData\LocalLow\Mozilla
2017-03-19 03:41 - 2016-01-14 18:04 - 00000396 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2017-03-19 03:19 - 2016-06-16 18:54 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-19 03:06 - 2015-12-03 17:53 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-19 03:06 - 2015-12-03 17:53 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-19 03:06 - 2015-12-03 17:53 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-19 03:06 - 2015-12-03 17:53 - 00000000 ____D C:\Users\kuma\AppData\Local\Adobe
2017-03-19 03:06 - 2015-12-03 16:37 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-19 03:03 - 2016-06-16 18:54 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-03-19 03:02 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-19 02:14 - 2015-12-03 03:23 - 00000000 ____D C:\Users\kuma\Documents\ACID Pro 7.0 Projects
2017-03-19 02:09 - 2015-12-13 03:35 - 00000000 ____D C:\Users\kuma\AppData\Local\Deployment
2017-03-18 10:10 - 2015-12-10 04:24 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2017-03-18 09:44 - 2015-12-23 07:41 - 00000000 ____D C:\Windows\Minidump
2017-03-18 09:43 - 2016-05-09 16:34 - 592121809 _____ C:\Windows\MEMORY.DMP
2017-03-18 02:15 - 2016-10-09 02:00 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2017-03-18 01:12 - 2015-12-03 00:47 - 00000000 ____D C:\Users\kuma\Desktop\KaveMp3's 2
2017-03-17 22:28 - 2016-06-16 18:58 - 00000000 ___RD C:\Users\kuma\Dropbox
2017-03-17 22:15 - 2015-12-13 03:43 - 00000000 ____D C:\Users\kuma\AppData\Local\CrashDumps
2017-03-17 22:15 - 2015-12-04 23:33 - 00000000 ____D C:\Temp
2017-03-17 22:10 - 2015-12-02 23:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-17 04:57 - 2016-09-01 18:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-17 04:36 - 2009-07-13 23:13 - 00798694 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-17 04:36 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-03-17 04:32 - 2009-07-13 22:45 - 15564376 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-17 03:02 - 2016-03-12 01:51 - 00315968 _____ C:\Users\kuma\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-17 00:53 - 2015-12-04 14:29 - 00000000 ____D C:\Users\kuma\Documents\All Stars of Infamy
2017-03-16 23:13 - 2016-04-19 01:54 - 00294090 _____ C:\Users\kuma\Documents\Dooeey.rns
2017-03-16 18:12 - 2015-12-04 14:31 - 00026456 _____ C:\Users\kuma\Documents\All-Stars of Infamy.cdp
2017-03-16 05:42 - 2015-12-04 14:27 - 00026448 _____ C:\Users\kuma\Documents\All-Stars of Infamy.cdp.bak
2017-03-15 23:36 - 2015-12-04 14:31 - 00000000 ____D C:\Users\kuma\Documents\Flood Design
2017-03-15 16:55 - 2016-03-22 03:22 - 00000000 ___RD C:\Users\kuma\Creative Cloud Files
2017-03-15 16:55 - 2016-03-22 03:22 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-03-14 08:27 - 2015-12-02 23:41 - 00000000 ____D C:\Users\kuma\AppData\Roaming\Publish Providers
2017-03-13 22:45 - 2016-01-05 04:36 - 00486286 _____ C:\Users\kuma\Documents\Abysmal.rns
2017-03-13 18:03 - 2016-06-16 18:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-03-13 18:03 - 2016-02-05 22:44 - 00000000 ____D C:\Users\kuma\AppData\Local\Quick_Zip_Dev
2017-03-13 18:03 - 2015-12-13 03:35 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2017-03-13 18:03 - 2015-12-09 17:08 - 00000000 ____D C:\ProgramData\Norton
2017-03-13 18:03 - 2015-12-09 16:03 - 00000000 ____D C:\Program Files (x86)\HP
2017-03-13 18:03 - 2015-12-02 22:10 - 00000000 ____D C:\Users\kuma
2017-03-13 18:03 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2017-03-13 15:23 - 2016-09-01 20:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus Online
2017-03-13 15:23 - 2016-09-01 20:51 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2017-03-13 15:23 - 2015-12-09 17:08 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2017-03-13 15:23 - 2015-12-09 17:08 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-03-13 15:20 - 2015-12-22 01:15 - 00602464 _____ C:\Windows\ntbtlog.txt
2017-03-11 04:56 - 2016-01-23 03:37 - 00022200 _____ C:\Users\kuma\Documents\Spring Training.cdp
2017-03-10 21:54 - 2015-12-21 21:40 - 00000032 _____ C:\Users\kuma\AppData\Roaming\msregsvv.dll
2017-03-10 21:54 - 2015-12-21 21:40 - 00000032 _____ C:\ProgramData\autobk.inc
2017-03-10 02:57 - 2009-07-13 23:08 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-07 19:24 - 2016-06-16 18:54 - 00000000 ____D C:\Users\kuma\AppData\Local\Dropbox
2017-03-06 22:10 - 2015-12-22 23:16 - 00000000 ____D C:\Program Files (x86)\Recycle
2017-03-05 02:22 - 2015-12-10 04:23 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-03 21:51 - 2016-09-01 20:52 - 00102608 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2017-03-03 21:51 - 2016-09-01 20:52 - 00008298 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2017-02-27 19:07 - 2016-03-22 17:46 - 00000033 _____ C:\Users\kuma\AppData\Roaming\AdobeWLCMCache.dat
2017-02-26 03:07 - 2017-01-28 08:55 - 00009800 _____ C:\Users\kuma\Documents\CRYBABY CUNNT.cdp
2017-02-23 15:06 - 2015-12-09 16:04 - 00000000 ____D C:\Users\kuma\AppData\Roaming\HpUpdate
2017-02-23 14:41 - 2015-12-09 16:03 - 00000000 ____D C:\ProgramData\HP
2017-02-22 14:31 - 2016-03-17 12:56 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-21 17:06 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-17 03:41 - 2017-02-03 22:14 - 00020240 _____ C:\Users\kuma\Documents\BEATS 5.cdp
2017-02-17 01:37 - 2017-02-03 22:14 - 00020240 _____ C:\Users\kuma\Documents\BEATS 5.cdp.bak
2017-02-17 00:06 - 2017-02-16 23:21 - 00522532 _____ C:\Users\kuma\Documents\Esclave.rns
==================== Files in the root of some directories =======
2016-03-22 17:46 - 2017-02-27 19:07 - 0000033 _____ () C:\Users\kuma\AppData\Roaming\AdobeWLCMCache.dat
2015-12-21 21:40 - 2017-03-10 21:54 - 0000032 _____ () C:\Users\kuma\AppData\Roaming\msregsvv.dll
2016-04-04 19:55 - 2016-05-03 02:42 - 0001456 _____ () C:\Users\kuma\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-12-13 18:55 - 2016-12-06 04:08 - 3812532 _____ () C:\Users\kuma\AppData\Local\BTServer.log
2015-12-09 16:03 - 2015-12-09 16:03 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-21 21:40 - 2017-03-10 21:54 - 0000032 _____ () C:\ProgramData\autobk.inc
2015-12-13 03:42 - 2015-12-13 03:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-03-19 03:35 - 2017-02-24 18:24 - 0044391 _____ () C:\Users\kuma\AppData\Local\Temp\A~NSISu_.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-14 09:24
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by kuma (19-03-2017 04:11:41)
Running from C:\Users\kuma\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-12-03 04:10:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2842312947-2456017352-2829207900-500 - Administrator - Disabled)
Guest (S-1-5-21-2842312947-2456017352-2829207900-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2842312947-2456017352-2829207900-1002 - Limited - Enabled)
kuma (S-1-5-21-2842312947-2456017352-2829207900-1000 - Administrator - Enabled) => C:\Users\kuma
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton AntiVirus Online (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus Online (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACID Effects Rack (HKLM-x32\...\ACID Effects Rack_is1) (Version: 1.00 - iZotope, Inc.)
ACID Pro 7.0 (HKLM-x32\...\{F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}) (Version: 7.0.713 - Sony)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.2 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_1_0) (Version: 20.1.0 - Adobe Systems Incorporated)
Adobe Illustrator CS5.1 (HKLM-x32\...\{23767F5D-A80C-4264-B8EA-ED4085FC332A}) (Version: 15.1 - Adobe Systems Incorporated)
Adobe InDesign CS3 (HKLM-x32\...\Adobe_0afb6829baf354bd3bebf7d31585b38) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Setup (HKLM-x32\...\Adobe_51f6c461b708d4e21bfccac1a72c5e7) (Version: 1.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Backblaze (HKLM-x32\...\Backblaze) (Version: - Backblaze, Inc)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CenturyLink Installer (HKLM-x32\...\{C96FF998-45BD-411E-9253-B7F2660FE280}) (Version: 1.0 - CenturyLink, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
Custom Shop version 1.7.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.7.0 - IK Multimedia)
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duplicate File Finder (HKLM-x32\...\{1041487C-12E6-47FE-B83A-E9891782C8FE}}_is1) (Version: 6.2.1 - Ashisoft)
FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft)
Free MP4 Video Converter (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.71.1211 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)
Garritan ARIA for ACID Pro (HKLM\...\Garritan ARIA for ACID Pro_is1) (Version: v1.000 - Garritan)
GetDiz (HKLM-x32\...\GetDiz) (Version: 4.8 - Outertech)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{23617173-F935-4C17-A323-EB1207F3ED49}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP ENVY 4520 series Basic Device Software (HKLM\...\{AA543771-C534-4954-831A-9862C626796F}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP ENVY 4520 series Help (HKLM-x32\...\{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{AFF80405-E56A-48E7-98FC-8E46E261949F}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HyperPrism v1.55b (HKLM-x32\...\Hyperprism) (Version: - )
IK Multimedia Authorization Manager version 1.0.16 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.16 - IK Multimedia)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4332 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Lenovo Service Bridge (HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0037 - Lenovo)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
M-Audio MIDISPORT Driver 6.1.2 (x64) (HKLM\...\{4426D036-72EE-4F93-B061-0BE1942DE627}) (Version: 6.1.2 - M-Audio)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox 52.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 en-US)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
MPD18 Editor (HKLM-x32\...\MPD18Editor) (Version: - )
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.3 - NETGEAR)
Norton AntiVirus Online (HKLM-x32\...\NAV) (Version: 22.9.0.71 - Symantec Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeaZip 5.9.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 5.9.0 - Giorgio Tani)
Quick Zip 5.1 (HKLM-x32\...\{87AF4C0E-D953-424B-8108-3127CA217E6F}) (Version: 5.1.13 - Quick Zip Dev)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010714 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.0239 - REALTEK Semiconductor Corp.)
Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)
ReCycle v2.1 (HKLM-x32\...\ReCycle v2.1) (Version: - )
SampleTank 3 version 3.6.6 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.6.6 - IK Multimedia)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Sony CD Architect 5.2 (HKLM-x32\...\{84C7A433-CED3-4410-9D69-0BF5486B9631}) (Version: 5.2.214 - Sony)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
T-RackS CS version 4.5.0 (HKLM\...\{E931EBCC-55F9-4D67-BA0E-D57C4A893A44}_is1) (Version: 4.5.0 - IK Multimedia)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{2BC6BC08-9E31-4B36-8715-E170F6173942}) (Version: 2.16.0404 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{54F10727-0D7A-4B24-9D8E-F4BB59CB9148}) (Version: 2.16.0307 - Samsung Electronics Co., Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2842312947-2456017352-2829207900-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2842312947-2456017352-2829207900-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09EDF901-A85B-4753-8C0D-4E37A9C520A5} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-09-10] ()
Task: {0A16A422-6A88-4269-AECE-A265BC38DDFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-04] (Google Inc.)
Task: {2382C6A4-3779-4F72-BDEF-FF3AE5D10937} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-16] (Dropbox, Inc.)
Task: {2F4515B8-0BA6-40DB-8FC5-617E999741B8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {385DFE0C-2AD9-4061-AEC2-250FD746812D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-16] (Dropbox, Inc.)
Task: {3D061DF9-0F3A-449A-BB23-2F509CC8047F} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2842312947-2456017352-2829207900-1000 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\kuma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {3F53053C-4ED9-4B86-9F3D-DF38EF96C691} - System32\Tasks\{74511BE0-7A09-4128-8C8D-0D65187094BF} => pcalua.exe -a C:\Users\kuma\Downloads\install_backblaze.exe -d C:\Users\kuma\Downloads
Task: {41F6BD76-26E4-4E1E-A26B-5C891F1647EC} - System32\Tasks\{82827272-FF7D-47C3-9C2E-3626AFE2824A} => pcalua.exe -a C:\Users\kuma\Downloads\ap7-kitcore.exe -d C:\Users\kuma\Downloads
Task: {4215A38A-4EAB-4B67-B33A-6B45476FCFF5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {4E8186DA-E97A-4A03-A708-45C5DE9E4AF4} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Online Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {55128564-412A-47A0-A19C-6C391F6ED0D8} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Online Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {5EF405D5-6050-4BD1-A978-89EC35468B97} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {67004814-224E-4717-B61E-6660FFBB511C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus Online\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {6AC329CC-5CEB-4661-8D15-76262EEC3739} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {7DFD82A0-8B87-4060-B102-1EB22A3F79DF} - System32\Tasks\HP Photo Creations Communicator => C:\Users\kuma\AppData\Roaming\HP Photo Creations\Communicator.exe [2016-01-14] ()
Task: {82DFB6DF-4578-4B98-A238-8355D1B425AD} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {907D5454-ECF5-4044-BA2D-3A6376277EBF} - System32\Tasks\AdobeAAMUpdater-1.0-PhantomboxIII-kuma => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {9101CD05-2FB4-4DA8-81FA-E92CDB97FDC4} - System32\Tasks\{5C3517C6-C7EC-4937-93BC-CDF44DAE8C19} => pcalua.exe -a I:\Acid\Sony_ACID_Pro_7.0c+KeyGen\acidpro70c.exe -d I:\Acid\Sony_ACID_Pro_7.0c+KeyGen
Task: {B2CF5550-0467-4DCF-8F28-D0D002A992E0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-09-10] ()
Task: {B51EF32E-9A95-49BF-8A91-5FEA4F35C827} - System32\Tasks\{23FAB53A-25F6-4D79-A753-C4538B02915D} => pcalua.exe -a "C:\Users\kuma\Desktop\Sony ACID Pro 7.0.641.Keygen\acidpro70.exe" -d "C:\Users\kuma\Desktop\Sony ACID Pro 7.0.641.Keygen"
Task: {BFF7DC5C-547C-4FB1-BE83-ED0CA0B3A0CF} - System32\Tasks\{91C5226F-A581-4EAD-8F86-255096D8B351} => pcalua.exe -a "C:\Users\kuma\Desktop\Microsoft Office\Microsoft Office Xp Pro (Word, Excel, Powerpoint, Outlook, Access, Frontpage, Publisher 2003)\SETUP.EXE" -d "C:\Users\kuma\Desktop\Microsoft Office\Microsoft Office Xp Pro (Word, Excel, Powerpoint, Outlook, Access, Frontpage, Publisher 2003)"
Task: {C29049F9-2E00-414E-B7A6-28F36F6F4D56} - System32\Tasks\{83D4D3CF-68C9-4FF2-94F2-A34CC493BE3D} => pcalua.exe -a "H:\Phantombox_Backup\Memeo\Phantombox_Backup\C_\Users\Phantombox\Desktop\Adobe CS3\Photoshop\Adobe CS3\Setup.exe" -d "H:\Phantombox_Backup\Memeo\Phantombox_Backup\C_\Users\Phantombox\Desktop\Adobe CS3\Photoshop\Adobe CS3"
Task: {C6A86ACC-7829-4433-816D-A6C1A7F6EF22} - System32\Tasks\{BBF900CA-F158-44B3-9540-B6860CC79266} => pcalua.exe -a "G:\Kuma_Backup\2011-06-18_22-38-22\Memeo\2011-06-18_22-38-22\C_\Documents and Settings\Kuma\My Documents\Downloads\Adobe CS3\Setup.exe" -d "G:\Kuma_Backup\2011-06-18_22-38-22\Memeo\2011-06-18_22-38-22\C_\Documents and Settings\Kuma\My Documents\Downloads\Adobe CS3"
Task: {C8BAE4FC-5CDD-474D-91B9-3505715CF765} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-04] (Google Inc.)
Task: {CAF7AF81-5FCA-4C54-8377-E6267BAA1167} - System32\Tasks\{C5C8B448-FDFF-477B-9B47-927D94565EC5} => pcalua.exe -a "G:\KaveMinionII_Backup\2012-05-11_15-43-02\Memeo\2012-05-11_15-43-02\C_\Users\KaveMinionII\Downloads\Cool Edit Pro 2.1 with Crack\Crack\cep2reg.exe" -d "G:\KaveMinionII_Backup\2012-05-11_15-43-02\Memeo\2012-05-11_15-43-02\C_\Users\KaveMinionII\Downloads\Cool Edit Pro 2.1 with Crack\Crack"
Task: {E501CEC4-1E34-4D06-9D7F-5DED492B08AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {EE7DB895-0FC0-4C74-A4DA-0DDBBAC56913} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {F0B3DCE3-9CB9-4AB2-AEB4-DD9B83806B67} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F8B3D255-B377-428C-BDB3-8BA3513D121F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {FC174DBB-F9CC-4EAD-AA22-951766AD767A} - System32\Tasks\{FB2B4070-DA93-4778-A26C-FB82E5123FAE} => pcalua.exe -a "C:\Users\kuma\Desktop\Phantom Box 2\Desktopp\SampleTank Free Sounds\Pc Sounds Installer\SampleTank Free Sounds Installer.exe" -d "C:\Users\kuma\Desktop\Phantom Box 2\Desktopp\SampleTank Free Sounds\Pc Sounds Installer"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\kuma\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-12-23 18:48 - 2017-02-18 11:48 - 00444584 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe
2017-03-17 04:57 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-17 04:57 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-03-21 02:02 - 2017-02-18 11:48 - 00597672 _____ () C:\Program Files (x86)\Backblaze\bzbui.exe
2015-12-02 22:19 - 2013-12-09 18:01 - 08385240 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2016-09-10 11:55 - 2016-09-10 11:55 - 00031104 _____ () C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
2015-12-23 18:48 - 2017-02-18 11:48 - 04459176 _____ () C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe
2015-12-02 22:19 - 2013-11-01 18:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2842312947-2456017352-2829207900-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kuma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.3.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AvrcpService => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BTDevManager => 2
MSCONFIG\Services: bzserv => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: LSC.Services.SystemService => 3
MSCONFIG\Services: MIDISPORTAudioDevMon => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RtkBleServ => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: SUService => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: WSWNDA3100v2 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot FF RunOnce.lnk => C:\Windows\pss\Install Webroot FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install Webroot IE RunOnce.lnk => C:\Windows\pss\Install Webroot IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^kuma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verizon Wireless Software Utility Application for Android – Samsung.lnk => C:\Windows\pss\Verizon Wireless Software Utility Application for Android – Samsung.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BtServer => "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
MSCONFIG\startupreg: CenturyLinkTouchPointAgent => "C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe" /autostart
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: HP ENVY 4520 series (NET) => "C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH58S2M2380660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WRSVC => "C:\Program Files\Webroot\WRSA.exe" -ul
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1ED7B5A7-7EB4-4E6E-AED7-BF152CAD6704}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37EB11E5-78A4-4D35-9478-3B8389A20B6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0C32764-9B29-4EE9-AEAC-04F962DEF21D}] => (Allow) C:\Users\kuma\Downloads\setup_magicdisc106-68409856.exe
FirewallRules: [{5240A8DF-5AC0-40F0-9E27-E2FAE899A7CC}] => (Allow) C:\Users\kuma\Downloads\setup_magicdisc106-68409856.exe
FirewallRules: [{0B93F568-801E-4EE1-A6D0-94257AFBC754}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1F394B0-1E87-48CC-AB09-4047605EF074}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5795AD1B-09FA-4291-BD89-708E145547E5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5884FF74-A9AE-457B-9DA7-393DBF8B7BEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6F2A3BC-6706-4C3E-B572-EAE7CB0F4711}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5DFEA3FE-418C-4A42-8457-93717C52939E}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS2323\HP.EasyStart.exe
FirewallRules: [{A7075889-9DBE-49B6-9AEC-C847F07FDDCD}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{B10DFAD6-5167-4472-B5D6-3E20BF1B5C85}] => (Allow) LPort=5357
FirewallRules: [{F98BE4F9-D96A-4AF1-BF8D-6D238ABB2008}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DD9CBF05-CE0E-4F25-974A-F1F3C722DD8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97C9B7A0-CC77-4294-BD3B-C3AA2CC0800F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A21A508B-1343-4B68-9C46-5EAB8768B774}] => (Allow) C:\Users\kuma\Desktop\VoicemeeterSetup_v1035-71035590.exe
FirewallRules: [{4EE2D9A2-5FDF-4D07-B244-E042916A3909}] => (Allow) C:\Users\kuma\Desktop\VoicemeeterSetup_v1035-71035590.exe
FirewallRules: [{E7831F4E-C4D2-464B-AA39-14163E3B305D}] => (Allow) C:\Users\kuma\Downloads\FreeYouTubeDownload-71051020.exe
FirewallRules: [{5BCC1CB6-BDE4-48AA-841C-56018824DD13}] => (Allow) C:\Users\kuma\Downloads\FreeYouTubeDownload-71051020.exe
FirewallRules: [{D9D801DD-2F9F-437C-A0E6-406C2DF05387}] => (Allow) C:\Users\kuma\Downloads\FreeMP4VideoConverter-71149290.exe
FirewallRules: [{C6B86E63-36C5-4316-9FD2-DEAE3DD3CD89}] => (Allow) C:\Users\kuma\Downloads\FreeMP4VideoConverter-71149290.exe
FirewallRules: [{0103E90C-9615-42D0-98A1-6D55A9182D9D}] => (Allow) C:\Users\kuma\Downloads\quickzip51-77157235.exe
FirewallRules: [{F53176B5-7004-4BC7-A90A-B549FDD8018D}] => (Allow) C:\Users\kuma\Downloads\quickzip51-77157235.exe
FirewallRules: [{CDBF60BC-175F-4394-9126-3B7232AF4E44}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS5F4E.tmp\SymNRT.exe
FirewallRules: [{5AA66469-3A95-436C-8E9C-398618B7DA1F}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS5F4E.tmp\SymNRT.exe
FirewallRules: [{453878BC-2AEF-448B-8BE9-08881C36D00E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{3CA86330-0303-49F6-8B6F-C75D3F694330}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{59989873-094E-4A20-9BC9-7EECA16FBC0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FEAECE1-E344-4FD9-9726-867E1B23A1E0}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS5EBD\HPDiagnosticCoreUI.exe
FirewallRules: [{392D04D3-748A-4DDE-8785-DC69AA6A9886}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS5EBD\HPDiagnosticCoreUI.exe
FirewallRules: [{27EE7205-662D-49D1-9C3A-0B4902ECAD02}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS7588\HPDiagnosticCoreUI.exe
FirewallRules: [{796A184E-48BD-48FF-B021-7A79681E6690}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS7588\HPDiagnosticCoreUI.exe
FirewallRules: [{2C8A8C87-3613-4FA8-B78A-25B55C20C946}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS26C5\HPDiagnosticCoreUI.exe
FirewallRules: [{F8C075F2-7CAB-46E3-9388-53848255EC4B}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS26C5\HPDiagnosticCoreUI.exe
FirewallRules: [{236E6138-CBEF-4193-AF21-BDD6EFFB9110}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS275C\HPDiagnosticCoreUI.exe
FirewallRules: [{178FBBF9-48B2-4F55-919C-5453B2FD3E63}] => (Allow) C:\Users\kuma\AppData\Local\Temp\7zS275C\HPDiagnosticCoreUI.exe
FirewallRules: [{5D54CFEE-C41D-4C74-A688-3AA2EDB30C4E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
17-03-2017 13:34:42 Scheduled Checkpoint
19-03-2017 03:49:44 Windows Update
==================== Faulty Device Manager Devices =============
Name: Realtek Bluetooth 4.0 + High Speed Chip
Description: Realtek Bluetooth 4.0 + High Speed Chip
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/19/2017 03:44:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CompatTelRunner.exe, version: 10.0.14913.1002, time stamp: 0x57d1070d
Faulting module name: devinv.dll, version: 10.0.14913.1002, time stamp: 0x57d10950
Exception code: 0xc0000005
Fault offset: 0x0000000000023c00
Faulting process id: 0x12e4
Faulting application start time: 0x01d2a0900cedb294
Faulting application path: C:\Windows\system32\CompatTelRunner.exe
Faulting module path: C:\Windows\system32\devinv.dll
Report Id: 9d69f7e1-0c88-11e7-8a31-b8aeeddd086a
Error: (03/19/2017 03:04:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 02:07:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/18/2017 09:45:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/18/2017 02:30:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/18/2017 01:13:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/18/2017 12:06:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/17/2017 10:15:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: coolpro2.exe, version: 2.1.3097.0, time stamp: 0x3e9369a7
Faulting module name: coolpro2.exe, version: 2.1.3097.0, time stamp: 0x3e9369a7
Exception code: 0xc0000094
Fault offset: 0x0013c626
Faulting process id: 0x159c
Faulting application start time: 0x01d29f9e40e7da3f
Faulting application path: C:\Program Files (x86)\coolpro2\coolpro2.exe
Faulting module path: C:\Program Files (x86)\coolpro2\coolpro2.exe
Report Id: 8139934c-0b91-11e7-88fe-b8aeeddd086a
Error: (03/17/2017 10:12:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/17/2017 12:23:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (03/19/2017 03:02:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
A device attached to the system is not functioning.
Error: (03/19/2017 02:58:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Server service terminated with the following error:
The data is invalid.
Error: (03/19/2017 02:58:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
A system shutdown is in progress.
Error: (03/19/2017 02:58:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IPsec Policy Agent service failed to start due to the following error:
The service did not start due to a logon failure.
Error: (03/19/2017 02:58:42 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:
The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation.
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (03/19/2017 02:58:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IPsec Policy Agent service failed to start due to the following error:
The service did not start due to a logon failure.
Error: (03/19/2017 02:58:42 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:
The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation.
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (03/19/2017 02:58:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IPsec Policy Agent service failed to start due to the following error:
The service did not start due to a logon failure.
Error: (03/19/2017 02:58:42 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:
The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation.
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (03/19/2017 02:58:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IPsec Policy Agent service failed to start due to the following error:
The service did not start due to a logon failure.
==================== Memory info ===========================
Processor: Intel® Core i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 81%
Total physical RAM: 4010.2 MB
Available physical RAM: 727.77 MB
Total Virtual: 8018.59 MB
Available Virtual: 4815.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.21 GB) (Free:372.4 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:433.92 GB) (Free:258.77 GB) NTFS
Drive g: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:207.29 GB) NTFS
Drive h: (Porsche Drive) (Fixed) (Total:931.51 GB) (Free:617.44 GB) NTFS
Drive j: (Reason 5) (CDROM) (Total:2.5 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=931.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: BEB1E558)
Partition: GPT.
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CD1BA1A9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Can you help?
Edited by kuma781, 19 March 2017 - 04:20 AM.