Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Inherited computer running poorly


  • Please log in to reply

#1
Sonny_D153

Sonny_D153

    Member

  • Member
  • PipPip
  • 12 posts

I inherited my dads gaming computer. From time to time, he jumps on and tries to play old games and fix problems. Things are mess up now, most of my games load slower and simple things like Explorer don't work. Please help. Here are the logs you requested.

 

Thank you,

Alexa

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2017
Ran by jp (administrator) on JP-PC (27-11-2017 19:08:59)
Running from C:\Users\jp\Desktop
Loaded Profiles: jp (Available Profiles: jp)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10806816 2010-04-30] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2016-10-11] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Razer Mamba Elite Driver] => C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe [973720 2011-11-25] (Razer USA Ltd)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-30] (Valve Corporation)
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964576 2017-10-24] (SUPERAntiSpyware)
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [57446344 2017-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\MountPoints2: {c086ab05-7c12-11e1-9506-001fbc0dc707} - F:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-03-06]
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win PC Optimizer.lnk [2015-07-21]
ShortcutTarget: Win PC Optimizer.lnk -> C:\Windows\Installer\{A12BC961-A17E-4400-89E3-7939E082D827}\NewShortcut1_C333EC4496E344CA9E30F596C2ED385D.exe (No File)
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 52.5.158.173,8.8.8.8
Tcpip\..\Interfaces\{8A2B8332-146E-4B1D-8493-7122587FFC7C}: [NameServer] 52.5.158.173,8.8.8.8
Tcpip\..\Interfaces\{8A2B8332-146E-4B1D-8493-7122587FFC7C}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-18] (Sun Microsystems, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-18] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-04-18] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll [2012-05-11] (ESN Social Software AB)
FF Plugin-x32: @gametree.co.kr/GTL -> C:\ProgramData\Gametree\GTL\npGTL.dll [2013-06-13] (NtreevSoft)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default [2017-11-27]
CHR Extension: (YouTube) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Star Stable Online) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnlmdkpemkkigkgelegknllpmfclakkk [2014-11-22]
CHR Extension: (Skype) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-08-06]
CHR Extension: (Search Manager) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-11-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-27]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-10] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-10-11] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-07-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-11-26] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsl6cee278b; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AFE745DD-B65F-4F9B-A421-D8513E3D87EE}\MpKsl6cee278b.sys [58120 2017-11-27] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2015-11-25] () [File not signed]
U3 aswbdisk; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-27 19:08 - 2017-11-27 19:10 - 000014123 _____ C:\Users\jp\Desktop\FRST.txt
2017-11-27 19:05 - 2017-11-27 19:08 - 000000000 ____D C:\FRST
2017-11-27 19:04 - 2017-11-27 19:04 - 002391552 _____ (Farbar) C:\Users\jp\Desktop\FRST64.exe
2017-11-26 18:09 - 2016-01-29 03:04 - 000614848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-11-26 18:08 - 2016-01-29 06:08 - 031523896 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 024207296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 023000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 018634264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 017559240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 016128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 015302712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 014497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 013916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 013828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 012911160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-11-26 18:08 - 2016-01-29 06:08 - 011272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 011209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 004252608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 003996216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 003210784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 002825016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 001908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434195.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 001557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434195.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000952256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000915392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000911928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000878648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-11-26 18:02 - 2017-11-26 18:12 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-26 18:02 - 2016-01-29 06:08 - 000082488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-11-26 18:02 - 2016-01-29 06:08 - 000067520 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 006791736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 003529152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 002558328 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 000932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2017-11-26 18:02 - 2016-01-29 04:49 - 000384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 000062512 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-11-26 18:02 - 2016-01-28 10:29 - 006150607 _____ C:\Windows\system32\nvcoproc.bin
2017-11-26 17:49 - 2017-11-26 17:51 - 306673592 _____ (NVIDIA Corporation) C:\Users\jp\Desktop\342.01-desktop-win8-win7-winvista-64bit-international.exe
2017-11-26 16:57 - 2017-11-26 16:57 - 000002960 _____ C:\Windows\System32\Tasks\{FCB8B4A7-D1E0-4F3E-97BD-8245E197659B}
2017-11-25 21:03 - 2017-11-26 18:13 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-24 10:19 - 2017-11-24 10:42 - 1212018712 _____ (NtreevSoft) C:\Users\jp\Desktop\Alicia_setup_008.exe
2017-11-14 18:17 - 2017-11-14 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-14 18:17 - 2017-11-14 18:17 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-11-14 16:29 - 2017-10-18 01:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-14 16:29 - 2017-10-18 00:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-14 16:29 - 2017-10-17 20:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-14 16:29 - 2017-10-17 20:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-14 16:29 - 2017-10-17 20:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-14 16:29 - 2017-10-16 17:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-14 16:29 - 2017-10-16 16:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-14 16:29 - 2017-10-16 15:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-14 16:29 - 2017-10-15 16:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-14 16:29 - 2017-10-14 02:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-14 16:29 - 2017-10-14 02:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-14 16:29 - 2017-10-14 02:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-14 16:29 - 2017-10-14 02:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-14 16:29 - 2017-10-14 02:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-14 16:29 - 2017-10-14 02:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-14 16:29 - 2017-10-14 02:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-14 16:29 - 2017-10-14 02:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-14 16:29 - 2017-10-14 02:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-14 16:29 - 2017-10-14 02:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-14 16:29 - 2017-10-14 02:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-14 16:29 - 2017-10-14 02:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-14 16:29 - 2017-10-14 02:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-14 16:29 - 2017-10-14 02:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-14 16:29 - 2017-10-14 02:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-14 16:29 - 2017-10-14 02:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-14 16:29 - 2017-10-14 02:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-14 16:29 - 2017-10-14 01:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-14 16:29 - 2017-10-14 01:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-14 16:29 - 2017-10-14 01:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-14 16:29 - 2017-10-14 01:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-14 16:29 - 2017-10-14 01:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-14 16:29 - 2017-10-14 01:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-14 16:29 - 2017-10-14 01:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-14 16:29 - 2017-10-14 01:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-14 16:29 - 2017-10-14 01:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-14 16:29 - 2017-10-14 01:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-14 16:29 - 2017-10-14 01:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-14 16:29 - 2017-10-14 01:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-14 16:29 - 2017-10-14 01:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-14 16:29 - 2017-10-14 01:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-14 16:29 - 2017-10-14 01:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-14 16:29 - 2017-10-14 01:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-14 16:29 - 2017-10-14 01:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-14 16:29 - 2017-10-14 01:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-14 16:29 - 2017-10-14 01:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-14 16:29 - 2017-10-14 00:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-14 16:29 - 2017-10-14 00:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-14 16:29 - 2017-10-14 00:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-14 16:29 - 2017-10-14 00:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-14 16:29 - 2017-10-14 00:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-14 16:29 - 2017-10-14 00:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-14 16:29 - 2017-10-14 00:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-14 16:29 - 2017-10-14 00:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-14 16:29 - 2017-10-14 00:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-14 16:29 - 2017-10-14 00:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-14 16:29 - 2017-10-14 00:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-14 16:29 - 2017-10-14 00:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-14 16:29 - 2017-10-14 00:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-14 16:29 - 2017-10-14 00:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-14 16:29 - 2017-10-14 00:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-14 16:29 - 2017-10-14 00:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-14 16:29 - 2017-10-14 00:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-14 16:29 - 2017-10-14 00:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-14 16:29 - 2017-10-14 00:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-14 16:29 - 2017-10-14 00:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-14 16:29 - 2017-10-14 00:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-14 16:29 - 2017-10-14 00:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-14 16:29 - 2017-10-14 00:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-14 16:29 - 2017-10-14 00:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-14 16:29 - 2017-10-14 00:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-14 16:29 - 2017-10-14 00:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-14 16:29 - 2017-10-14 00:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-14 16:29 - 2017-10-14 00:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-14 16:29 - 2017-10-14 00:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-14 16:29 - 2017-10-14 00:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-14 16:29 - 2017-10-11 18:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-14 16:29 - 2017-10-11 18:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-14 16:29 - 2017-10-11 18:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-14 16:29 - 2017-10-11 18:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-14 16:29 - 2017-10-11 18:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-14 16:29 - 2017-10-11 18:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-14 16:29 - 2017-10-11 18:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-14 16:29 - 2017-10-11 18:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-14 16:29 - 2017-10-11 18:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-14 16:29 - 2017-10-11 18:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-14 16:29 - 2017-10-11 18:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-14 16:29 - 2017-10-11 18:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-14 16:29 - 2017-10-11 18:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-14 16:29 - 2017-10-11 18:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-14 16:29 - 2017-10-11 18:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-14 16:29 - 2017-10-11 18:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-14 16:29 - 2017-10-11 18:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-14 16:29 - 2017-10-11 18:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-14 16:29 - 2017-10-04 07:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-11 20:05 - 2017-11-24 10:45 - 000001150 _____ C:\Users\jp\Desktop\게임트리.lnk
2017-11-11 15:28 - 2017-11-11 15:28 - 000000000 ____D C:\Users\jp\Desktop\Alicia Error
2017-11-11 12:37 - 2017-11-11 12:47 - 000000000 ____D C:\Program Files (x86)\Star Stable Online
2017-11-11 12:37 - 2017-11-11 12:37 - 000002767 _____ C:\Users\Public\Desktop\Star Stable Online.lnk
2017-11-11 12:37 - 2017-11-11 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable Online
2017-11-11 11:28 - 2017-11-11 11:28 - 000003144 _____ C:\Windows\System32\Tasks\{4CD6242E-60CA-4554-B09B-EC579BBFC171}
2017-11-11 11:01 - 2017-11-11 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-11-11 11:00 - 2017-11-11 11:00 - 053914496 _____ (Skype Technologies S.A. ) C:\Users\jp\Desktop\Skype-8.10.0.9.exe
2017-11-11 10:10 - 2017-11-11 10:10 - 000003128 _____ C:\Windows\System32\Tasks\{A15D8A73-1CFC-45A8-89C7-4326B469D04C}
2017-11-11 10:01 - 2017-11-24 10:07 - 000000000 ____D C:\alicia online
2017-11-10 16:10 - 2017-11-10 16:10 - 000000979 _____ C:\Users\jp\Desktop\Minecraft.lnk
2017-11-10 15:53 - 2017-11-10 15:53 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-10 15:53 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-27 19:09 - 2017-03-11 15:09 - 000000254 _____ C:\Windows\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891}.job
2017-11-27 19:08 - 2009-07-13 22:45 - 000032416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-27 19:08 - 2009-07-13 22:45 - 000032416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-26 18:22 - 2016-06-04 10:12 - 000000000 ___HD C:\Users\jp\AppData\Local\Gametree
2017-11-26 18:17 - 2009-07-13 23:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-26 18:17 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2017-11-26 18:15 - 2017-07-01 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-26 18:14 - 2012-11-16 14:45 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-26 18:12 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-26 18:09 - 2012-03-31 16:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-26 18:08 - 2012-03-31 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-26 18:02 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\Help
2017-11-26 18:01 - 2012-03-31 16:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-20 14:32 - 2010-11-20 21:27 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-16 19:30 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\rescache
2017-11-15 17:12 - 2012-10-28 08:31 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 18:22 - 2009-07-13 22:45 - 000272072 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-14 18:20 - 2014-12-10 18:20 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-14 18:09 - 2012-03-31 06:13 - 000774592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-11-14 18:06 - 2013-08-14 17:01 - 000000000 ____D C:\Windows\system32\MRT
2017-11-14 18:01 - 2017-10-10 17:04 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-14 18:01 - 2012-04-02 15:55 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-14 16:50 - 2012-04-01 11:09 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 16:50 - 2012-04-01 11:09 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 16:50 - 2012-04-01 11:09 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 16:50 - 2012-04-01 11:09 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-14 16:50 - 2012-04-01 11:09 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 01:05 - 2012-10-28 08:30 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 01:05 - 2012-10-28 08:30 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-11 16:48 - 2015-07-21 17:50 - 000000000 ___HD C:\Users\jp\AppData\Roaming\.minecraft
2017-11-11 10:59 - 2017-04-12 19:52 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-11-11 10:59 - 2017-03-11 15:17 - 000000000 ____D C:\Windows\system32\appmgmt
2017-11-11 10:59 - 2015-09-16 16:12 - 000000000 ____D C:\ProgramData\Skype
2017-11-11 10:17 - 2015-09-16 16:12 - 000000000 ___HD C:\Users\jp\AppData\Roaming\Skype
2017-11-11 10:16 - 2012-03-31 05:55 - 000000000 ___HD C:\Users\jp
2017-11-10 16:10 - 2015-07-21 17:49 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-11-10 15:53 - 2015-07-22 04:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-10 15:53 - 2015-07-22 04:35 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-11-10 14:24 - 2015-11-24 21:40 - 000000000 ___HD C:\Users\jp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-11-05 14:07 - 2016-06-04 12:38 - 000059472 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2017-11-03 18:15 - 2015-09-20 18:37 - 000001269 ____H C:\Users\jp\Desktop\nativelog.txt
2017-10-29 18:42 - 2015-03-08 15:35 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
 
==================== Files in the root of some directories =======
 
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\29KouX8P5QCtjDVi
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\d7musQEpmoFigE
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\pSt8fpwyBUBMn
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\RXPrXnf6sA4m3yfQZl0W
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\wQmfRNclS
2015-10-23 08:55 - 2015-10-23 08:55 - 000007610 ___RH () C:\Users\jp\AppData\Local\Resmon.ResmonCfg
 
Files to move or delete:
====================
C:\Windows\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891}.job
 
 
Some files in TEMP:
====================
2017-07-01 11:53 - 2016-01-29 03:05 - 001220984 _____ (NVIDIA Corporation) C:\Users\jp\AppData\Local\Temp\nvSCPAPI.dll
2017-07-01 11:53 - 2016-01-29 03:05 - 001408760 _____ (NVIDIA Corporation) C:\Users\jp\AppData\Local\Temp\nvSCPAPI64.dll
2017-11-26 17:53 - 2015-02-03 18:00 - 000826696 _____ (NVIDIA Corporation) C:\Users\jp\AppData\Local\Temp\nvStInst.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-11-24 11:11
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2017
Ran by jp (27-11-2017 19:11:39)
Running from C:\Users\jp\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-03-31 11:55:51)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2309807771-1447711736-656462262-500 - Administrator - Disabled)
Guest (S-1-5-21-2309807771-1447711736-656462262-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2309807771-1447711736-656462262-1002 - Limited - Enabled)
jp (S-1-5-21-2309807771-1447711736-656462262-1000 - Administrator - Enabled) => C:\Users\jp
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Alicia (HKLM-x32\...\Alicia) (Version: 1.0.0.0 - NtreevSoft)
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 1.122.0 - EA Digital Illusions CE AB)
Blacklight Retribution (HKLM-x32\...\Blacklight Retribution) (Version:  - Perfect World Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Curse Client (HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Gametree Launcher (HKLM-x32\...\GTL) (Version: 3.0.26.0 - NtreevSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoPro Studio (HKLM-x32\...\{7BDB9575-D4C8-42B0-84EA-1CD654F63637}) (Version: 5.10.4320 - GoPro, Inc.) Hidden
GoPro Studio 2.5.4 (HKLM-x32\...\GoPro Studio) (Version: 2.5.4 - GoPro, Inc.)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java™ 6 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416031FF}) (Version: 6.0.310 - Oracle)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1036 - Marvell)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Quik (HKLM\...\{6249867C-ACE2-4400-AD50-4D6945A8EA8A}) (Version: 0.1.4320 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{0d91b40f-e179-491c-a726-cd71dc297e8a}) (Version: 2.0.0.4320 - GoPro, Inc.)
Razer Mamba (HKLM-x32\...\{BF60B320-3AA3-4DFB-B542-BDA6D4F1A60E}) (Version: 2.01.05 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.12.1218.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6101 - Realtek Semiconductor Corp.)
RIFT (HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\RIFT) (Version:  - Trion Worlds, Inc.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.10 (HKLM-x32\...\Skype_is1) (Version: 8.10 - Skype Technologies S.A.)
Star Stable Online (HKLM-x32\...\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}) (Version: 1.01.0000 - Star Stable Entertainment AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VFW_Codec32 (HKLM-x32\...\{FCA86F94-8BCA-491D-AFF9-90921796FCD8}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{341735D3-32CF-41BC-8C9B-FDE3975452DB}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
WinPCOptimizer (HKLM-x32\...\{A12BC961-A17E-4400-89E3-7939E082D827}) (Version: 1.03.1020 - Win PC Optimizer)
World of Logs Client (4.2) (HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\World of Logs Client (4.2)) (Version:  - Digibites Technology)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2309807771-1447711736-656462262-1000_Classes\CLSID\{4df3e0ab-18b0-433d-b14c-aeeef26b1833}\InprocServer32 -> C:\Windows\System32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2309807771-1447711736-656462262-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\System32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-01-29] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers1_S-1-5-21-2309807771-1447711736-656462262-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07A1C648-E1CA-4E2E-A7D2-9E37C2ACEBF1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {142EB9A5-FC64-43BC-9E6D-2F95CE6F5A9B} - System32\Tasks\EVGA CD Installer => D:\autorun.exe
Task: {23855FE6-2F13-4E21-ACDB-18C9E6C70B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3A8A6C3A-D169-4925-9DE2-041AF1CEE7EA} - System32\Tasks\{85A6FB23-2911-47F5-BD07-D7EBAEFACD52} => C:\Program Files (x86)\Star Stable Entertainment AB\Star Stable\StarStable.exe
Task: {3CE1195E-DC0E-4058-BE96-DAACAF30AFB5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {56FCA865-50D9-4AE4-B2C8-F3376A03E6C3} - System32\Tasks\{A15D8A73-1CFC-45A8-89C7-4326B469D04C} => C:\Windows\system32\pcalua.exe -a "C:\alicia online\Alicia_Launcher_Install_Beta.exe" -d "C:\alicia online"
Task: {77A36547-0436-4D9E-B7E1-6E5ED009A452} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {86ADF0E4-46DF-4E64-BBAC-A61E23CFBAB3} - System32\Tasks\{4CD6242E-60CA-4554-B09B-EC579BBFC171} => C:\Windows\system32\pcalua.exe -a "C:\Users\jp\Desktop\Alicia_Launcher_Install_Beta (1).exe" -d C:\Users\jp\Desktop
Task: {A95571BF-330B-44F1-A7DE-2C4EE65805EB} - System32\Tasks\{FCB8B4A7-D1E0-4F3E-97BD-8245E197659B} => C:\Users\jp\AppData\Roaming\AliciaOnline\Launcher.exe [2014-12-21] ()
Task: {CFEBE3CF-5927-4D81-9AB2-D0AAF5D2986C} - System32\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891} => C:\Users\jp\AppData\Roaming\4F5FD6~1\Sync.exe <==== ATTENTION
Task: {D91B1852-9DB5-46F0-A199-6AE63FDC776C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {EBEC4529-886C-417F-8A65-37263CB06F94} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891}.job => C:\Users\jp\AppData\Roaming\4F5FD6~1\Sync.exe <==== ATTENTION
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-11-26 18:02 - 2016-01-29 04:49 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-04-16 19:50 - 2012-07-29 08:25 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-11-10 15:53 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-10-11 23:48 - 2016-10-11 23:48 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2017-11-15 17:12 - 2017-11-10 03:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-15 17:12 - 2017-11-10 03:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-11-11 11:01 - 2017-11-09 19:34 - 001551816 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2017-11-11 11:01 - 2017-11-09 18:40 - 000088064 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2017-11-11 11:01 - 2017-11-09 18:40 - 002033152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2017-11-11 11:01 - 2017-11-09 18:40 - 002559608 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2017-11-11 11:01 - 2017-11-09 18:40 - 000031864 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2017-11-11 11:01 - 2017-11-09 18:40 - 000400896 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2017-11-11 11:01 - 2017-11-09 18:40 - 000129536 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\starstable.com -> starstable.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2017-03-11 15:19 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 52.5.158.173 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A9D627D0-995F-4841-B9D4-6E40E23C4C9C}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{302A982D-4A0C-4D84-ABCE-7C2E56F9128D}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{48B7B65C-B0B3-4B90-93F0-40772DBEBF52}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{DC15E6EF-AFC7-41B7-B288-AE34FCAAC5D5}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{23101DD1-05FB-405A-9032-6DD28E9A7785}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{424D164C-3EA7-467F-A2ED-161BDCB64AB6}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{810E9FC2-4BF1-4E03-B111-E4B05603ECE5}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [UDP Query User{5A1BB868-8AAD-460F-A3F0-2281EEFE7BB9}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [TCP Query User{5C4667C1-F951-4F0D-BA7C-BACEF8EA3B09}C:\program files (x86)\world of warcraft\backgrounddownloader.exe] => (Allow) C:\program files (x86)\world of warcraft\backgrounddownloader.exe
FirewallRules: [UDP Query User{09F1F1E0-CE33-4192-8E91-D3997856C4C6}C:\program files (x86)\world of warcraft\backgrounddownloader.exe] => (Allow) C:\program files (x86)\world of warcraft\backgrounddownloader.exe
FirewallRules: [TCP Query User{894408AA-9503-4DAF-AE23-2C419BD6E5C6}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [UDP Query User{67959C88-AF36-4D6B-9AAD-7A6132E424CA}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [TCP Query User{50DCFF35-D384-4D8B-B7C0-58EC0EB264B9}C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [UDP Query User{CBC7498A-722B-42D5-B8F9-82D87ECE92EA}C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [{C1EB2F47-04B0-4F83-920B-6525E13E966F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{59ECE83E-4D34-4F41-89A6-7D7FA0C0EF92}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{90A6D7A3-8F32-460B-A901-1872F944D0EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{120DEE30-CA24-4557-970F-C5784AFE7A21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{6851F6A0-DA14-4C92-92E9-E2ABDCBDEB21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{232119DB-340A-4369-B04F-D8AFF0F8BF1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{6B14D047-430D-405F-9663-6A01BDA3CDF2}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{B563E21D-5DB8-4830-83CB-041C23A92AC1}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{27EBBC0A-4F2C-428F-A4BF-164A759F70B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47BB46F1-E535-4ADF-8CFF-533C9452F95A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75E47A58-9704-4059-8D15-41F123E0ACC9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{029D3BD2-E8A3-4223-AAC6-74CEC63837FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0FBD5E06-DF70-4621-8A45-FD8C876446AD}C:\program files (x86)\world of warcraft\launcher.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.exe
FirewallRules: [UDP Query User{400EC75B-FFDF-4208-ADEF-45905F18E50A}C:\program files (x86)\world of warcraft\launcher.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.exe
FirewallRules: [TCP Query User{825CD9ED-F93C-4230-9895-FA29005E12F3}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{FEEB2C44-DCE3-4B9A-ABA6-27CE89710BD1}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{0CF83BA7-8315-47AF-AC6C-6B175CD7DB42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{F7C86BDA-B6E5-4C93-9312-500FAA66F516}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{E7A2BE7C-2279-4519-9306-CB179BA23269}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{7E72FE13-7E28-4AF2-807C-F7A67A8A930B}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{7F9914B3-6AC2-4FC3-A57B-9A5CF09F5093}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{A56C4D02-0DDC-46EB-8FF2-34CC4E782553}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{19659990-DD94-4775-B1EA-8AB1E49529D5}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{7DC9FD1F-6675-4F4F-86E5-21DCE9BE6C95}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{6303D421-50EA-4966-8A64-196105ACF621}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8EED9741-A384-41FD-AB19-304293A1598C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F0E89DD9-D7A8-4643-A9DD-88617F79BE87}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BD062255-A042-4772-BC33-16891B9DD55B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{4F5F191E-5F30-46EC-A24B-4AC0DA3D68DA}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
FirewallRules: [UDP Query User{5ED60B89-F7A9-4693-AB13-50099199064B}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
FirewallRules: [TCP Query User{9E2C7BD4-40FD-4FF5-87B5-C4F02E2E4C1E}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [UDP Query User{EFABECC8-8E12-44E0-B61B-0936D4EBD0E7}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [{CD5041F6-C03D-4AE8-BAC4-B3129FAB035F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{1F15D6F9-5D1F-4AD6-A4EE-694EFE036EFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{F10791C4-606F-4C4C-9C4E-E30342051B84}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{629926D1-D5A7-41DA-8DF9-B6A5645BADA3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{F65C5BF3-7BFC-44AD-89E5-5A24862D672A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{AA957814-5F96-4FAC-ABFE-253B33FE784B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{2070E58C-F2EE-47D4-B979-6563A4721E91}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9015F7C1-03B1-49A9-975B-E10239FD84D9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F3FD043A-0FDE-4910-B9B2-D163A0D31EF9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{39FBAB6E-5C06-4A16-B8FE-9424E5707CCC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{EF6F16F5-CEA7-4FB2-9A55-7B8F36F90920}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{968EE181-C2B2-4976-8DF4-A0F42AA6C473}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{AE1E2C08-0071-4FBF-88DF-34ABF90631AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{82D68BD1-7E2B-4225-ADAB-C5F74FB99FA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0214F5EF-4D01-45C9-892D-BEAC6566AEB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{4AF19BE0-07C6-42D6-8E88-481C6E10534F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{14101907-AB5E-4B52-A360-8DBCED282B16}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{70FE2AC5-7E46-467B-9E51-6A6BD45DD526}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{47085C9C-090E-423F-B884-347B72E43876}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{55131776-5007-468E-9247-14CAC68EF364}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{3ED01829-92BE-47A8-A5F8-B07279A579B8}C:\programdata\battle.net\agent\agent.2000\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.2000\agent.exe
FirewallRules: [UDP Query User{79EB8DDB-E09D-42BD-8C80-0D03D7A520A2}C:\programdata\battle.net\agent\agent.2000\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.2000\agent.exe
FirewallRules: [{344B2303-8692-4341-911D-5D0CBDC65837}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [{A0B251D6-38D0-4D1E-B00B-F68CC2396FE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [{0E65A494-DA6C-45D0-AF41-3BEA0D7396A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{30224012-4400-43AC-8C30-93BA876CEFBA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{045FDD7F-7527-4C7D-88CB-3EB2D88A35FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{014338BD-EB83-4628-B12B-968BBAE20F69}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{9D815E6B-2D10-4055-A105-27802296BFD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{8F364CDC-9704-4696-8B27-771812911EB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BDFB8014-6028-43B7-A847-50485472895E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A770344B-AC07-45C4-944A-696774C0AE9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{5E0A48AB-4644-4D30-B029-57CACC598F6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{B431A530-29E2-4C46-AAAB-49FA8A562D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{6A27F057-44D1-41AC-A780-A4E3670ADB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{DF92701E-2E42-4F19-A201-727EB09023EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{CCC7D655-21F3-425B-BEE5-5548D4723649}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{62A7EDD9-99B3-40B2-A759-431E2E9318DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{6425CE97-A82A-427C-A1FE-F0DD5FD88321}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C2425020-2C53-441C-B46F-528B041B20E3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{0F899503-4F49-4B0E-9BE1-3837A5E5EAEB}C:\programdata\battle.net\agent\agent.beta.2737\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2737\agent.exe
FirewallRules: [UDP Query User{E37FF7CA-8E3B-40BD-8209-8AFC2A86DDF2}C:\programdata\battle.net\agent\agent.beta.2737\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2737\agent.exe
FirewallRules: [TCP Query User{B96AE211-44A8-4263-B9F6-A559A7A4CCDA}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [UDP Query User{0AB82E04-5B1D-480B-9F46-8874C6C2441B}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [{B1B1C28E-09B2-4AFB-ACD4-E8A8F08C0D1A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{C72C0ADD-3383-4727-819E-684F46926091}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{2BFC2550-A607-4CC9-A35B-04C5D1826E6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{9586A481-2E6C-4D41-AD6A-F0344188C89F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{0D293ECD-6D28-4273-B35E-B52A53BD41CA}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{A837366E-D575-4DC9-B40C-88C07F18F224}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{1358A3CD-A33F-4762-AE84-5E1D74EBA1A9}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [UDP Query User{44D01E67-13C3-4F25-BA5E-E95DE6E79EBA}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [TCP Query User{8372E4DB-D843-441F-A7A0-D44D202A7A77}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{043C90F8-EF79-4B60-BCC9-87BC61DC3750}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [TCP Query User{C9C61A27-20E3-408F-9ACD-DB5BB8732303}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [UDP Query User{709FB9AC-729E-4C00-BEA0-C11BC9B5DA3E}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [TCP Query User{ADA7ABAA-F0F1-4D56-8B40-21F3000A72CD}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{9D5B9A67-97A1-452A-B5DF-64DF1E7D3F1C}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [TCP Query User{6EAC2EA2-6143-47CB-8B5A-E4CD35CCAA48}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [UDP Query User{A42FA79F-1E48-4CA9-92ED-2297394723EE}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [TCP Query User{805FE87C-9096-4EB0-9E8C-5F922BFA948B}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [UDP Query User{9EC09586-D0FF-4B17-A0DB-873C5AB400C2}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [TCP Query User{8CB627D0-F97A-4552-9520-632EC79AD349}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [UDP Query User{E43FD89E-57B9-45F0-9C72-5BBEA4404B7B}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [TCP Query User{3E1E70CC-1CA2-4948-B303-B0F1A1A993C1}C:\programdata\battle.net\agent\agent.3323\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3323\agent.exe
FirewallRules: [UDP Query User{14D0E658-D8D1-4CB0-91E8-987066AE5E5D}C:\programdata\battle.net\agent\agent.3323\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3323\agent.exe
FirewallRules: [TCP Query User{159DE811-A3F7-4EBA-A7C6-DBCBCA2721F6}C:\programdata\battle.net\agent\agent.3332\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3332\agent.exe
FirewallRules: [UDP Query User{5FDF4479-7CB4-4725-80A9-0D009DBFD5DE}C:\programdata\battle.net\agent\agent.3332\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3332\agent.exe
FirewallRules: [{13C41B3A-3D91-47EA-86FD-388E76B2D5C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{4966796B-6018-464B-AF3D-483A086E68C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [TCP Query User{E5C3C24F-79A1-4F04-84B2-1EA05B3691D8}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [UDP Query User{4F6099B2-5E85-475E-9B5E-DF5DE550865E}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [TCP Query User{A15444EF-4449-4843-B76F-DC286D4D1896}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{C2ABC310-F41D-43BF-B02B-38585F05741C}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [TCP Query User{0D097893-FF32-4B69-A428-4DF484F6BA85}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [UDP Query User{97B12DC6-BEF5-456F-AA8C-5CEE7EA72CF6}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [TCP Query User{15D2A26F-9419-46C3-B8E4-F28278D40B87}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe
FirewallRules: [UDP Query User{F39B6B33-45C7-401E-A7B8-8584E2BD4E9F}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe
FirewallRules: [{9534E308-E9A6-4511-A0F0-06A462F19C18}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{30DC7504-9649-4B9A-9AA3-01862BA288E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [TCP Query User{B9BCE314-82A9-4907-B265-8E324FA55CF6}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{C5CD4A59-064C-47E8-997A-93B58F77AC34}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [{51FA38F8-D8E1-481C-9514-B411A40278DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{40682BDD-BF37-4EBF-94EC-47BE5D600DD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{D545098B-7077-473A-874F-DBE9AAB5E07A}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [UDP Query User{EC360A31-27D0-4159-9F5C-D10F2E98D8C2}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [{FC5BB6A7-3516-4282-9E81-9B347C084301}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{AF22A538-0721-44EB-BD28-DE4DED36636D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9C6837D8-68B5-4A4D-9B17-C215A418D187}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3668\agent.exe
FirewallRules: [UDP Query User{5B0267E0-9763-44C4-8A8E-00E69C9B7970}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3668\agent.exe
FirewallRules: [TCP Query User{60E9BC96-E131-4269-B5BE-441A34AA038C}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [UDP Query User{13A184F3-1CBB-4A4C-9AC4-E63ECB573032}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [{BE4F8501-A4DB-4C4A-8450-C2BE700112D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{C833A007-8ECF-419B-A6F2-B3A9D14EE75A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{AE80F763-4C51-4228-9033-B5D168D58D75}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [UDP Query User{AB73FFAE-8DC8-43E1-89BE-C43E5F38DDC0}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [{3E8131AD-690C-4224-BD35-BEB03F0B1040}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A22EC343-0E37-4B9A-BAA8-DB18CE5F6971}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{973ABC83-4CC5-45C7-99DD-18C6D3A88CF3}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4769E2D3-A396-42AA-AB2A-3131D9429DF5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{9D058B8E-2B16-4258-9DAF-B91DFFD029CD}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A0DCEEA0-AED1-40A5-AB28-A360984C3840}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{FFFDBC8D-6A74-4614-855C-E35CE2191A90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26E44FB6-7294-4D23-8A78-8FD3C3A87393}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{54A42555-121C-4EAC-8E3C-ED7522838718}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BADF1D9A-2312-4E68-A815-0EDE2DB17B66}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CCA9D2DA-BC9C-4E48-B1CC-9B69E5D6B381}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{114BDC89-E8A6-48AA-B178-149BFA88EF83}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{762C2568-853A-4AF7-ADFC-391AE2DA389D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4046B36B-1826-4C86-A7B1-2389F27FD815}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FF069823-FBE9-4135-AE19-F542AB2388B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe
FirewallRules: [{8B3B9758-A99B-402A-A5D1-A1435E595E05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe
FirewallRules: [{2F363287-B26D-42B9-A756-5F90099FBECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake 3 Arena\quake3.exe
FirewallRules: [{CC6B4BB8-6779-43A4-B273-296AA92A0511}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake 3 Arena\quake3.exe
FirewallRules: [{FE709DBC-B302-4622-8AC2-AEF3DF7D0787}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe
FirewallRules: [{50A0CD28-0BC0-4085-9F0E-CD636759C38A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{32EB3AA4-CF24-4211-B90F-A11C27B33A6F}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{EB7E8E17-33FA-4B53-99AC-7BAEDA614B92}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{45EBB900-13A3-4BC7-B5EA-C51DAE7DC7D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{04109A08-5D8B-4CAF-A432-74AE9843D7B3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1CEC1380-E1A0-49AF-8AC4-8E6A94FB1474}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B5BD7858-AAA9-414A-A2B9-841846D607B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4B030799-38B7-45C4-A77F-57F569ACAB3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D70235E5-13BA-41E2-88C2-D45B0452199F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1C519149-55CE-40F5-9F56-EA3DF4959C1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6C1FA299-218A-47C1-8158-6EF13C461198}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B976F1EF-2520-423C-908C-D86BABDE5B49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{110FEF75-50A9-437D-9E4E-3C38C8A548B3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{73C1FE03-6F1D-4039-B915-72535D31CC7F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{83ED86E2-19B0-4205-86D6-6C19E723AAA2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8CE7D401-F855-44D6-A3A8-A5BD1CC6326C}] => (Allow) C:\Users\jp\AppData\Local\Gametree\Alicia\Alicia.exe
FirewallRules: [{0A6E202F-D375-4EAE-95B9-8696DD386FEB}] => (Allow) C:\Users\jp\AppData\Local\Gametree\Alicia\Alicia.exe
 
==================== Restore Points =========================
 
17-11-2017 20:01:02 Windows Update
19-11-2017 19:00:09 Windows Backup
21-11-2017 20:00:08 Windows Update
25-11-2017 10:24:57 Windows Update
26-11-2017 19:00:12 Windows Backup
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/27/2017 07:08:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (3272) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Error: (11/27/2017 07:08:54 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (3272) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (11/27/2017 07:08:44 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (3272) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (11/27/2017 07:08:34 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (3272) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Error: (11/27/2017 07:08:34 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (3272) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (11/27/2017 07:08:24 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (3272) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (11/27/2017 07:08:14 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (3272) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Error: (11/27/2017 07:08:14 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (3272) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (11/27/2017 07:08:04 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (3272) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (11/27/2017 07:07:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (3272) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
 
System errors:
=============
Error: (11/26/2017 06:11:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (11/24/2017 10:10:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/23/2017 10:47:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (11/13/2017 07:35:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
 
Error: (11/11/2017 07:51:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (11/11/2017 10:42:39 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} did not register with DCOM within the required timeout.
 
Error: (11/11/2017 10:14:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
 
Error: (11/11/2017 10:14:35 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} did not register with DCOM within the required timeout.
 
Error: (11/11/2017 07:29:57 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (11/10/2017 03:49:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 42%
Total physical RAM: 6135.14 MB
Available physical RAM: 3551.14 MB
Total Virtual: 12268.47 MB
Available Virtual: 9552.51 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1397.17 GB) (Free:1192.12 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:253.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: E14FE14F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: EE7E9EF6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Uninstall:

 

Java™ 6 Update 31

Skype Click to Call
SUPERAntiSpyware

WinPCOptimizer

Steam

Malwarebytes version 3.3.1.2183

 

The last two can be reinstalled after we finish.  They are causing errors right now so may be corrupt.

 

Download the attached fixlist.txt to the same location as FRST



Run FRST and press Fix
A fix log will be generated please post that

 

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc.  This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

Copy the next two lines:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close nOtepad.  Close the Command Window.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)





Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.




 

 

 


  • 0

#3
Sonny_D153

Sonny_D153

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Thanks for your reply.

 

I am having a problem with this step. I'm not seeing this folder under All Programs.

 

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

is there another way to access the command prompt?

 

thanks,

alexa


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

You can search for

 

cmd.exe

 

and then right click and Run As Admin.  Or open Explorer and navigate to c:\Windows\System32\cmd.exe and right click on it and Run As Admin.  It's a hidden system file so you have to tell windows to let you see it:

Control Panel, (View By:  Large Icons)  Folder Options, View.

Uncheck Hide Extensions for Known File Types
Uncheck Hide Protected System Files
Check Show Hidden Files,Folders and Drives.
OK
 


  • 0

#5
Sonny_D153

Sonny_D153

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Thanks again for your help.

 

1. First off WinPCOptimizer would not uninstall; something about "access issues".

 

2. sfc/ scannow ran without any issues.

 

3. The speccy; I did not see the Operating System  serial number. Could please delete that if it's there.

 

Here are the logs you requested in the order you had written down in you instructions

 

=====================================================================

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by jp (02-12-2017 13:41:19) Run:1
Running from C:\Users\jp\Desktop
Loaded Profiles: jp (Available Profiles: jp)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964576 2017-10-24] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-03-06]
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win PC Optimizer.lnk [2015-07-21]
ShortcutTarget: Win PC Optimizer.lnk -> C:\Windows\Installer\{A12BC961-A17E-4400-89E3-7939E082D827}\NewShortcut1_C333EC4496E344CA9E30F596C2ED385D.exe (No File)
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 52.5.158.173,8.8.8.8
Tcpip\..\Interfaces\{8A2B8332-146E-4B1D-8493-7122587FFC7C}: [NameServer] 52.5.158.173,8.8.8.8
ContextMenuHandlers1_S-1-5-21-2309807771-1447711736-656462262-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-18] (Sun Microsystems, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-18] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-11-27]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-10] (SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 aswbdisk; no ImagePath
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\29KouX8P5QCtjDVi
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\d7musQEpmoFigE
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\pSt8fpwyBUBMn
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\RXPrXnf6sA4m3yfQZl0W
2015-04-19 06:20 - 2015-04-19 06:20 - 000005872 ___RH () C:\Users\jp\AppData\Roaming\wQmfRNclS
C:\Windows\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891}.job
Task: {142EB9A5-FC64-43BC-9E6D-2F95CE6F5A9B} - System32\Tasks\EVGA CD Installer => D:\autorun.exe
Task: {CFEBE3CF-5927-4D81-9AB2-D0AAF5D2986C} - System32\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891} => C:\Users\jp\AppData\Roaming\4F5FD6~1\Sync.exe <==== ATTENTION
Task: {EBEC4529-886C-417F-8A65-37263CB06F94} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: C:\Windows\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891}.job => C:\Users\jp\AppData\Roaming\4F5FD6~1\Sync.exe <==== ATTENTION
SetDefaultFilePermissions: C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat 
SetDefaultFilePermissions: C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk
EmptyTemp:
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
 
 
*****************
 
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk => moved successfully
C:\Program Files => FRST is scripted not to move this directory.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win PC Optimizer.lnk => moved successfully
C:\Windows\Installer\{A12BC961-A17E-4400-89E3-7939E082D827}\NewShortcut1_C333EC4496E344CA9E30F596C2ED385D.exe => not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8A2B8332-146E-4B1D-8493-7122587FFC7C}\\NameServer => value removed successfully
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt => key removed successfully
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486} => key not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000} => key removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSuggestURL => removed successfully
CHR Extension: (Search Manager) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-11-27] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce => key removed successfully
!SASCORE => service not found.
SASDIFSV => service not found.
SASKUTIL => service not found.
HKLM\System\CurrentControlSet\Services\aswbdisk => key removed successfully
aswbdisk => service removed successfully
C:\Users\jp\AppData\Roaming\29KouX8P5QCtjDVi => moved successfully
C:\Users\jp\AppData\Roaming\d7musQEpmoFigE => moved successfully
C:\Users\jp\AppData\Roaming\pSt8fpwyBUBMn => moved successfully
C:\Users\jp\AppData\Roaming\RXPrXnf6sA4m3yfQZl0W => moved successfully
C:\Users\jp\AppData\Roaming\wQmfRNclS => moved successfully
C:\Windows\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891}.job => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{142EB9A5-FC64-43BC-9E6D-2F95CE6F5A9B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{142EB9A5-FC64-43BC-9E6D-2F95CE6F5A9B} => key removed successfully
C:\Windows\System32\Tasks\EVGA CD Installer => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EVGA CD Installer => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFEBE3CF-5927-4D81-9AB2-D0AAF5D2986C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFEBE3CF-5927-4D81-9AB2-D0AAF5D2986C} => key removed successfully
C:\Windows\System32\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EBEC4529-886C-417F-8A65-37263CB06F94} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBEC4529-886C-417F-8A65-37263CB06F94} => key removed successfully
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup => key removed successfully
C:\Windows\Tasks\{4F5FD6A1-7934-27A6-B7A6-7BEECDCFF891}.job => not found.
"C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" => Default permissions restored successfully.
"C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" => Default permissions restored successfully.
 
========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
 
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43606793 B
Java, Flash, Steam htmlcache => 312306492 B
Windows/system/drivers => 5826834 B
Edge => 0 B
Chrome => 781053213 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 41885984 B
jp => 198919680 B
UpdatusUser => 0 B
 
RecycleBin => 22635810 B
EmptyTemp: => 1.3 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 13:42:15 ====
 
================================================================================
 
2017-12-03 06:23:18, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:18, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:19, Info                  CSI    0000000c [SR] Verify complete
2017-12-03 06:23:19, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:19, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:20, Info                  CSI    00000010 [SR] Verify complete
2017-12-03 06:23:20, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:20, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:21, Info                  CSI    00000014 [SR] Verify complete
2017-12-03 06:23:21, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:21, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:22, Info                  CSI    00000018 [SR] Verify complete
2017-12-03 06:23:23, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:23, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:24, Info                  CSI    0000001c [SR] Verify complete
2017-12-03 06:23:24, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:24, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:25, Info                  CSI    00000020 [SR] Verify complete
2017-12-03 06:23:25, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:25, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:26, Info                  CSI    00000024 [SR] Verify complete
2017-12-03 06:23:27, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:27, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:28, Info                  CSI    00000028 [SR] Verify complete
2017-12-03 06:23:28, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:28, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:29, Info                  CSI    0000002c [SR] Verify complete
2017-12-03 06:23:29, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:29, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:30, Info                  CSI    00000030 [SR] Verify complete
2017-12-03 06:23:30, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:30, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:31, Info                  CSI    00000034 [SR] Verify complete
2017-12-03 06:23:31, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:31, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:32, Info                  CSI    00000038 [SR] Verify complete
2017-12-03 06:23:32, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:32, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:33, Info                  CSI    0000003c [SR] Verify complete
2017-12-03 06:23:33, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:33, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:34, Info                  CSI    00000040 [SR] Verify complete
2017-12-03 06:23:34, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:34, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:36, Info                  CSI    00000044 [SR] Verify complete
2017-12-03 06:23:36, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:36, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:37, Info                  CSI    00000048 [SR] Verify complete
2017-12-03 06:23:37, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:37, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:38, Info                  CSI    0000004c [SR] Verify complete
2017-12-03 06:23:38, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:38, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:39, Info                  CSI    00000050 [SR] Verify complete
2017-12-03 06:23:39, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:39, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:40, Info                  CSI    00000054 [SR] Verify complete
2017-12-03 06:23:40, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:40, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:41, Info                  CSI    00000058 [SR] Verify complete
2017-12-03 06:23:42, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:42, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:43, Info                  CSI    0000005c [SR] Verify complete
2017-12-03 06:23:43, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:43, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:44, Info                  CSI    00000060 [SR] Verify complete
2017-12-03 06:23:44, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:44, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:45, Info                  CSI    00000064 [SR] Verify complete
2017-12-03 06:23:45, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:45, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:46, Info                  CSI    00000068 [SR] Verify complete
2017-12-03 06:23:46, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:46, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:47, Info                  CSI    0000006c [SR] Verify complete
2017-12-03 06:23:47, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:47, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:48, Info                  CSI    00000070 [SR] Verify complete
2017-12-03 06:23:48, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:48, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:49, Info                  CSI    00000074 [SR] Verify complete
2017-12-03 06:23:50, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:50, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:51, Info                  CSI    00000078 [SR] Verify complete
2017-12-03 06:23:51, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:51, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:52, Info                  CSI    0000007c [SR] Verify complete
2017-12-03 06:23:52, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:52, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:53, Info                  CSI    00000080 [SR] Verify complete
2017-12-03 06:23:53, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:53, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:54, Info                  CSI    00000084 [SR] Verify complete
2017-12-03 06:23:54, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:54, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:55, Info                  CSI    00000088 [SR] Verify complete
2017-12-03 06:23:55, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:55, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:58, Info                  CSI    0000008c [SR] Verify complete
2017-12-03 06:23:58, Info                  CSI    0000008d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:58, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2017-12-03 06:23:59, Info                  CSI    00000090 [SR] Verify complete
2017-12-03 06:23:59, Info                  CSI    00000091 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:23:59, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:00, Info                  CSI    00000094 [SR] Verify complete
2017-12-03 06:24:00, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:00, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:01, Info                  CSI    00000098 [SR] Verify complete
2017-12-03 06:24:02, Info                  CSI    00000099 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:02, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:02, Info                  CSI    0000009c [SR] Verify complete
2017-12-03 06:24:03, Info                  CSI    0000009d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:03, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:04, Info                  CSI    000000a0 [SR] Verify complete
2017-12-03 06:24:04, Info                  CSI    000000a1 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:04, Info                  CSI    000000a2 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:05, Info                  CSI    000000a4 [SR] Verify complete
2017-12-03 06:24:05, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:05, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:06, Info                  CSI    000000a8 [SR] Verify complete
2017-12-03 06:24:06, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:06, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:07, Info                  CSI    000000ac [SR] Verify complete
2017-12-03 06:24:07, Info                  CSI    000000ad [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:07, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:09, Info                  CSI    000000b0 [SR] Verify complete
2017-12-03 06:24:09, Info                  CSI    000000b1 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:09, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:10, Info                  CSI    000000b4 [SR] Verify complete
2017-12-03 06:24:10, Info                  CSI    000000b5 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:10, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:11, Info                  CSI    000000b8 [SR] Verify complete
2017-12-03 06:24:11, Info                  CSI    000000b9 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:11, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:12, Info                  CSI    000000bc [SR] Verify complete
2017-12-03 06:24:13, Info                  CSI    000000bd [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:13, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:14, Info                  CSI    000000c0 [SR] Verify complete
2017-12-03 06:24:14, Info                  CSI    000000c1 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:14, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:15, Info                  CSI    000000c4 [SR] Verify complete
2017-12-03 06:24:15, Info                  CSI    000000c5 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:15, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:16, Info                  CSI    000000c8 [SR] Verify complete
2017-12-03 06:24:16, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:16, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:18, Info                  CSI    000000cc [SR] Verify complete
2017-12-03 06:24:18, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:18, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:20, Info                  CSI    000000d0 [SR] Verify complete
2017-12-03 06:24:20, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:20, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:21, Info                  CSI    000000d4 [SR] Verify complete
2017-12-03 06:24:21, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:21, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:25, Info                  CSI    000000d9 [SR] Verify complete
2017-12-03 06:24:25, Info                  CSI    000000da [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:25, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:31, Info                  CSI    000000e0 [SR] Verify complete
2017-12-03 06:24:31, Info                  CSI    000000e1 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:31, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:34, Info                  CSI    000000e4 [SR] Verify complete
2017-12-03 06:24:34, Info                  CSI    000000e5 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:34, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:37, Info                  CSI    000000e9 [SR] Verify complete
2017-12-03 06:24:37, Info                  CSI    000000ea [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:37, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:40, Info                  CSI    000000ed [SR] Verify complete
2017-12-03 06:24:41, Info                  CSI    000000ee [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:41, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:45, Info                  CSI    00000111 [SR] Verify complete
2017-12-03 06:24:45, Info                  CSI    00000112 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:45, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:49, Info                  CSI    00000118 [SR] Verify complete
2017-12-03 06:24:49, Info                  CSI    00000119 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:49, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:54, Info                  CSI    0000011c [SR] Verify complete
2017-12-03 06:24:54, Info                  CSI    0000011d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:54, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2017-12-03 06:24:57, Info                  CSI    00000120 [SR] Verify complete
2017-12-03 06:24:57, Info                  CSI    00000121 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:24:57, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:01, Info                  CSI    00000124 [SR] Verify complete
2017-12-03 06:25:01, Info                  CSI    00000125 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:01, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:05, Info                  CSI    00000128 [SR] Verify complete
2017-12-03 06:25:05, Info                  CSI    00000129 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:05, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:09, Info                  CSI    0000012c [SR] Verify complete
2017-12-03 06:25:09, Info                  CSI    0000012d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:09, Info                  CSI    0000012e [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:15, Info                  CSI    00000151 [SR] Verify complete
2017-12-03 06:25:15, Info                  CSI    00000152 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:15, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:20, Info                  CSI    00000155 [SR] Verify complete
2017-12-03 06:25:21, Info                  CSI    00000156 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:21, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:27, Info                  CSI    00000159 [SR] Verify complete
2017-12-03 06:25:28, Info                  CSI    0000015a [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:28, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:36, Info                  CSI    0000015f [SR] Verify complete
2017-12-03 06:25:36, Info                  CSI    00000160 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:36, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:38, Info                  CSI    00000163 [SR] Verify complete
2017-12-03 06:25:38, Info                  CSI    00000164 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:38, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:40, Info                  CSI    00000167 [SR] Verify complete
2017-12-03 06:25:40, Info                  CSI    00000168 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:40, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:41, Info                  CSI    0000016b [SR] Verify complete
2017-12-03 06:25:42, Info                  CSI    0000016c [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:42, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:46, Info                  CSI    00000178 [SR] Verify complete
2017-12-03 06:25:46, Info                  CSI    00000179 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:46, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:50, Info                  CSI    00000184 [SR] Verify complete
2017-12-03 06:25:50, Info                  CSI    00000185 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:50, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:51, Info                  CSI    00000188 [SR] Verify complete
2017-12-03 06:25:51, Info                  CSI    00000189 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:51, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:54, Info                  CSI    0000018c [SR] Verify complete
2017-12-03 06:25:55, Info                  CSI    0000018d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:55, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2017-12-03 06:25:58, Info                  CSI    00000190 [SR] Verify complete
2017-12-03 06:25:58, Info                  CSI    00000191 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:25:58, Info                  CSI    00000192 [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:04, Info                  CSI    00000195 [SR] Verify complete
2017-12-03 06:26:04, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:04, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:10, Info                  CSI    0000019a [SR] Verify complete
2017-12-03 06:26:10, Info                  CSI    0000019b [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:10, Info                  CSI    0000019c [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:11, Info                  CSI    0000019e [SR] Verify complete
2017-12-03 06:26:11, Info                  CSI    0000019f [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:11, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:12, Info                  CSI    000001a2 [SR] Verify complete
2017-12-03 06:26:12, Info                  CSI    000001a3 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:12, Info                  CSI    000001a4 [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:17, Info                  CSI    000001a6 [SR] Verify complete
2017-12-03 06:26:17, Info                  CSI    000001a7 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:17, Info                  CSI    000001a8 [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:21, Info                  CSI    000001aa [SR] Verify complete
2017-12-03 06:26:21, Info                  CSI    000001ab [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:21, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:27, Info                  CSI    000001ae [SR] Verify complete
2017-12-03 06:26:27, Info                  CSI    000001af [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:27, Info                  CSI    000001b0 [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:33, Info                  CSI    000001c8 [SR] Verify complete
2017-12-03 06:26:33, Info                  CSI    000001c9 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:33, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:38, Info                  CSI    000001cc [SR] Verify complete
2017-12-03 06:26:38, Info                  CSI    000001cd [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:38, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:49, Info                  CSI    000001d0 [SR] Verify complete
2017-12-03 06:26:49, Info                  CSI    000001d1 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:49, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2017-12-03 06:26:56, Info                  CSI    000001d5 [SR] Verify complete
2017-12-03 06:26:56, Info                  CSI    000001d6 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:26:56, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:02, Info                  CSI    000001d9 [SR] Verify complete
2017-12-03 06:27:03, Info                  CSI    000001da [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:03, Info                  CSI    000001db [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:07, Info                  CSI    000001dd [SR] Verify complete
2017-12-03 06:27:08, Info                  CSI    000001de [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:08, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:11, Info                  CSI    000001e1 [SR] Verify complete
2017-12-03 06:27:11, Info                  CSI    000001e2 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:11, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:15, Info                  CSI    000001e5 [SR] Verify complete
2017-12-03 06:27:15, Info                  CSI    000001e6 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:15, Info                  CSI    000001e7 [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:18, Info                  CSI    000001eb [SR] Verify complete
2017-12-03 06:27:18, Info                  CSI    000001ec [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:18, Info                  CSI    000001ed [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:21, Info                  CSI    000001ef [SR] Verify complete
2017-12-03 06:27:21, Info                  CSI    000001f0 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:21, Info                  CSI    000001f1 [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:30, Info                  CSI    000001f3 [SR] Verify complete
2017-12-03 06:27:30, Info                  CSI    000001f4 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:30, Info                  CSI    000001f5 [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:34, Info                  CSI    000001f8 [SR] Verify complete
2017-12-03 06:27:34, Info                  CSI    000001f9 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:34, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:38, Info                  CSI    000001fd [SR] Verify complete
2017-12-03 06:27:38, Info                  CSI    000001fe [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:38, Info                  CSI    000001ff [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:44, Info                  CSI    00000201 [SR] Verify complete
2017-12-03 06:27:44, Info                  CSI    00000202 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:44, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:51, Info                  CSI    00000206 [SR] Verify complete
2017-12-03 06:27:51, Info                  CSI    00000207 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:51, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:54, Info                  CSI    0000020a [SR] Verify complete
2017-12-03 06:27:54, Info                  CSI    0000020b [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:54, Info                  CSI    0000020c [SR] Beginning Verify and Repair transaction
2017-12-03 06:27:57, Info                  CSI    0000020e [SR] Verify complete
2017-12-03 06:27:57, Info                  CSI    0000020f [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:27:57, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:00, Info                  CSI    00000212 [SR] Verify complete
2017-12-03 06:28:01, Info                  CSI    00000213 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:01, Info                  CSI    00000214 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:04, Info                  CSI    00000217 [SR] Verify complete
2017-12-03 06:28:04, Info                  CSI    00000218 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:04, Info                  CSI    00000219 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:08, Info                  CSI    0000021c [SR] Verify complete
2017-12-03 06:28:08, Info                  CSI    0000021d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:08, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:12, Info                  CSI    00000220 [SR] Verify complete
2017-12-03 06:28:12, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:12, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:16, Info                  CSI    00000225 [SR] Verify complete
2017-12-03 06:28:16, Info                  CSI    00000226 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:16, Info                  CSI    00000227 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:21, Info                  CSI    0000022a [SR] Verify complete
2017-12-03 06:28:21, Info                  CSI    0000022b [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:21, Info                  CSI    0000022c [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:24, Info                  CSI    0000022f [SR] Verify complete
2017-12-03 06:28:25, Info                  CSI    00000230 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:25, Info                  CSI    00000231 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:30, Info                  CSI    00000233 [SR] Verify complete
2017-12-03 06:28:30, Info                  CSI    00000234 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:30, Info                  CSI    00000235 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:34, Info                  CSI    00000238 [SR] Verify complete
2017-12-03 06:28:34, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:34, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:37, Info                  CSI    0000023c [SR] Verify complete
2017-12-03 06:28:38, Info                  CSI    0000023d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:38, Info                  CSI    0000023e [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:39, Info                  CSI    00000240 [SR] Verify complete
2017-12-03 06:28:39, Info                  CSI    00000241 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:39, Info                  CSI    00000242 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:42, Info                  CSI    00000244 [SR] Verify complete
2017-12-03 06:28:42, Info                  CSI    00000245 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:42, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:46, Info                  CSI    00000248 [SR] Verify complete
2017-12-03 06:28:46, Info                  CSI    00000249 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:46, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:50, Info                  CSI    0000024c [SR] Verify complete
2017-12-03 06:28:51, Info                  CSI    0000024d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:51, Info                  CSI    0000024e [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:53, Info                  CSI    00000250 [SR] Verify complete
2017-12-03 06:28:53, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:53, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2017-12-03 06:28:56, Info                  CSI    00000254 [SR] Verify complete
2017-12-03 06:28:56, Info                  CSI    00000255 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:28:56, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:05, Info                  CSI    00000258 [SR] Verify complete
2017-12-03 06:29:05, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:05, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:14, Info                  CSI    0000025c [SR] Verify complete
2017-12-03 06:29:14, Info                  CSI    0000025d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:14, Info                  CSI    0000025e [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:17, Info                  CSI    00000260 [SR] Verify complete
2017-12-03 06:29:17, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:17, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:19, Info                  CSI    00000264 [SR] Verify complete
2017-12-03 06:29:19, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:19, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:21, Info                  CSI    00000268 [SR] Verify complete
2017-12-03 06:29:21, Info                  CSI    00000269 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:21, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:23, Info                  CSI    0000026c [SR] Verify complete
2017-12-03 06:29:23, Info                  CSI    0000026d [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:23, Info                  CSI    0000026e [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:25, Info                  CSI    00000270 [SR] Verify complete
2017-12-03 06:29:26, Info                  CSI    00000271 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:26, Info                  CSI    00000272 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:27, Info                  CSI    00000274 [SR] Verify complete
2017-12-03 06:29:27, Info                  CSI    00000275 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:27, Info                  CSI    00000276 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:28, Info                  CSI    00000278 [SR] Verify complete
2017-12-03 06:29:28, Info                  CSI    00000279 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:28, Info                  CSI    0000027a [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:33, Info                  CSI    00000282 [SR] Verify complete
2017-12-03 06:29:33, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:33, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:35, Info                  CSI    00000286 [SR] Verify complete
2017-12-03 06:29:35, Info                  CSI    00000287 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:35, Info                  CSI    00000288 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:37, Info                  CSI    0000028a [SR] Verify complete
2017-12-03 06:29:37, Info                  CSI    0000028b [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:37, Info                  CSI    0000028c [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:40, Info                  CSI    0000028e [SR] Verify complete
2017-12-03 06:29:40, Info                  CSI    0000028f [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:40, Info                  CSI    00000290 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:44, Info                  CSI    00000292 [SR] Verify complete
2017-12-03 06:29:44, Info                  CSI    00000293 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:44, Info                  CSI    00000294 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:48, Info                  CSI    00000297 [SR] Verify complete
2017-12-03 06:29:49, Info                  CSI    00000298 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:49, Info                  CSI    00000299 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:52, Info                  CSI    0000029b [SR] Verify complete
2017-12-03 06:29:52, Info                  CSI    0000029c [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:52, Info                  CSI    0000029d [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:52, Info                  CSI    0000029f [SR] Verify complete
2017-12-03 06:29:53, Info                  CSI    000002a0 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:53, Info                  CSI    000002a1 [SR] Beginning Verify and Repair transaction
2017-12-03 06:29:59, Info                  CSI    000002a3 [SR] Verify complete
2017-12-03 06:29:59, Info                  CSI    000002a4 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:29:59, Info                  CSI    000002a5 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:09, Info                  CSI    000002aa [SR] Verify complete
2017-12-03 06:30:09, Info                  CSI    000002ab [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:09, Info                  CSI    000002ac [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:13, Info                  CSI    000002b1 [SR] Verify complete
2017-12-03 06:30:14, Info                  CSI    000002b2 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:14, Info                  CSI    000002b3 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:18, Info                  CSI    000002b6 [SR] Verify complete
2017-12-03 06:30:18, Info                  CSI    000002b7 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:18, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:23, Info                  CSI    000002c5 [SR] Verify complete
2017-12-03 06:30:23, Info                  CSI    000002c6 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:23, Info                  CSI    000002c7 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:29, Info                  CSI    000002cd [SR] Verify complete
2017-12-03 06:30:29, Info                  CSI    000002ce [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:29, Info                  CSI    000002cf [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:32, Info                  CSI    000002d1 [SR] Verify complete
2017-12-03 06:30:32, Info                  CSI    000002d2 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:32, Info                  CSI    000002d3 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:35, Info                  CSI    000002d7 [SR] Verify complete
2017-12-03 06:30:35, Info                  CSI    000002d8 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:35, Info                  CSI    000002d9 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:37, Info                  CSI    000002df [SR] Verify complete
2017-12-03 06:30:38, Info                  CSI    000002e0 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:38, Info                  CSI    000002e1 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:42, Info                  CSI    00000302 [SR] Verify complete
2017-12-03 06:30:42, Info                  CSI    00000303 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:42, Info                  CSI    00000304 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:46, Info                  CSI    00000306 [SR] Verify complete
2017-12-03 06:30:46, Info                  CSI    00000307 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:46, Info                  CSI    00000308 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:49, Info                  CSI    0000030a [SR] Verify complete
2017-12-03 06:30:49, Info                  CSI    0000030b [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:49, Info                  CSI    0000030c [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:52, Info                  CSI    0000030e [SR] Verify complete
2017-12-03 06:30:52, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:52, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2017-12-03 06:30:55, Info                  CSI    0000031e [SR] Verify complete
2017-12-03 06:30:55, Info                  CSI    0000031f [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:30:55, Info                  CSI    00000320 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:02, Info                  CSI    00000322 [SR] Verify complete
2017-12-03 06:31:02, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:02, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:05, Info                  CSI    00000332 [SR] Verify complete
2017-12-03 06:31:06, Info                  CSI    00000333 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:06, Info                  CSI    00000334 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:07, Info                  CSI    00000336 [SR] Verify complete
2017-12-03 06:31:08, Info                  CSI    00000337 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:08, Info                  CSI    00000338 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:11, Info                  CSI    0000033a [SR] Verify complete
2017-12-03 06:31:11, Info                  CSI    0000033b [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:11, Info                  CSI    0000033c [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:14, Info                  CSI    0000033f [SR] Verify complete
2017-12-03 06:31:14, Info                  CSI    00000340 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:14, Info                  CSI    00000341 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:15, Info                  CSI    00000343 [SR] Verify complete
2017-12-03 06:31:15, Info                  CSI    00000344 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:15, Info                  CSI    00000345 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:20, Info                  CSI    00000347 [SR] Verify complete
2017-12-03 06:31:20, Info                  CSI    00000348 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:20, Info                  CSI    00000349 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:23, Info                  CSI    0000034b [SR] Verify complete
2017-12-03 06:31:23, Info                  CSI    0000034c [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:23, Info                  CSI    0000034d [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:28, Info                  CSI    0000035f [SR] Verify complete
2017-12-03 06:31:29, Info                  CSI    00000360 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:29, Info                  CSI    00000361 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:33, Info                  CSI    0000036b [SR] Verify complete
2017-12-03 06:31:33, Info                  CSI    0000036c [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:33, Info                  CSI    0000036d [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:44, Info                  CSI    0000036f [SR] Verify complete
2017-12-03 06:31:44, Info                  CSI    00000370 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:44, Info                  CSI    00000371 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:46, Info                  CSI    00000373 [SR] Verify complete
2017-12-03 06:31:46, Info                  CSI    00000374 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:46, Info                  CSI    00000375 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:49, Info                  CSI    00000378 [SR] Verify complete
2017-12-03 06:31:49, Info                  CSI    00000379 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:49, Info                  CSI    0000037a [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:51, Info                  CSI    0000037d [SR] Verify complete
2017-12-03 06:31:51, Info                  CSI    0000037e [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:51, Info                  CSI    0000037f [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:53, Info                  CSI    00000381 [SR] Verify complete
2017-12-03 06:31:53, Info                  CSI    00000382 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:53, Info                  CSI    00000383 [SR] Beginning Verify and Repair transaction
2017-12-03 06:31:59, Info                  CSI    00000385 [SR] Verify complete
2017-12-03 06:31:59, Info                  CSI    00000386 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:31:59, Info                  CSI    00000387 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:02, Info                  CSI    00000389 [SR] Verify complete
2017-12-03 06:32:02, Info                  CSI    0000038a [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:02, Info                  CSI    0000038b [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:05, Info                  CSI    0000038e [SR] Verify complete
2017-12-03 06:32:05, Info                  CSI    0000038f [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:05, Info                  CSI    00000390 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:08, Info                  CSI    00000392 [SR] Verify complete
2017-12-03 06:32:08, Info                  CSI    00000393 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:08, Info                  CSI    00000394 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:11, Info                  CSI    00000396 [SR] Verify complete
2017-12-03 06:32:11, Info                  CSI    00000397 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:11, Info                  CSI    00000398 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:14, Info                  CSI    0000039a [SR] Verify complete
2017-12-03 06:32:14, Info                  CSI    0000039b [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:14, Info                  CSI    0000039c [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:17, Info                  CSI    0000039f [SR] Verify complete
2017-12-03 06:32:17, Info                  CSI    000003a0 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:17, Info                  CSI    000003a1 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:22, Info                  CSI    000003a3 [SR] Verify complete
2017-12-03 06:32:22, Info                  CSI    000003a4 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:22, Info                  CSI    000003a5 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:25, Info                  CSI    000003a7 [SR] Verify complete
2017-12-03 06:32:25, Info                  CSI    000003a8 [SR] Verifying 100 (0x0000000000000064) components
2017-12-03 06:32:25, Info                  CSI    000003a9 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:29, Info                  CSI    000003ab [SR] Verify complete
2017-12-03 06:32:29, Info                  CSI    000003ac [SR] Verifying 61 (0x000000000000003d) components
2017-12-03 06:32:29, Info                  CSI    000003ad [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:31, Info                  CSI    000003af [SR] Verify complete
2017-12-03 06:32:31, Info                  CSI    000003b0 [SR] Repairing 0 components
2017-12-03 06:32:31, Info                  CSI    000003b1 [SR] Beginning Verify and Repair transaction
2017-12-03 06:32:31, Info                  CSI    000003b3 [SR] Repair complete
=========================================================================================
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 03/12/2017 6:45:10 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===================================================================
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 03/12/2017 6:47:03 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 03/12/2017 12:47:00 PM
Type: Error Category: 3
Event: 454 Source: ESENT
taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Log: 'Application' Date/Time: 03/12/2017 12:47:00 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:46:50 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:46:40 PM
Type: Error Category: 3
Event: 454 Source: ESENT
taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Log: 'Application' Date/Time: 03/12/2017 12:46:40 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:46:30 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:42:02 PM
Type: Error Category: 3
Event: 454 Source: ESENT
taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Log: 'Application' Date/Time: 03/12/2017 12:42:02 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:41:52 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:41:42 PM
Type: Error Category: 3
Event: 454 Source: ESENT
taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Log: 'Application' Date/Time: 03/12/2017 12:41:42 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:41:32 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:39:42 PM
Type: Error Category: 3
Event: 454 Source: ESENT
taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Log: 'Application' Date/Time: 03/12/2017 12:39:42 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:39:32 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:39:22 PM
Type: Error Category: 3
Event: 454 Source: ESENT
taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Log: 'Application' Date/Time: 03/12/2017 12:39:22 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 12:39:12 PM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Log: 'Application' Date/Time: 03/12/2017 1:54:08 AM
Type: Error Category: 3
Event: 454 Source: ESENT
taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Log: 'Application' Date/Time: 03/12/2017 1:54:08 AM
Type: Error Category: 1
Event: 490 Source: ESENT
taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
======================================================================================================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by jp (administrator) on JP-PC (03-12-2017 06:51:05)
Running from C:\Users\jp\Desktop
Loaded Profiles: jp (Available Profiles: jp)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10806816 2010-04-30] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2016-10-11] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Razer Mamba Elite Driver] => C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe [973720 2011-11-25] (Razer USA Ltd)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\MountPoints2: {c086ab05-7c12-11e1-9506-001fbc0dc707} - F:\LaunchU3.exe -a
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8A2B8332-146E-4B1D-8493-7122587FFC7C}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll [2012-05-11] (ESN Social Software AB)
FF Plugin-x32: @gametree.co.kr/GTL -> C:\ProgramData\Gametree\GTL\npGTL.dll [2013-06-13] (NtreevSoft)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default [2017-12-03]
CHR Extension: (YouTube) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Star Stable Online) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnlmdkpemkkigkgelegknllpmfclakkk [2014-11-22]
CHR Extension: (Skype) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-03]
CHR Extension: (Search Manager) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\jp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-10-11] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-07-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKslc0e3256b; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B696170C-5650-4382-B6FB-070597E786B9}\MpKslc0e3256b.sys [58120 2017-12-03] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2015-11-25] () [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-03 06:51 - 2017-12-03 06:51 - 000010421 _____ C:\Users\jp\Desktop\FRST.txt
2017-12-03 06:47 - 2017-12-03 06:47 - 000006907 _____ C:\VEW_application log.txt
2017-12-03 06:47 - 2017-12-03 06:47 - 000006907 _____ C:\Users\jp\Desktop\VEW_application log.txt
2017-12-03 06:46 - 2017-12-03 06:46 - 000000452 _____ C:\Users\jp\Desktop\VEW_system log.txt
2017-12-03 06:45 - 2017-12-03 06:47 - 000006907 _____ C:\VEW.txt
2017-12-03 06:42 - 2017-12-03 06:42 - 000061440 _____ ( ) C:\Users\jp\Desktop\VEW.exe
2017-12-03 06:41 - 2017-12-03 06:41 - 000051357 _____ C:\Users\jp\Desktop\junk.txt
2017-12-02 13:41 - 2017-12-02 13:42 - 000011361 _____ C:\Users\jp\Desktop\Fixlog_12_1_17.txt
2017-12-02 13:39 - 2017-12-02 13:39 - 000000000 ____D C:\Users\jp\Desktop\FRST-OlderVersion
2017-12-02 13:29 - 2017-12-02 13:29 - 000000000 ____D C:\Users\jp\AppData\Roaming\NVIDIA
2017-12-02 13:20 - 2017-12-02 13:20 - 000000000 ____D C:\Users\jp\Desktop\old frst logs
2017-11-27 19:05 - 2017-12-03 06:51 - 000000000 ____D C:\FRST
2017-11-27 19:04 - 2017-12-02 13:39 - 002391552 _____ (Farbar) C:\Users\jp\Desktop\FRST64.exe
2017-11-26 18:09 - 2016-01-29 03:04 - 000614848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-11-26 18:08 - 2016-01-29 06:08 - 031523896 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 024207296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 023000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 018634264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 017559240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 016128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 015302712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 014497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 013916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 013828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 012911160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-11-26 18:08 - 2016-01-29 06:08 - 011272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 011209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 004252608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 003996216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 003210784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 002825016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 001908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434195.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 001557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434195.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000952256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000915392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000911928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-11-26 18:08 - 2016-01-29 06:08 - 000878648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-11-26 18:02 - 2017-12-02 17:59 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-26 18:02 - 2016-01-29 06:08 - 000082488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-11-26 18:02 - 2016-01-29 06:08 - 000067520 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 006791736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 003529152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 002558328 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 000932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2017-11-26 18:02 - 2016-01-29 04:49 - 000384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-11-26 18:02 - 2016-01-29 04:49 - 000062512 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-11-26 18:02 - 2016-01-28 10:29 - 006150607 _____ C:\Windows\system32\nvcoproc.bin
2017-11-26 17:49 - 2017-11-26 17:51 - 306673592 _____ (NVIDIA Corporation) C:\Users\jp\Desktop\342.01-desktop-win8-win7-winvista-64bit-international.exe
2017-11-26 16:57 - 2017-11-26 16:57 - 000002960 _____ C:\Windows\System32\Tasks\{FCB8B4A7-D1E0-4F3E-97BD-8245E197659B}
2017-11-24 10:19 - 2017-11-24 10:42 - 1212018712 _____ (NtreevSoft) C:\Users\jp\Desktop\Alicia_setup_008.exe
2017-11-14 18:17 - 2017-11-14 18:17 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-11-14 16:29 - 2017-10-18 01:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-14 16:29 - 2017-10-18 00:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-14 16:29 - 2017-10-17 20:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-14 16:29 - 2017-10-17 20:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-14 16:29 - 2017-10-17 20:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-14 16:29 - 2017-10-17 20:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-14 16:29 - 2017-10-16 17:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-14 16:29 - 2017-10-16 16:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-14 16:29 - 2017-10-16 15:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-14 16:29 - 2017-10-15 16:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-14 16:29 - 2017-10-14 02:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-14 16:29 - 2017-10-14 02:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-14 16:29 - 2017-10-14 02:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-14 16:29 - 2017-10-14 02:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-14 16:29 - 2017-10-14 02:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-14 16:29 - 2017-10-14 02:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-14 16:29 - 2017-10-14 02:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-14 16:29 - 2017-10-14 02:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-14 16:29 - 2017-10-14 02:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-14 16:29 - 2017-10-14 02:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-14 16:29 - 2017-10-14 02:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-14 16:29 - 2017-10-14 02:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-14 16:29 - 2017-10-14 02:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-14 16:29 - 2017-10-14 02:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-14 16:29 - 2017-10-14 02:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-14 16:29 - 2017-10-14 02:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-14 16:29 - 2017-10-14 02:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-14 16:29 - 2017-10-14 01:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-14 16:29 - 2017-10-14 01:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-14 16:29 - 2017-10-14 01:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-14 16:29 - 2017-10-14 01:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-14 16:29 - 2017-10-14 01:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-14 16:29 - 2017-10-14 01:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-14 16:29 - 2017-10-14 01:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-14 16:29 - 2017-10-14 01:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-14 16:29 - 2017-10-14 01:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-14 16:29 - 2017-10-14 01:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-14 16:29 - 2017-10-14 01:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-14 16:29 - 2017-10-14 01:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-14 16:29 - 2017-10-14 01:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-14 16:29 - 2017-10-14 01:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-14 16:29 - 2017-10-14 01:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-14 16:29 - 2017-10-14 01:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-14 16:29 - 2017-10-14 01:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-14 16:29 - 2017-10-14 01:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-14 16:29 - 2017-10-14 01:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-14 16:29 - 2017-10-14 00:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-14 16:29 - 2017-10-14 00:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-14 16:29 - 2017-10-14 00:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-14 16:29 - 2017-10-14 00:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-14 16:29 - 2017-10-14 00:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-14 16:29 - 2017-10-14 00:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-14 16:29 - 2017-10-14 00:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-14 16:29 - 2017-10-14 00:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-14 16:29 - 2017-10-14 00:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-14 16:29 - 2017-10-14 00:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-14 16:29 - 2017-10-14 00:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-14 16:29 - 2017-10-14 00:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-14 16:29 - 2017-10-14 00:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-14 16:29 - 2017-10-14 00:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-14 16:29 - 2017-10-14 00:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-14 16:29 - 2017-10-14 00:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-14 16:29 - 2017-10-14 00:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-14 16:29 - 2017-10-14 00:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-14 16:29 - 2017-10-14 00:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-14 16:29 - 2017-10-14 00:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-14 16:29 - 2017-10-14 00:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-14 16:29 - 2017-10-14 00:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-14 16:29 - 2017-10-14 00:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-14 16:29 - 2017-10-14 00:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-14 16:29 - 2017-10-14 00:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-14 16:29 - 2017-10-14 00:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-14 16:29 - 2017-10-14 00:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-14 16:29 - 2017-10-14 00:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-14 16:29 - 2017-10-14 00:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-14 16:29 - 2017-10-14 00:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-14 16:29 - 2017-10-11 18:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-14 16:29 - 2017-10-11 18:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-14 16:29 - 2017-10-11 18:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-14 16:29 - 2017-10-11 18:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-14 16:29 - 2017-10-11 18:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-14 16:29 - 2017-10-11 18:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-14 16:29 - 2017-10-11 18:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-14 16:29 - 2017-10-11 18:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-14 16:29 - 2017-10-11 18:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-14 16:29 - 2017-10-11 18:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-14 16:29 - 2017-10-11 18:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-14 16:29 - 2017-10-11 18:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-14 16:29 - 2017-10-11 18:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-14 16:29 - 2017-10-11 18:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-14 16:29 - 2017-10-11 18:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-14 16:29 - 2017-10-11 18:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-14 16:29 - 2017-10-11 18:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-14 16:29 - 2017-10-11 18:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-14 16:29 - 2017-10-11 18:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-14 16:29 - 2017-10-11 18:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-14 16:29 - 2017-10-04 07:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-14 16:29 - 2017-10-04 07:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-14 16:29 - 2017-09-07 07:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-11 20:05 - 2017-11-24 10:45 - 000001150 _____ C:\Users\jp\Desktop\게임트리.lnk
2017-11-11 15:28 - 2017-11-11 15:28 - 000000000 ____D C:\Users\jp\Desktop\Alicia Error
2017-11-11 12:37 - 2017-11-11 12:47 - 000000000 ____D C:\Program Files (x86)\Star Stable Online
2017-11-11 12:37 - 2017-11-11 12:37 - 000002767 _____ C:\Users\Public\Desktop\Star Stable Online.lnk
2017-11-11 12:37 - 2017-11-11 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable Online
2017-11-11 11:28 - 2017-11-11 11:28 - 000003144 _____ C:\Windows\System32\Tasks\{4CD6242E-60CA-4554-B09B-EC579BBFC171}
2017-11-11 11:00 - 2017-11-11 11:00 - 053914496 _____ (Skype Technologies S.A. ) C:\Users\jp\Desktop\Skype-8.10.0.9.exe
2017-11-11 10:10 - 2017-11-11 10:10 - 000003128 _____ C:\Windows\System32\Tasks\{A15D8A73-1CFC-45A8-89C7-4326B469D04C}
2017-11-11 10:01 - 2017-11-24 10:07 - 000000000 ____D C:\alicia online
2017-11-10 16:10 - 2017-11-10 16:10 - 000000979 _____ C:\Users\jp\Desktop\Minecraft.lnk
2017-11-10 15:53 - 2017-12-02 13:21 - 000000000 ____D C:\Program Files\Malwarebytes
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-03 06:23 - 2009-07-13 22:45 - 000032416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-03 06:23 - 2009-07-13 22:45 - 000032416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-02 18:04 - 2009-07-13 23:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-02 18:04 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2017-12-02 17:59 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-02 13:44 - 2017-03-11 15:08 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-12-02 13:42 - 2015-01-23 16:11 - 000000000 ___HD C:\Users\jp\AppData\LocalLow\Temp
2017-12-02 13:41 - 2017-03-11 15:15 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-12-02 13:41 - 2009-07-13 21:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-12-02 13:41 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-12-02 13:34 - 2012-11-16 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-02 13:34 - 2012-03-31 05:55 - 000000000 ___HD C:\Users\jp
2017-12-02 13:21 - 2015-07-22 04:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-26 18:22 - 2016-06-04 10:12 - 000000000 ___HD C:\Users\jp\AppData\Local\Gametree
2017-11-26 18:15 - 2017-07-01 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-26 18:09 - 2012-03-31 16:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-26 18:08 - 2012-03-31 16:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-26 18:02 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\Help
2017-11-26 18:01 - 2012-03-31 16:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-20 14:32 - 2010-11-20 21:27 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-16 19:30 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\rescache
2017-11-15 17:12 - 2012-10-28 08:31 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 18:22 - 2009-07-13 22:45 - 000272072 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-14 18:20 - 2014-12-10 18:20 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-14 18:09 - 2012-03-31 06:13 - 000774592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-11-14 18:06 - 2013-08-14 17:01 - 000000000 ____D C:\Windows\system32\MRT
2017-11-14 18:01 - 2017-10-10 17:04 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-14 18:01 - 2012-04-02 15:55 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-14 16:50 - 2012-04-01 11:09 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 16:50 - 2012-04-01 11:09 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 16:50 - 2012-04-01 11:09 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 16:50 - 2012-04-01 11:09 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-14 16:50 - 2012-04-01 11:09 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 01:05 - 2012-10-28 08:30 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 01:05 - 2012-10-28 08:30 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-11 16:48 - 2015-07-21 17:50 - 000000000 ___HD C:\Users\jp\AppData\Roaming\.minecraft
2017-11-11 10:59 - 2017-04-12 19:52 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-11-11 10:59 - 2017-03-11 15:17 - 000000000 ____D C:\Windows\system32\appmgmt
2017-11-11 10:59 - 2015-09-16 16:12 - 000000000 ____D C:\ProgramData\Skype
2017-11-11 10:17 - 2015-09-16 16:12 - 000000000 ___HD C:\Users\jp\AppData\Roaming\Skype
2017-11-10 16:10 - 2015-07-21 17:49 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-11-10 15:53 - 2015-07-22 04:35 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-11-10 14:24 - 2015-11-24 21:40 - 000000000 ___HD C:\Users\jp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-11-05 14:07 - 2016-06-04 12:38 - 000059472 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2017-11-03 18:15 - 2015-09-20 18:37 - 000001269 ____H C:\Users\jp\Desktop\nativelog.txt
 
==================== Files in the root of some directories =======
 
2015-10-23 08:55 - 2015-10-23 08:55 - 000007610 ___RH () C:\Users\jp\AppData\Local\Resmon.ResmonCfg
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-12-02 18:29
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by jp (03-12-2017 06:52:38)
Running from C:\Users\jp\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-03-31 11:55:51)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2309807771-1447711736-656462262-500 - Administrator - Disabled)
Guest (S-1-5-21-2309807771-1447711736-656462262-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2309807771-1447711736-656462262-1002 - Limited - Enabled)
jp (S-1-5-21-2309807771-1447711736-656462262-1000 - Administrator - Enabled) => C:\Users\jp
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Alicia (HKLM-x32\...\Alicia) (Version: 1.0.0.0 - NtreevSoft)
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 1.122.0 - EA Digital Illusions CE AB)
Blacklight Retribution (HKLM-x32\...\Blacklight Retribution) (Version:  - Perfect World Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Curse Client (HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Gametree Launcher (HKLM-x32\...\GTL) (Version: 3.0.26.0 - NtreevSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoPro Studio (HKLM-x32\...\{7BDB9575-D4C8-42B0-84EA-1CD654F63637}) (Version: 5.10.4320 - GoPro, Inc.) Hidden
GoPro Studio 2.5.4 (HKLM-x32\...\GoPro Studio) (Version: 2.5.4 - GoPro, Inc.)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1036 - Marvell)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Quik (HKLM\...\{6249867C-ACE2-4400-AD50-4D6945A8EA8A}) (Version: 0.1.4320 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{0d91b40f-e179-491c-a726-cd71dc297e8a}) (Version: 2.0.0.4320 - GoPro, Inc.)
Razer Mamba (HKLM-x32\...\{BF60B320-3AA3-4DFB-B542-BDA6D4F1A60E}) (Version: 2.01.05 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.12.1218.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6101 - Realtek Semiconductor Corp.)
RIFT (HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\RIFT) (Version:  - Trion Worlds, Inc.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Star Stable Online (HKLM-x32\...\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}) (Version: 1.01.0000 - Star Stable Entertainment AB)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VFW_Codec32 (HKLM-x32\...\{FCA86F94-8BCA-491D-AFF9-90921796FCD8}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{341735D3-32CF-41BC-8C9B-FDE3975452DB}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
WinPCOptimizer (HKLM-x32\...\{A12BC961-A17E-4400-89E3-7939E082D827}) (Version: 1.03.1020 - Win PC Optimizer)
World of Logs Client (4.2) (HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\World of Logs Client (4.2)) (Version:  - Digibites Technology)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2309807771-1447711736-656462262-1000_Classes\CLSID\{4df3e0ab-18b0-433d-b14c-aeeef26b1833}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2309807771-1447711736-656462262-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-01-29] (NVIDIA Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {23855FE6-2F13-4E21-ACDB-18C9E6C70B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3A8A6C3A-D169-4925-9DE2-041AF1CEE7EA} - System32\Tasks\{85A6FB23-2911-47F5-BD07-D7EBAEFACD52} => C:\Program Files (x86)\Star Stable Entertainment AB\Star Stable\StarStable.exe
Task: {3CE1195E-DC0E-4058-BE96-DAACAF30AFB5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {56FCA865-50D9-4AE4-B2C8-F3376A03E6C3} - System32\Tasks\{A15D8A73-1CFC-45A8-89C7-4326B469D04C} => C:\Windows\system32\pcalua.exe -a "C:\alicia online\Alicia_Launcher_Install_Beta.exe" -d "C:\alicia online"
Task: {77A36547-0436-4D9E-B7E1-6E5ED009A452} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {86ADF0E4-46DF-4E64-BBAC-A61E23CFBAB3} - System32\Tasks\{4CD6242E-60CA-4554-B09B-EC579BBFC171} => C:\Windows\system32\pcalua.exe -a "C:\Users\jp\Desktop\Alicia_Launcher_Install_Beta (1).exe" -d C:\Users\jp\Desktop
Task: {90B10FB5-6D74-465A-802C-6268AFEF88C9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {A95571BF-330B-44F1-A7DE-2C4EE65805EB} - System32\Tasks\{FCB8B4A7-D1E0-4F3E-97BD-8245E197659B} => C:\Users\jp\AppData\Roaming\AliciaOnline\Launcher.exe [2014-12-21] ()
Task: {D91B1852-9DB5-46F0-A199-6AE63FDC776C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-11-26 18:02 - 2016-01-29 04:49 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-04-16 19:50 - 2012-07-29 08:25 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-10-11 23:48 - 2016-10-11 23:48 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2017-11-15 17:12 - 2017-11-10 03:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-15 17:12 - 2017-11-10 03:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2309807771-1447711736-656462262-1000\...\starstable.com -> starstable.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2017-03-11 15:19 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2309807771-1447711736-656462262-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A9D627D0-995F-4841-B9D4-6E40E23C4C9C}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{302A982D-4A0C-4D84-ABCE-7C2E56F9128D}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{48B7B65C-B0B3-4B90-93F0-40772DBEBF52}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{DC15E6EF-AFC7-41B7-B288-AE34FCAAC5D5}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{23101DD1-05FB-405A-9032-6DD28E9A7785}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{424D164C-3EA7-467F-A2ED-161BDCB64AB6}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{810E9FC2-4BF1-4E03-B111-E4B05603ECE5}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [UDP Query User{5A1BB868-8AAD-460F-A3F0-2281EEFE7BB9}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe
FirewallRules: [TCP Query User{5C4667C1-F951-4F0D-BA7C-BACEF8EA3B09}C:\program files (x86)\world of warcraft\backgrounddownloader.exe] => (Allow) C:\program files (x86)\world of warcraft\backgrounddownloader.exe
FirewallRules: [UDP Query User{09F1F1E0-CE33-4192-8E91-D3997856C4C6}C:\program files (x86)\world of warcraft\backgrounddownloader.exe] => (Allow) C:\program files (x86)\world of warcraft\backgrounddownloader.exe
FirewallRules: [TCP Query User{894408AA-9503-4DAF-AE23-2C419BD6E5C6}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [UDP Query User{67959C88-AF36-4D6B-9AAD-7A6132E424CA}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe
FirewallRules: [TCP Query User{50DCFF35-D384-4D8B-B7C0-58EC0EB264B9}C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [UDP Query User{CBC7498A-722B-42D5-B8F9-82D87ECE92EA}C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe
FirewallRules: [{C1EB2F47-04B0-4F83-920B-6525E13E966F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{59ECE83E-4D34-4F41-89A6-7D7FA0C0EF92}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{90A6D7A3-8F32-460B-A901-1872F944D0EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{120DEE30-CA24-4557-970F-C5784AFE7A21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{6851F6A0-DA14-4C92-92E9-E2ABDCBDEB21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{232119DB-340A-4369-B04F-D8AFF0F8BF1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{6B14D047-430D-405F-9663-6A01BDA3CDF2}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{B563E21D-5DB8-4830-83CB-041C23A92AC1}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{27EBBC0A-4F2C-428F-A4BF-164A759F70B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47BB46F1-E535-4ADF-8CFF-533C9452F95A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75E47A58-9704-4059-8D15-41F123E0ACC9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{029D3BD2-E8A3-4223-AAC6-74CEC63837FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0FBD5E06-DF70-4621-8A45-FD8C876446AD}C:\program files (x86)\world of warcraft\launcher.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.exe
FirewallRules: [UDP Query User{400EC75B-FFDF-4208-ADEF-45905F18E50A}C:\program files (x86)\world of warcraft\launcher.exe] => (Allow) C:\program files (x86)\world of warcraft\launcher.exe
FirewallRules: [TCP Query User{825CD9ED-F93C-4230-9895-FA29005E12F3}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{FEEB2C44-DCE3-4B9A-ABA6-27CE89710BD1}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{0CF83BA7-8315-47AF-AC6C-6B175CD7DB42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{F7C86BDA-B6E5-4C93-9312-500FAA66F516}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{E7A2BE7C-2279-4519-9306-CB179BA23269}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{7E72FE13-7E28-4AF2-807C-F7A67A8A930B}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{7F9914B3-6AC2-4FC3-A57B-9A5CF09F5093}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{A56C4D02-0DDC-46EB-8FF2-34CC4E782553}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{19659990-DD94-4775-B1EA-8AB1E49529D5}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{7DC9FD1F-6675-4F4F-86E5-21DCE9BE6C95}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{6303D421-50EA-4966-8A64-196105ACF621}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8EED9741-A384-41FD-AB19-304293A1598C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F0E89DD9-D7A8-4643-A9DD-88617F79BE87}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BD062255-A042-4772-BC33-16891B9DD55B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{4F5F191E-5F30-46EC-A24B-4AC0DA3D68DA}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
FirewallRules: [UDP Query User{5ED60B89-F7A9-4693-AB13-50099199064B}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
FirewallRules: [TCP Query User{9E2C7BD4-40FD-4FF5-87B5-C4F02E2E4C1E}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [UDP Query User{EFABECC8-8E12-44E0-B61B-0936D4EBD0E7}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [{CD5041F6-C03D-4AE8-BAC4-B3129FAB035F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{1F15D6F9-5D1F-4AD6-A4EE-694EFE036EFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{F10791C4-606F-4C4C-9C4E-E30342051B84}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{629926D1-D5A7-41DA-8DF9-B6A5645BADA3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{F65C5BF3-7BFC-44AD-89E5-5A24862D672A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{AA957814-5F96-4FAC-ABFE-253B33FE784B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{2070E58C-F2EE-47D4-B979-6563A4721E91}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9015F7C1-03B1-49A9-975B-E10239FD84D9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F3FD043A-0FDE-4910-B9B2-D163A0D31EF9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{39FBAB6E-5C06-4A16-B8FE-9424E5707CCC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{EF6F16F5-CEA7-4FB2-9A55-7B8F36F90920}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{968EE181-C2B2-4976-8DF4-A0F42AA6C473}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{AE1E2C08-0071-4FBF-88DF-34ABF90631AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{82D68BD1-7E2B-4225-ADAB-C5F74FB99FA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0214F5EF-4D01-45C9-892D-BEAC6566AEB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{4AF19BE0-07C6-42D6-8E88-481C6E10534F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{14101907-AB5E-4B52-A360-8DBCED282B16}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{70FE2AC5-7E46-467B-9E51-6A6BD45DD526}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{47085C9C-090E-423F-B884-347B72E43876}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{55131776-5007-468E-9247-14CAC68EF364}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{3ED01829-92BE-47A8-A5F8-B07279A579B8}C:\programdata\battle.net\agent\agent.2000\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.2000\agent.exe
FirewallRules: [UDP Query User{79EB8DDB-E09D-42BD-8C80-0D03D7A520A2}C:\programdata\battle.net\agent\agent.2000\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.2000\agent.exe
FirewallRules: [{344B2303-8692-4341-911D-5D0CBDC65837}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [{A0B251D6-38D0-4D1E-B00B-F68CC2396FE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [{0E65A494-DA6C-45D0-AF41-3BEA0D7396A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{30224012-4400-43AC-8C30-93BA876CEFBA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{045FDD7F-7527-4C7D-88CB-3EB2D88A35FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{014338BD-EB83-4628-B12B-968BBAE20F69}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{9D815E6B-2D10-4055-A105-27802296BFD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{8F364CDC-9704-4696-8B27-771812911EB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BDFB8014-6028-43B7-A847-50485472895E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A770344B-AC07-45C4-944A-696774C0AE9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{5E0A48AB-4644-4D30-B029-57CACC598F6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{B431A530-29E2-4C46-AAAB-49FA8A562D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{6A27F057-44D1-41AC-A780-A4E3670ADB7E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{DF92701E-2E42-4F19-A201-727EB09023EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{CCC7D655-21F3-425B-BEE5-5548D4723649}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{62A7EDD9-99B3-40B2-A759-431E2E9318DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{6425CE97-A82A-427C-A1FE-F0DD5FD88321}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C2425020-2C53-441C-B46F-528B041B20E3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{0F899503-4F49-4B0E-9BE1-3837A5E5EAEB}C:\programdata\battle.net\agent\agent.beta.2737\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2737\agent.exe
FirewallRules: [UDP Query User{E37FF7CA-8E3B-40BD-8209-8AFC2A86DDF2}C:\programdata\battle.net\agent\agent.beta.2737\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2737\agent.exe
FirewallRules: [TCP Query User{B96AE211-44A8-4263-B9F6-A559A7A4CCDA}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [UDP Query User{0AB82E04-5B1D-480B-9F46-8874C6C2441B}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [{B1B1C28E-09B2-4AFB-ACD4-E8A8F08C0D1A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{C72C0ADD-3383-4727-819E-684F46926091}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{2BFC2550-A607-4CC9-A35B-04C5D1826E6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{9586A481-2E6C-4D41-AD6A-F0344188C89F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{0D293ECD-6D28-4273-B35E-B52A53BD41CA}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{A837366E-D575-4DC9-B40C-88C07F18F224}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{1358A3CD-A33F-4762-AE84-5E1D74EBA1A9}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [UDP Query User{44D01E67-13C3-4F25-BA5E-E95DE6E79EBA}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [TCP Query User{8372E4DB-D843-441F-A7A0-D44D202A7A77}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{043C90F8-EF79-4B60-BCC9-87BC61DC3750}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [TCP Query User{C9C61A27-20E3-408F-9ACD-DB5BB8732303}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [UDP Query User{709FB9AC-729E-4C00-BEA0-C11BC9B5DA3E}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [TCP Query User{ADA7ABAA-F0F1-4D56-8B40-21F3000A72CD}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{9D5B9A67-97A1-452A-B5DF-64DF1E7D3F1C}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [TCP Query User{6EAC2EA2-6143-47CB-8B5A-E4CD35CCAA48}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [UDP Query User{A42FA79F-1E48-4CA9-92ED-2297394723EE}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [TCP Query User{805FE87C-9096-4EB0-9E8C-5F922BFA948B}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [UDP Query User{9EC09586-D0FF-4B17-A0DB-873C5AB400C2}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [TCP Query User{8CB627D0-F97A-4552-9520-632EC79AD349}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [UDP Query User{E43FD89E-57B9-45F0-9C72-5BBEA4404B7B}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [TCP Query User{3E1E70CC-1CA2-4948-B303-B0F1A1A993C1}C:\programdata\battle.net\agent\agent.3323\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3323\agent.exe
FirewallRules: [UDP Query User{14D0E658-D8D1-4CB0-91E8-987066AE5E5D}C:\programdata\battle.net\agent\agent.3323\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3323\agent.exe
FirewallRules: [TCP Query User{159DE811-A3F7-4EBA-A7C6-DBCBCA2721F6}C:\programdata\battle.net\agent\agent.3332\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3332\agent.exe
FirewallRules: [UDP Query User{5FDF4479-7CB4-4725-80A9-0D009DBFD5DE}C:\programdata\battle.net\agent\agent.3332\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3332\agent.exe
FirewallRules: [{13C41B3A-3D91-47EA-86FD-388E76B2D5C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{4966796B-6018-464B-AF3D-483A086E68C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [TCP Query User{E5C3C24F-79A1-4F04-84B2-1EA05B3691D8}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [UDP Query User{4F6099B2-5E85-475E-9B5E-DF5DE550865E}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [TCP Query User{A15444EF-4449-4843-B76F-DC286D4D1896}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{C2ABC310-F41D-43BF-B02B-38585F05741C}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [TCP Query User{0D097893-FF32-4B69-A428-4DF484F6BA85}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [UDP Query User{97B12DC6-BEF5-456F-AA8C-5CEE7EA72CF6}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [TCP Query User{15D2A26F-9419-46C3-B8E4-F28278D40B87}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe
FirewallRules: [UDP Query User{F39B6B33-45C7-401E-A7B8-8584E2BD4E9F}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe
FirewallRules: [{9534E308-E9A6-4511-A0F0-06A462F19C18}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{30DC7504-9649-4B9A-9AA3-01862BA288E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [TCP Query User{B9BCE314-82A9-4907-B265-8E324FA55CF6}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{C5CD4A59-064C-47E8-997A-93B58F77AC34}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [{51FA38F8-D8E1-481C-9514-B411A40278DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{40682BDD-BF37-4EBF-94EC-47BE5D600DD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{D545098B-7077-473A-874F-DBE9AAB5E07A}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [UDP Query User{EC360A31-27D0-4159-9F5C-D10F2E98D8C2}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [{FC5BB6A7-3516-4282-9E81-9B347C084301}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{AF22A538-0721-44EB-BD28-DE4DED36636D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9C6837D8-68B5-4A4D-9B17-C215A418D187}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3668\agent.exe
FirewallRules: [UDP Query User{5B0267E0-9763-44C4-8A8E-00E69C9B7970}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3668\agent.exe
FirewallRules: [TCP Query User{60E9BC96-E131-4269-B5BE-441A34AA038C}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [UDP Query User{13A184F3-1CBB-4A4C-9AC4-E63ECB573032}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [{BE4F8501-A4DB-4C4A-8450-C2BE700112D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{C833A007-8ECF-419B-A6F2-B3A9D14EE75A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{AE80F763-4C51-4228-9033-B5D168D58D75}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [UDP Query User{AB73FFAE-8DC8-43E1-89BE-C43E5F38DDC0}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [{3E8131AD-690C-4224-BD35-BEB03F0B1040}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A22EC343-0E37-4B9A-BAA8-DB18CE5F6971}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{973ABC83-4CC5-45C7-99DD-18C6D3A88CF3}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4769E2D3-A396-42AA-AB2A-3131D9429DF5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{9D058B8E-2B16-4258-9DAF-B91DFFD029CD}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A0DCEEA0-AED1-40A5-AB28-A360984C3840}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{FFFDBC8D-6A74-4614-855C-E35CE2191A90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{26E44FB6-7294-4D23-8A78-8FD3C3A87393}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{54A42555-121C-4EAC-8E3C-ED7522838718}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BADF1D9A-2312-4E68-A815-0EDE2DB17B66}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CCA9D2DA-BC9C-4E48-B1CC-9B69E5D6B381}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{114BDC89-E8A6-48AA-B178-149BFA88EF83}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{762C2568-853A-4AF7-ADFC-391AE2DA389D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4046B36B-1826-4C86-A7B1-2389F27FD815}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FF069823-FBE9-4135-AE19-F542AB2388B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe
FirewallRules: [{8B3B9758-A99B-402A-A5D1-A1435E595E05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Tournament\System\UnrealTournament.exe
FirewallRules: [{2F363287-B26D-42B9-A756-5F90099FBECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake 3 Arena\quake3.exe
FirewallRules: [{CC6B4BB8-6779-43A4-B273-296AA92A0511}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake 3 Arena\quake3.exe
FirewallRules: [{FE709DBC-B302-4622-8AC2-AEF3DF7D0787}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe
FirewallRules: [{50A0CD28-0BC0-4085-9F0E-CD636759C38A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{32EB3AA4-CF24-4211-B90F-A11C27B33A6F}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{EB7E8E17-33FA-4B53-99AC-7BAEDA614B92}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{45EBB900-13A3-4BC7-B5EA-C51DAE7DC7D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{04109A08-5D8B-4CAF-A432-74AE9843D7B3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1CEC1380-E1A0-49AF-8AC4-8E6A94FB1474}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B5BD7858-AAA9-414A-A2B9-841846D607B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4B030799-38B7-45C4-A77F-57F569ACAB3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D70235E5-13BA-41E2-88C2-D45B0452199F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1C519149-55CE-40F5-9F56-EA3DF4959C1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6C1FA299-218A-47C1-8158-6EF13C461198}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B976F1EF-2520-423C-908C-D86BABDE5B49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{83ED86E2-19B0-4205-86D6-6C19E723AAA2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8CE7D401-F855-44D6-A3A8-A5BD1CC6326C}] => (Allow) C:\Users\jp\AppData\Local\Gametree\Alicia\Alicia.exe
FirewallRules: [{0A6E202F-D375-4EAE-95B9-8696DD386FEB}] => (Allow) C:\Users\jp\AppData\Local\Gametree\Alicia\Alicia.exe
 
==================== Restore Points =========================
 
02-12-2017 18:36:15 Scheduled Checkpoint
03-12-2017 02:14:03 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/03/2017 06:50:14 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Error: (12/03/2017 06:50:14 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/03/2017 06:50:04 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/03/2017 06:49:54 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Error: (12/03/2017 06:49:54 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/03/2017 06:49:44 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/03/2017 06:49:34 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
Error: (12/03/2017 06:49:34 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/03/2017 06:49:24 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\V01.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/03/2017 06:49:14 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1684) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.
 
 
System errors:
=============
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 43%
Total physical RAM: 6135.14 MB
Available physical RAM: 3437.72 MB
Total Virtual: 12268.47 MB
Available Virtual: 9956.47 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1397.17 GB) (Free:1208.09 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:253.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: E14FE14F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: EE7E9EF6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 88.05 0 K 24 K 0
MsMpEng.exe 10.81 289,148 K 397,960 K 472 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
procexp64.exe 0.55 29,460 K 48,464 K 3396 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System 0.21 176 K 2,360 K 4
Interrupts 0.11 0 K 0 K n/a Hardware Interrupts and DPCs
svchost.exe 0.08 256,748 K 262,188 K 1028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.05 55,864 K 93,132 K 1924 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 0.03 31,212 K 36,480 K 2816 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
msseces.exe 0.02 85,916 K 94,472 K 3180 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
chrome.exe 0.02 100,880 K 121,064 K 3344 Google Chrome Google Inc. (Verified) Google Inc
csrss.exe 0.01 3,636 K 9,896 K 652 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe 0.01 4,664 K 11,456 K 1780 MobileDeviceService Apple Inc. (Verified) Apple Inc.
nvstreamsvc.exe 0.01 4,704 K 10,804 K 2344 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
nvstreamsvc.exe 0.01 7,600 K 16,352 K 2564 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
nvstreamsvc.exe < 0.01 9,228 K 12,788 K 1844 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
svchost.exe < 0.01 5,640 K 11,488 K 868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 60,288 K 105,768 K 4064 Google Chrome Google Inc. (Verified) Google Inc
MpCmdRun.exe < 0.01 4,724 K 1,012 K 3336 Microsoft Malware Protection Command Line Utility Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 37,740 K 56,292 K 1100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
nusb3mon.exe < 0.01 2,384 K 5,852 K 3364 USB 3.0 Monitor NEC Electronics Corporation (No signature was present in the subject) NEC Electronics Corporation
iPodService.exe < 0.01 3,112 K 7,428 K 3820 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 33,660 K 36,376 K 1364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
PnkBstrA.exe < 0.01 1,368 K 4,360 K 1484 (Verified) Even Balance
wmpnetwk.exe < 0.01 13,264 K 8,324 K 1524 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 29,688 K 24,264 K 1132 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,612 K 4,628 K 544 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 7,380 K 14,408 K 748 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
NvNetworkService.exe < 0.01 2,152 K 6,108 K 2040 NVIDIA Network Service NVIDIA Corporation (Verified) NVIDIA Corporation
iTunesHelper.exe < 0.01 6,524 K 15,056 K 3220 iTunesHelper Apple Inc. (Verified) Apple Inc.
nvvsvc.exe < 0.01 6,892 K 14,764 K 1672 NVIDIA Driver Helper Service, Version 341.95 NVIDIA Corporation (Verified) NVIDIA Corporation
WmiPrvSE.exe 3,300 K 7,456 K 3424 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 4,208 K 8,564 K 728 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 2,120 K 5,032 K 624 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 13,080 K 12,728 K 1684 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,648 K 6,304 K 4608 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,876 K 8,896 K 1000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 13,500 K 15,968 K 1628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 19,756 K 22,176 K 752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 9,524 K 15,904 K 1056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,784 K 11,564 K 2668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,212 K 4,940 K 920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,900 K 8,316 K 1220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7,764 K 13,692 K 1940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,152 K 12,364 K 1600 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 732 K 1,428 K 368 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 5,972 K 12,172 K 684 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
RazerMambaSysTray.exe 3,912 K 8,852 K 3376 Razer Mamba System Tray Razer USA Ltd (Verified) Razer USA Ltd
RAVCpl64.exe 10,224 K 12,040 K 3168 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,676 K 8,040 K 1144 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
nvxdsync.exe 10,964 K 22,656 K 1664 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
nvvsvc.exe 3,784 K 8,668 K 932 NVIDIA Driver Helper Service, Version 341.95 NVIDIA Corporation (Verified) NVIDIA Corporation
nvtray.exe 6,168 K 12,536 K 3728 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
nvSCPAPISvr.exe 3,396 K 6,752 K 956 Stereo Vision Control Panel API Server NVIDIA Corporation (Verified) NVIDIA Corporation
NisSrv.exe 17,356 K 7,284 K 2524 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
mDNSResponder.exe 2,844 K 6,344 K 1916 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 3,160 K 4,904 K 760 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
GoProDeviceDetection.exe 16,752 K 13,940 K 532 (Verified) GoPro
GfExperienceService.exe 2,684 K 6,780 K 1996 NVIDIA GeForce Experience Service NVIDIA Corporation (Verified) NVIDIA Corporation
conhost.exe 1,612 K 3,392 K 2364 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 2,272 K 5,200 K 2848 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 63,780 K 66,272 K 1512 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4,672 K 8,044 K 3724 Google Chrome Google Inc. (Verified) Google Inc
audiodg.exe 18,088 K 17,356 K 4024 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
======================================================================================================
 
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       368 N/A                                         
csrss.exe                      544 N/A                                         
wininit.exe                    624 N/A                                         
csrss.exe                      652 N/A                                         
services.exe                   684 N/A                                         
winlogon.exe                   728 N/A                                         
lsass.exe                      748 EFS, SamSs                                  
lsm.exe                        760 N/A                                         
svchost.exe                    868 DcomLaunch, PlugPlay, Power                 
nvvsvc.exe                     932 nvsvc                                       
nvSCPAPISvr.exe                956 Stereo Service                              
svchost.exe                   1000 RpcEptMapper, RpcSs                         
MsMpEng.exe                    472 MsMpSvc                                     
svchost.exe                    752 AudioSrv, Dhcp, eventlog, lmhosts, wscsvc   
svchost.exe                   1028 AudioEndpointBuilder, CscService, hidserv,  
                                   Netman, PcaSvc, SysMain, TrkWks, UxSms      
svchost.exe                   1056 EventSystem, FontCache, netprofm, nsi,      
                                   WdiServiceHost                              
svchost.exe                   1100 AeLookupSvc, Appinfo, BITS, IKEEXT,         
                                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,     
                                   Schedule, SENS, ShellHWDetection, Themes,   
                                   Winmgmt, wuauserv                           
svchost.exe                   1220 gpsvc                                       
svchost.exe                   1364 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
spoolsv.exe                   1600 Spooler                                     
svchost.exe                   1628 BFE, DPS, MpsSvc                            
nvxdsync.exe                  1664 N/A                                         
nvvsvc.exe                    1672 N/A                                         
AppleMobileDeviceService.     1780 Apple Mobile Device Service                 
mDNSResponder.exe             1916 Bonjour Service                             
svchost.exe                   1940 DiagTrack                                   
GfExperienceService.exe       1996 GfExperienceService                         
NvNetworkService.exe          2040 NvNetworkService                            
nvstreamsvc.exe               1844 NvStreamSvc                                 
PnkBstrA.exe                  1484 PnkBstrA                                    
nvstreamsvc.exe               2344 N/A                                         
conhost.exe                   2364 N/A                                         
NisSrv.exe                    2524 NisSrv                                      
svchost.exe                   2668 SSDPSRV, upnphost                           
GoProDeviceDetection.exe       532 GoProDeviceDetectionService                 
wmpnetwk.exe                  1524 WMPNetworkSvc                               
SearchIndexer.exe             1132 WSearch                                     
taskhost.exe                  1684 N/A                                         
nvstreamsvc.exe               2564 N/A                                         
conhost.exe                   2848 N/A                                         
dwm.exe                       2816 N/A                                         
explorer.exe                  1924 N/A                                         
RAVCpl64.exe                  3168 N/A                                         
msseces.exe                   3180 N/A                                         
iTunesHelper.exe              3220 N/A                                         
nusb3mon.exe                  3364 N/A                                         
RazerMambaSysTray.exe         3376 N/A                                         
nvtray.exe                    3728 N/A                                         
iPodService.exe               3820 iPod Service                                
svchost.exe                    920 SDRSVC                                      
MpCmdRun.exe                  3336 N/A                                         
chrome.exe                    4064 N/A                                         
chrome.exe                    3724 N/A                                         
chrome.exe                    1512 N/A                                         
chrome.exe                    3344 N/A                                         
audiodg.exe                   4024 N/A                                         
WmiPrvSE.exe                  3424 N/A                                         
taskeng.exe                   4608 N/A                                         
dllhost.exe                   4680 N/A                                         
dllhost.exe                   1872 N/A                                         
cmd.exe                       4548 N/A                                         
conhost.exe                    796 N/A                                         
tasklist.exe                  2976 N/A                                         
WmiPrvSE.exe                  3624 N/A                                         
 
=======================================
 
Thanks,
Alexa

 


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Error: (12/03/2017 06:49:34 AM) (Source: ESENT) (EventID: 490) (User: )

Description: taskhost (1684) WebCacheLocal: An attempt to open the file "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 5 (0x00000005): "Access is denied. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Let's look at the permissions for the file in question:
 

Download the attached fixlist.txt to the same location as FRST



Run FRST and press Fix
A fix log will be generated please post that

This should be very quick.
 

 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 88.05 0 K 24 K 0
MsMpEng.exe 10.81 289,148 K 397,960 K 472 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
 
 

 

 

MSSE is eating up too much CPU.  Let's download the free Avast:
 
 
This is the full installation file so about 230 MB.  Save it.
 
 
 
Uninstall Microsoft Security Essentials
Reboot.  Now double click on the  previously downloaded Avast installation file and let it install.  Wait until it updates (register if it asks).  Then make a new Process Explorer file and post it. 
 
I do not see a Speccy log.
 
 

 
 
 

  • 0

#7
Sonny_D153

Sonny_D153

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Here are the logs you requested. Sorry about the Speccy log let me try again.

 

Thanks,

Alexa

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by jp (04-12-2017 19:04:45) Run:2
Running from C:\Users\jp\Desktop
Loaded Profiles: jp (Available Profiles: jp)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
ListPermissions: C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
 
 
 
*****************
 
===================================
permissions of "C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat":
 
Owner: jp-PC\jp
 
DACL(PAI):
 
BUILTIN\Administrators ALLOW FULL (NI)
NT AUTHORITY\SYSTEM ALLOW FULL (NI)
jp-PC\jp ALLOW FULL (NI)
 
===================================
 
==== End of Fixlog 19:04:45 ====
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 98.80 0 K 24 K 0
procexp64.exe 0.63 30,536 K 51,092 K 4788 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.20 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.15 29,648 K 34,612 K 2764 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
System 0.08 188 K 2,304 K 4
csrss.exe 0.04 3,660 K 9,848 K 644 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe 0.02 24,880 K 25,164 K 4296 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.
chrome.exe 0.02 103,504 K 121,000 K 5372 Google Chrome Google Inc. (Verified) Google Inc
AvastSvc.exe 0.01 169,888 K 40,960 K 3828 Avast Service AVAST Software (Verified) AVAST Software s.r.o.
explorer.exe 0.01 28,380 K 55,056 K 2808 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
nvstreamsvc.exe 0.01 4,708 K 10,944 K 2068 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
nvstreamsvc.exe < 0.01 7,548 K 16,336 K 2664 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
nvstreamsvc.exe < 0.01 9,484 K 13,048 K 1280 NVIDIA Streamer Service NVIDIA Corporation (Verified) NVIDIA Corporation
chrome.exe < 0.01 56,516 K 96,500 K 1844 Google Chrome Google Inc. (Verified) Google Inc
iPodService.exe < 0.01 2,984 K 7,460 K 2924 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 25,376 K 38,428 K 808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 13,264 K 6,492 K 1092 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 4,668 K 11,960 K 1696 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 8,304 K 13,148 K 428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
PnkBstrA.exe < 0.01 1,360 K 4,484 K 1668 (Verified) Even Balance
WmiPrvSE.exe < 0.01 3,740 K 7,928 K 4056 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 4,604 K 8,560 K 992 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 16,984 K 17,772 K 1300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
aswidsagenta.exe < 0.01 17,760 K 31,744 K 3824 Avast Behavior Shield AVAST Software (Verified) AVAST Software s.r.o.
svchost.exe < 0.01 154,144 K 161,484 K 632 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 6,224 K 14,124 K 732 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 27,272 K 24,324 K 3108 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
NvNetworkService.exe < 0.01 2,148 K 6,000 K 2012 NVIDIA Network Service NVIDIA Corporation (Verified) NVIDIA Corporation
conhost.exe < 0.01 2,280 K 5,412 K 2676 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
nvvsvc.exe < 0.01 6,956 K 14,928 K 1416 NVIDIA Driver Helper Service, Version 341.95 NVIDIA Corporation (Verified) NVIDIA Corporation
csrss.exe < 0.01 2,884 K 5,300 K 516 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe < 0.01 6,544 K 15,632 K 1424 iTunesHelper Apple Inc. (Verified) Apple Inc.
winlogon.exe 4,252 K 8,764 K 720 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 2,120 K 5,160 K 620 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 5,548 K 10,640 K 2652 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,744 K 11,440 K 864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,228 K 8,832 K 1848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 19,836 K 19,708 K 404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,576 K 16,344 K 1612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,580 K 6,600 K 1780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,088 K 10,268 K 2152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,872 K 6,396 K 1160 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,380 K 5,336 K 5916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,232 K 12,464 K 1584 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 732 K 1,428 K 360 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,172 K 12,600 K 676 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
RazerMambaSysTray.exe 3,888 K 8,632 K 3076 Razer Mamba System Tray Razer USA Ltd (Verified) Razer USA Ltd
RAVCpl64.exe 11,800 K 12,992 K 1480 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,984 K 8,160 K 4332 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
nvxdsync.exe 10,968 K 22,680 K 1408 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
nvvsvc.exe 3,736 K 8,760 K 924 NVIDIA Driver Helper Service, Version 341.95 NVIDIA Corporation (Verified) NVIDIA Corporation
nvtray.exe 5,964 K 12,460 K 3384 NVIDIA Settings NVIDIA Corporation (Verified) NVIDIA Corporation
nvSCPAPISvr.exe 2,772 K 6,172 K 948 Stereo Vision Control Panel API Server NVIDIA Corporation (Verified) NVIDIA Corporation
nusb3mon.exe 2,092 K 5,740 K 2800 USB 3.0 Monitor NEC Electronics Corporation (No signature was present in the subject) NEC Electronics Corporation
mDNSResponder.exe 2,772 K 6,388 K 1812 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 3,252 K 5,124 K 740 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
GoProDeviceDetection.exe 16,632 K 13,920 K 1956 (Verified) GoPro
GfExperienceService.exe 2,656 K 6,880 K 1896 NVIDIA GeForce Experience Service NVIDIA Corporation (Verified) NVIDIA Corporation
conhost.exe 1,620 K 3,604 K 2076 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 47,208 K 49,800 K 4960 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 5,108 K 8,560 K 4808 Google Chrome Google Inc. (Verified) Google Inc
 

 

Attached Files


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Avast is doing much better than MSE:

 

 
System Idle Process 98.80 0 K 24 K 0
procexp64.exe 0.63 30,536 K 51,092 K 4788 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

Interrupts 0.20 0 K 0 K n/a Hardware Interrupts and DPCs

 

 

 

This looks really quick.  How is it running now?  The only thing I'm concerned about is the WebCacheV01.dat error.  I'm not sure how important it is.  Some people say it slows things down to a crawl while others claim it has no effect.  Let's try a new user and see if the new user has the same problem.

 

https://www.bleeping...indows-vista-7/

 

give the new user admin rights and a password.  Then clear the alarms:

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

 

Reboot then log in as the new user

 

Run VEW  post the logs.

 

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 

 


 


  • 0

#9
Sonny_D153

Sonny_D153

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Under the original admin account the games I play are taking an extremely long time to load or they do not load a all; and explorer does not work. Under the new admin account everything seem to work fine, though i have not tested everything. Here is the log you requested ran using the new account.

 

Thanks,

Alexa

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 05/12/2017 7:33:17 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/12/2017 1:24:18 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#10
Sonny_D153

Sonny_D153

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

In addition the WinPCOptimizer did not try to load, with the new account. Though it still show up in the Uninstall list.


Edited by Sonny_D153, 05 December 2017 - 07:51 PM.

  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I wonder if you can delete the file:

 

C:\Users\jp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat

 

now that you are logged in with a different logon.  Apparently this is where IE stores everything about sites it has visited so if it's not working then IE can't work. 

 


  • 0

#12
Sonny_D153

Sonny_D153

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

This is as far as I can go:

 

C:\Users\jp\AppData\Local\Microsoft\Windows

 

there is no WebCache folder.


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

See if you can make a New Folder and call it WebCache.  If the folder is hidden it won't let you make a new one.


  • 0

#14
Sonny_D153

Sonny_D153

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

You are correct the folder will not create. There is another one that has been there since 3/14/2013.


  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

right click on the

C:\Users\jp\AppData\Local\Microsoft\Windows folder and select Properties then Security.

 

Take Ownership of the folder and all of its subfolders:

 

https://technet.micr...9(v=ws.11).aspx

 

Then give yourself Full Control of the folder and its subfolders.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP