Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer running very slow


  • Please log in to reply

#1
psu88

psu88

    Member

  • Member
  • PipPip
  • 57 posts

My PC is running very slow and hangs up for minutes at a time

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017 (ATTENTION: ====> FRSTversion is 939 days old and could be outdated)
Ran by Dave (administrator) on DAVE-PC (26-06-2020 23:34:35)
Running from C:\Users\Dave\Desktop
Loaded Profiles: Dave & UpdatusUser (Available Profiles: Dave & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Facebook) C:\Users\Dave\AppData\Local\Facebook\Games\FacebookGameroom.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dassault Systèmes) C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(The CefSharp Authors) C:\Users\Dave\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\eMachines\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-19] (AVAST Software)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\eMachines\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-03-23] (SUPERAntiSpyware)
HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd)
HKU\S-1-5-21-3386438342-948231862-3273088082-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] ()
HKU\S-1-5-21-3386438342-948231862-3273088082-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\eMachines.scr [456224 2010-07-29] ()
Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-19]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Dave\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{74E2BF45-B74D-4278-A7DF-13D98932F62C}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8216FDD7-FFC6-4D7F-8804-B5273519CEAD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=odc179
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3386438342-948231862-3273088082-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3386438342-948231862-3273088082-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2020-06-16] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2020-06-16] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2020-06-16] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2020-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2020-04-20] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2020-06-16] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2020-06-16] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2020-04-20] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: fdmhm4o8.default-1460756312416
FF ProfilePath: Profiles/fdmhm4o8.default-1460756312416 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416 [2020-06-26]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416\Extensions\[email protected] [2020-04-30]
FF Extension: (Avast Online Security) - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416\Extensions\[email protected] [2020-06-17]
FF Extension: (DoH Roll-Out) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2020-06-03] [not signed]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2020-06-03] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-27] [Lagacy] [not signed]
FF HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2020-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2020-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-08-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-26] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-26] (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3386438342-948231862-3273088082-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dave\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3386438342-948231862-3273088082-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default [2020-04-25]
CHR Extension: (Avast Online Security) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-10] (SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-19] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-19] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-09] (AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\83.0.4529.97\elevation_service.exe [1062576 2020-06-04] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3051928 2020-05-12] (Microsoft Corporation)
R2 DraftSight API Service; C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [78336 2012-07-07] (Dassault Systèmes) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\elevation_service.exe [1052656 2020-06-19] (Google LLC)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-19] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [19456 2014-05-08] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (LG Electronics Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-19] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-19] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-19] (AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-04-20] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-19] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-19] (AVAST Software)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-06-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-06] (Malwarebytes)
S3 mr7910; C:\Windows\System32\DRIVERS\mr7910.sys [55808 2007-03-16] (Mars Semiconductor Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Apple, Inc.) [File not signed]
S3 WacHidRouterPro; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Windows\SysWOW64\mfc100enu.dll"
Error(1) reading file: "C:\Windows\SysWOW64\ifc100esn.dll"
2020-06-26 23:34 - 2020-06-26 23:36 - 000022160 _____ C:\Users\Dave\Desktop\FRST.txt
2020-06-26 23:28 - 2020-06-26 23:28 - 002290688 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2020-06-26 22:54 - 2020-06-26 23:31 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-06-07 23:18 - 2020-06-07 23:18 - 024166400 _____ C:\Program Files (x86)\GUT31DC.tmp
2020-06-07 23:18 - 2020-06-07 23:18 - 000000000 ____D C:\Program Files (x86)\GUM31BC.tmp
2020-06-07 18:18 - 2020-06-07 18:18 - 024166400 _____ C:\Program Files (x86)\GUT43C1.tmp
2020-06-07 18:18 - 2020-06-07 18:18 - 000000000 ____D C:\Program Files (x86)\GUM43A1.tmp
2020-06-07 12:20 - 2020-06-07 12:20 - 024166400 _____ C:\Program Files (x86)\GUT14BF.tmp
2020-06-07 12:20 - 2020-06-07 12:20 - 000000000 ____D C:\Program Files (x86)\GUM14BE.tmp
2020-06-06 21:49 - 2020-06-06 21:49 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-06-06 21:19 - 2020-06-06 21:19 - 024166400 _____ C:\Program Files (x86)\GUTFC00.tmp
2020-06-06 21:19 - 2020-06-06 21:19 - 000000000 ____D C:\Program Files (x86)\GUMFBFF.tmp
2020-06-06 16:10 - 2020-06-06 16:10 - 024166400 _____ C:\Program Files (x86)\GUTB6D0.tmp
2020-06-06 16:10 - 2020-06-06 16:10 - 000000000 ____D C:\Program Files (x86)\GUMB6CF.tmp
2020-06-05 21:03 - 2020-06-05 21:03 - 024166400 _____ C:\Program Files (x86)\GUT51E1.tmp
2020-06-05 21:03 - 2020-06-05 21:03 - 000000000 ____D C:\Program Files (x86)\GUM51E0.tmp
2020-06-04 21:45 - 2020-06-04 21:45 - 024166400 _____ C:\Program Files (x86)\GUT3F9F.tmp
2020-06-04 21:45 - 2020-06-04 21:45 - 000000000 ____D C:\Program Files (x86)\GUM3F9E.tmp
2020-06-03 21:07 - 2020-06-13 10:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-05-28 20:50 - 2020-05-28 20:50 - 001861807 _____ C:\Users\Dave\Desktop\RPFBBJ01_manual.pdf
2020-05-28 20:46 - 2020-05-28 20:46 - 001861789 _____ C:\Users\Dave\Downloads\RPFBBJ01_manual.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-26 23:34 - 2015-08-04 22:09 - 000000000 ____D C:\FRST
2020-06-26 23:31 - 2009-07-14 00:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-26 23:31 - 2009-07-14 00:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-26 23:22 - 2020-05-19 22:47 - 000003132 _____ C:\Windows\System32\Tasks\{6AF7519B-0DAE-4932-BFDF-3F6EEEAE38E2}
2020-06-26 23:22 - 2020-04-20 22:28 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2020-06-26 23:22 - 2015-12-03 17:59 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2020-06-26 23:22 - 2013-06-21 22:23 - 000003138 _____ C:\Windows\System32\Tasks\{119550F2-DA53-447E-8FBF-4D4385C41223}
2020-06-26 23:22 - 2012-09-29 10:31 - 000003908 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA
2020-06-26 23:22 - 2012-09-29 10:31 - 000003540 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core
2020-06-26 23:22 - 2012-09-29 10:31 - 000000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA.job
2020-06-26 23:22 - 2012-09-29 10:31 - 000000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core.job
2020-06-26 23:22 - 2012-03-23 23:08 - 000003334 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2020-06-26 23:22 - 2012-03-23 23:08 - 000003206 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2020-06-26 23:21 - 2020-04-20 22:28 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2020-06-26 23:21 - 2019-08-09 19:18 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2020-06-26 23:21 - 2019-02-22 23:31 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2020-06-26 23:21 - 2018-03-14 19:30 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-26 21:57 - 2016-11-18 07:16 - 000000000 ____D C:\Users\Dave\AppData\LocalLow\Mozilla
2020-06-25 17:08 - 2017-06-02 18:21 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2020-06-22 18:19 - 2018-06-09 12:11 - 000000000 ____D C:\Users\Dave\AppData\Local\AVAST Software
2020-06-22 18:16 - 2018-12-05 01:36 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-06-22 18:16 - 2011-11-18 21:46 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-22 18:15 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-22 16:53 - 2012-03-23 23:13 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-22 16:53 - 2012-03-23 23:13 - 000002152 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-20 16:14 - 2012-08-06 19:20 - 000000000 ____D C:\Users\Dave\Documents\My Drawings
2020-06-17 18:14 - 2020-03-11 19:02 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-06-17 18:14 - 2018-06-09 12:15 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-06-17 18:14 - 2018-06-09 12:15 - 000002355 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-06-16 17:13 - 2013-08-02 22:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-16 17:12 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2020-06-16 17:10 - 2013-08-02 21:58 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-06-13 10:59 - 2013-04-14 03:04 - 000000000 ____D C:\Users\UpdatusUser
2020-06-13 10:54 - 2018-12-11 23:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-09 20:03 - 2012-03-30 23:09 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-09 20:03 - 2012-03-15 22:27 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-09 20:03 - 2012-03-15 22:27 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-09 20:03 - 2011-03-31 05:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-06-04 21:56 - 2016-03-28 14:59 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 21:45 - 2013-04-14 10:55 - 000007924 _____ C:\Windows\wininit.ini

==================== Files in the root of some directories =======

2020-04-20 23:00 - 2020-04-20 23:00 - 000000472 _____ () C:\Program Files (x86)\0420202023004583.bat
2020-06-07 12:20 - 2020-06-07 12:20 - 024166400 _____ () C:\Program Files (x86)\GUT14BF.tmp
2020-06-07 23:18 - 2020-06-07 23:18 - 024166400 _____ () C:\Program Files (x86)\GUT31DC.tmp
2020-06-04 21:45 - 2020-06-04 21:45 - 024166400 _____ () C:\Program Files (x86)\GUT3F9F.tmp
2020-06-07 18:18 - 2020-06-07 18:18 - 024166400 _____ () C:\Program Files (x86)\GUT43C1.tmp
2020-06-05 21:03 - 2020-06-05 21:03 - 024166400 _____ () C:\Program Files (x86)\GUT51E1.tmp
2020-06-06 16:10 - 2020-06-06 16:10 - 024166400 _____ () C:\Program Files (x86)\GUTB6D0.tmp
2020-06-06 21:19 - 2020-06-06 21:19 - 024166400 _____ () C:\Program Files (x86)\GUTFC00.tmp
2013-11-03 18:20 - 2014-06-26 17:47 - 000000035 _____ () C:\Users\Dave\AppData\Roaming\WB.CFG
2013-12-31 14:01 - 2014-01-03 13:38 - 000000005 _____ () C:\Users\Dave\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-11-03 18:20 - 2014-02-01 01:41 - 000000005 _____ () C:\Users\Dave\AppData\Roaming\WBPU-TTL.DAT

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\mfc100enu.dll
C:\Windows\SysWOW64\ifc100esn.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2020-04-28 17:55

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Dave (26-06-2020 23:37:01)
Running from C:\Users\Dave\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-03-16 01:00:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3386438342-948231862-3273088082-500 - Administrator - Disabled)
Dave (S-1-5-21-3386438342-948231862-3273088082-1001 - Administrator - Enabled) => C:\Users\Dave
Guest (S-1-5-21-3386438342-948231862-3273088082-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3386438342-948231862-3273088082-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-3386438342-948231862-3273088082-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 83.0.4529.97 - AVAST Software)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6200 (HKLM-x32\...\{F631F1BE-00B0-49CF-8DFB-9885975B27CD}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
C6200_Help (HKLM-x32\...\{162d74e4-7d6d-4949-8018-50e96e314696}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DraftSight (HKLM-x32\...\{8EBF1B19-7756-42E5-A663-93ACB1D1FEA8}) (Version: 9.1.173 - Dassault Systemes)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0221.2011 - Acer Incorporated)
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Text Pad (HKLM-x32\...\Free Text Pad) (Version: 1.0 - Zenith Technology Limited)
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (HKLM-x32\...\{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (HKLM-x32\...\{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (HKLM-x32\...\{B28635AB-1DF3-4F07-BFEA-975D911B549B}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.11.3.0 - LG Electronics)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5249.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6684 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PS_AIO_02_ProductContext (HKLM-x32\...\{B4B2096B-B13E-408E-8985-BD07463D5487}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (HKLM-x32\...\{94F8D42D-BB31-4858-9705-7D756D8D9655}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{685B0843-6C8D-4E42-B60D-2B86B45526E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1146 - SUPERAntiSpyware.com)
tconnect Uploader (HKLM-x32\...\{9BA100BF-B59D-4657-9530-891B6EE24E31}) (Version: 2.4.13 - Tandem Diabetes Care, Inc.) Hidden
tconnect Uploader (HKLM-x32\...\InstallShield_{9BA100BF-B59D-4657-9530-891B6EE24E31}) (Version: 2.4.13 - Tandem Diabetes Care, Inc.)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Codec Pack (HKLM-x32\...\Windows Codec Pack11.041.44) (Version: 11.041.44 - Media Codecs Interactive)
Windows Driver Package - Abbott Labs (ADC) (ABB3410) Ports  (08/20/2010 6.1.7600.16385) (HKLM\...\EAABA618D0DC9DE364FD2DC5275356D95D21738D) (Version: 08/20/2010 6.1.7600.16385 - Abbott Labs (ADC))
Windows Driver Package - LifeScan Inc (silabenm) Ports  (04/24/2012 6.5.3.0) (HKLM\...\85826CFA743E51588AB2C35697F31CFB103E00AD) (Version: 04/24/2012 6.5.3.0 - LifeScan Inc)
Windows Driver Package - Prolific (Ser2pl) Ports  (04/02/2012 3.4.31.231) (HKLM\...\59FB067CC32267218DA603A4E568117953CD31C1) (Version: 04/02/2012 3.4.31.231 - Prolific)
Windows Driver Package - STMicroelectronics (usbser) Ports  (06/08/2010 1.00.0000.1) (HKLM\...\A54597F056F4EDE2433F3CB842410A4F5171F1E5) (Version: 06/08/2010 1.00.0000.1 - STMicroelectronics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2013-11-20] (Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-31] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F5B9D0B-4544-4129-AFEC-BC4BE17B351D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2020-06-16] (Microsoft Corporation)
Task: {161821B0-2D54-434D-A6CC-F802D634B276} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2020-03-19] (Piriform Software Ltd)
Task: {2602C6AC-EA7D-485D-BBA0-3E53780BDCCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2759C0AF-19B8-415A-922B-B0FB86BFDB2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-02-25] (Adobe Systems)
Task: {2C07DD9F-7E8B-407C-B334-EB38C6EC06DA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2020-05-01] (Piriform Software Ltd)
Task: {2E5F3393-B2EC-4A7F-9FE5-7EE55CE005B4} - System32\Tasks\{119550F2-DA53-447E-8FBF-4D4385C41223} => C:\Windows\system32\pcalua.exe -a C:\Users\Dave\Downloads\SpyHunter-Installer.exe -d C:\Users\Dave\Downloads
Task: {40421BFC-F4F2-4EDC-A218-6EA64DD7EC37} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {680A34B3-B27D-46B5-86CC-2C48DCB8B24D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-29] (Facebook Inc.)
Task: {68A55FCA-A045-4967-AB34-F38380030BA2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6B8A45AD-3821-4632-A893-ACCA90A8292C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2020-04-19] (AVAST Software)
Task: {8B532580-7124-4BD9-8FEC-6F3831E5F0EE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-29] (Facebook Inc.)
Task: {91E8DB34-9BB3-4165-9DA0-540A2FD0A5B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2020-06-16] (Microsoft Corporation)
Task: {9331F427-E284-4605-B093-3E1AEEBF55DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2020-05-12] (Microsoft Corporation)
Task: {99F6599F-1694-443A-8D09-333C85DE0290} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2020-06-04] (AVAST Software)
Task: {9DDD43A7-20E2-47FA-89DC-C1D0EBD47DF6} - System32\Tasks\{6AF7519B-0DAE-4932-BFDF-3F6EEEAE38E2} => C:\Windows\system32\pcalua.exe -a C:\Users\Dave\Downloads\FacebookGameroom.exe -d C:\Users\Dave\Downloads
Task: {A5B9F4F0-365D-4776-B7C2-0EBDA23A0C71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-06-09] (Adobe)
Task: {A74A3273-7518-4420-8468-7EA25CE72266} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-09] (AVAST Software) <==== ATTENTION
Task: {B09B01C2-5494-44ED-B044-64CA209FEABA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2020-02-27] (Avast Software)
Task: {C7479F58-8BDC-45CF-9D4F-AB1EF182223D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {DB441C9E-7481-4FCD-9BFD-F39B104BD891} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [2020-06-09] (Adobe)
Task: {E4020714-41E7-49DE-A56B-44DF1110173C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2020-05-12] (Microsoft Corporation)
Task: {F42D1F34-9066-4805-8EFD-4AF10C34B03C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2020-06-04] (AVAST Software)
Task: {F959764E-043B-46BA-8356-084DEB917C95} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-09] (AVAST Software) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core.job => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA.job => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Dave\Desktop\Stuff\Netflix.lnk -> C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe () -> hxxp://homepage.emachines.com/redirect.aspx?rid=09000003

==================== Loaded Modules (Whitelisted) ==============

2013-04-14 03:03 - 2013-01-31 05:25 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-24 06:28 - 2017-01-31 08:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2020-02-25 23:02 - 2020-02-25 23:02 - 108869848 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-22 16:09 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-01-18 21:08 - 2011-01-18 21:08 - 000620136 _____ () C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
2009-08-10 20:01 - 2009-08-10 20:01 - 000626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-10 20:00 - 2009-08-10 20:00 - 000070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-10 20:01 - 2009-08-10 20:01 - 000578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2019-07-01 22:49 - 2020-06-06 21:48 - 002740848 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2009-08-10 20:01 - 2009-08-10 20:01 - 000206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2020-03-19 07:08 - 2020-03-19 07:08 - 000055480 _____ () C:\Program Files\CCleaner\branding.dll
2020-04-19 20:35 - 2020-04-19 20:35 - 003636944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtANGLE.dll
2020-02-25 23:02 - 2020-02-25 23:02 - 002694872 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2020-02-25 23:02 - 2020-02-25 23:02 - 000167128 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 001184256 _____ () C:\Users\Dave\AppData\Local\Facebook\Games\CefSharp.Core.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 071641088 _____ () C:\Users\Dave\AppData\Local\Facebook\Games\libcef.dll
2011-01-18 21:08 - 2011-01-18 21:08 - 000151656 _____ () C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyHook.dll
2012-07-07 07:01 - 2012-07-07 07:01 - 000948144 _____ () C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\QtNetwork4.dll
2012-07-07 07:01 - 2012-07-07 07:01 - 002623408 _____ () C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\QtCore4.dll
2012-07-07 07:01 - 2012-07-07 07:01 - 000387505 _____ () C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\QtXml4.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000774656 _____ () C:\Users\Dave\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 003149824 _____ () C:\Users\Dave\AppData\Local\Facebook\Games\libglesv2.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000078848 _____ () C:\Users\Dave\AppData\Local\Facebook\Games\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2019-04-13 13:20 - 000000044 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3386438342-948231862-3273088082-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Fitbit Connect => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Fitbit Connect => "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8739928A-BE5C-446C-B0E0-4291BB78FAA6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{944F18B4-2348-462B-A994-C69B20A15319}] => (Allow) LPort=2869
FirewallRules: [{3A686F86-81C7-4476-AD0A-B76C59948B24}] => (Allow) LPort=1900
FirewallRules: [{8ED5BDF2-34CD-49E0-A5AF-3DCB31E17385}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{70D0560B-B11B-41EE-824F-50BCCD82E82E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{460FB2F0-7C44-42B8-905E-A73E4A177E0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{209C159F-6500-4288-A31C-0D41277EACEA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B6D024A5-3E7D-4E3C-9A71-166E9ACA641D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{FE9178A9-0B5D-4950-83C4-328DF58FE6DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{059A8E39-AF51-460D-910B-275CA11D7DEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E4FB83D0-9104-4F55-B6CD-536DE8D14762}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A7DDCAC9-E9C4-46F1-AB2D-39010E1DC066}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{F6804E05-4415-4E7B-9E4E-EEE128791AB4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{4E0B0301-AED7-4449-B958-12E05DEED4E7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{6B50C10F-4892-49A1-8810-FC55392BE24D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{ED3656DB-3BF0-457C-91DE-89F919017AE6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{3534C275-82B8-4DB5-AF20-42AA94BA0E3E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5EB8C8FC-2953-4B5E-B636-EA33E5A2E5E9}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{059E02F3-80B1-484B-9352-E99E87288501}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{56D85588-A90A-47EA-927E-F77099A5D48E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{392AAC56-9EB6-40CE-B53E-D3353D19871E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0928A0D9-BC84-4D3A-B135-937E3D4C8DF9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{7EF279E3-B97F-4320-9109-632D00264BFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{13F52B63-340E-4424-8D31-8F1E9960B42C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{CDDFF6C8-D9BD-44FB-84A0-CCA6330A63C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{230F1142-A337-47B6-9622-08F8C4910C80}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{663AADDC-1E16-41F2-AEEC-34D9264798AD}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D910256B-6A2C-4329-A0FA-52B916D5F3D8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E43D8AF-D74E-4294-A87F-42E94CABA106}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DAA705F5-51CE-4405-A583-8DF9FA92D550}] => (Allow) C:\Users\Dave\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{11C0E1CD-8821-42FF-B031-1D4317E788C7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{DDDF1E9C-1547-4C13-97CA-7EB44C8A6252}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{8D0BB555-1B26-4D4D-9A6E-BD806D040994}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{93D49B60-9CA6-4639-AD86-476ECDFD7C52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C38082AE-CF34-4026-B084-24C9A48AC7D7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7C3F415C-FD47-478B-8EB7-5A39EF58D481}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{58331FDA-30E3-4D6A-A529-F6FD4BF9B592}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0C0554F3-3186-4E75-B019-826788792A84}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{8E1D47A8-2900-45CA-8E00-D28857D18EC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

03-01-2017 00:09:20 Scheduled Checkpoint
11-01-2017 04:01:13 Windows Update
23-02-2017 04:01:17 Windows Update
15-03-2017 03:01:22 Windows Update
13-04-2017 03:01:44 Windows Update
11-05-2017 03:01:48 Windows Update
14-05-2017 03:01:54 Windows Update
21-05-2017 16:08:55 Scheduled Checkpoint
23-05-2017 03:01:15 Windows Update
15-06-2017 03:01:41 Windows Update
13-07-2017 03:01:22 Windows Update
04-08-2017 22:43:04 Scheduled Checkpoint
09-08-2017 03:00:28 Windows Update
10-08-2017 03:00:32 Windows Update
13-09-2017 03:01:58 Windows Update
11-10-2017 03:01:34 Windows Update
04-11-2017 20:15:35 Removed Bonjour
04-11-2017 20:18:30 Removed Apple Application Support
04-11-2017 20:19:48 Removed Apple Mobile Device Support
04-11-2017 20:21:17 Removed Apple Software Update
04-11-2017 20:22:56 Removed iTunes
14-11-2017 18:10:29 Windows Update
15-11-2017 04:01:19 Windows Update
26-11-2017 14:18:08 Scheduled Checkpoint
04-12-2017 20:29:58 Removed Java 8 Update 25
04-12-2017 20:36:53 Removed Java 8 Update 31
04-12-2017 20:39:13 Removed Java 8 Update 111
04-12-2017 21:21:50 Restore Point Created by FRST
12-01-2018 08:03:27 Scheduled Checkpoint
07-04-2018 22:39:01 Scheduled Checkpoint
01-05-2018 21:37:19 Scheduled Checkpoint
20-07-2018 15:40:31 Scheduled Checkpoint
28-07-2018 00:00:05 Scheduled Checkpoint
13-09-2018 18:40:49 Scheduled Checkpoint
27-09-2018 15:04:25 Scheduled Checkpoint
09-10-2018 00:53:43 Scheduled Checkpoint
20-11-2018 07:28:30 Scheduled Checkpoint
19-12-2018 00:49:31 Scheduled Checkpoint
20-03-2019 23:36:59 Scheduled Checkpoint
01-06-2019 00:29:01 Scheduled Checkpoint
15-06-2019 23:26:47 Scheduled Checkpoint
17-07-2019 22:49:51 Scheduled Checkpoint
31-07-2019 12:38:22 Scheduled Checkpoint
08-08-2019 18:53:55 Scheduled Checkpoint
23-09-2019 21:41:10 Installed tconnect Uploader
26-10-2019 02:11:20 Scheduled Checkpoint
15-11-2019 00:52:47 Scheduled Checkpoint
14-12-2019 04:53:06 Scheduled Checkpoint
22-12-2019 03:55:48 Scheduled Checkpoint
01-02-2020 05:45:05 Scheduled Checkpoint
16-02-2020 01:26:11 Scheduled Checkpoint
29-03-2020 20:44:40 AdwCleaner_BeforeCleaning_29/03/2020_20:43:51
07-04-2020 11:35:39 Scheduled Checkpoint
20-04-2020 22:57:56 Removed Evernote v. 4.5.1
20-04-2020 23:01:43 Removed Fitbit Connect
20-04-2020 23:08:07 Removed Gtk# for .Net 2.12.26
20-04-2020 23:26:24 Removed Nero DiscSpeed 10.
20-04-2020 23:30:49 Removed Nero Express 10.
20-04-2020 23:32:55 Removed Nero Multimedia Suite 10 Essentials.
20-04-2020 23:38:28 Removed Norton Online Backup
20-04-2020 23:44:04 Removed Times Reader
28-04-2020 17:59:10 Scheduled Checkpoint
03-06-2020 18:44:54 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Photosmart C6300 series
Description: Photosmart C6300 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart C6200 series
Description: Photosmart C6200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2020 11:18:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/26/2020 10:18:21 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/26/2020 09:50:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/26/2020 07:23:57 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/26/2020 03:18:14 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/26/2020 03:15:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/26/2020 03:14:37 PM) (Source: Google Update) (EventID: 20) (User: Dave-PC)
Description: Event-ID 20

Error: (06/26/2020 10:35:47 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/25/2020 11:18:20 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/25/2020 10:18:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.


System errors:
=============
Error: (06/26/2020 11:32:35 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/26/2020 11:32:35 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: Hitachi HDS721010CLA332

Firmware Version: JP4O

Serial Number:       JP2940J83HKPGV

Port: 0

Error: (06/26/2020 11:32:32 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/26/2020 11:32:32 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: Hitachi HDS721010CLA332

Firmware Version: JP4O

Serial Number:       JP2940J83HKPGV

Port: 0

Error: (06/26/2020 10:38:53 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/26/2020 10:38:53 AM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: Hitachi HDS721010CLA332

Firmware Version: JP4O

Serial Number:       JP2940J83HKPGV

Port: 0

Error: (06/25/2020 05:11:44 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/25/2020 05:11:44 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: Hitachi HDS721010CLA332

Firmware Version: JP4O

Serial Number:       JP2940J83HKPGV

Port: 0

Error: (06/24/2020 03:38:20 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/24/2020 03:38:20 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: Hitachi HDS721010CLA332

Firmware Version: JP4O

Serial Number:       JP2940J83HKPGV

Port: 0


CodeIntegrity:
===================================
  Date: 2016-09-01 17:49:07.766
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-01 17:49:07.563
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-29 15:32:24.436
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-29 15:32:24.358
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-24 12:30:08.672
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-24 12:30:08.173
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-19 11:39:16.170
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-19 11:39:16.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-10 03:32:39.735
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-08-10 03:32:39.532
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon™ II X2 220 Processor
Percentage of memory in use: 77%
Total physical RAM: 2815.37 MB
Available physical RAM: 620.79 MB
Total Virtual: 5628.92 MB
Available Virtual: 2333.8 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:409.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 35D5C1F3)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP
Error: (06/26/2020 11:32:35 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

 

1. Double-click (My) Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc.  This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

Copy the next two lines:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt
notepad %UserProfile%\desktop\junk.txt


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close nOtepad.  Close the Command Window.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

 

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 


 


  • 0

#3
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 27/06/2020 4:21:35 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/06/2020 7:47:27 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Log: 'System' Date/Time: 27/06/2020 7:19:24 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.

Log: 'System' Date/Time: 27/06/2020 7:15:08 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Media Player Network Sharing Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 27/06/2020 7:15:08 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

Log: 'System' Date/Time: 27/06/2020 7:14:05 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Client Virtualization Handler service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 27/06/2020 7:14:05 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Client Virtualization Handler service to connect.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/06/2020 7:48:11 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.attlocal.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 27/06/2020 7:47:54 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.attlocal.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 27/06/2020 7:46:25 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.attlocal.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 27/06/2020 7:14:29 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MULTI-CARD&REV_1.00#20071114173400000&0#.

Log: 'System' Date/Time: 27/06/2020 7:12:56 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.


Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 27/06/2020 4:23:54 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/06/2020 8:18:20 PM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Avast Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 27/06/2020 7:19:38 PM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Avast Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 27/06/2020 7:14:07 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 27/06/2020 7:13:18 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=D80}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: DAVE-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 27/06/2020 7:13:10 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=D80}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 27/06/2020 7:10:13 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-3386438342-948231862-3273088082-1001_Classes:
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001_CLASSES


Log: 'Application' Date/Time: 27/06/2020 7:10:08 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   52 user registry handles leaked from \Registry\User\S-1-5-21-3386438342-948231862-3273088082-1001:
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\trust
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\trust
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\Disallowed
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Avast Software\Avast
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\Root
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\Root
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\TrustedPeople
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Policies\Microsoft\SystemCertificates
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Internet Explorer\Main
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Internet Explorer\Main\FeatureControl
Process 1120 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Internet Explorer\EUPP Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\My
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\My
Process 2260 (\Device\HarddiskVolume3\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\CA
Process 2180 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\SystemCertificates\CA



 


  • 0

#4
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    87.58    0 K    24 K    0            
procexp64.exe    4.02    32,264 K    55,408 K    5328    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    1.43    39,256 K    47,752 K    1464    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    1.22    13,356 K    43,396 K    6528    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe    1.16    184,472 K    337,424 K    6392    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
AvastUI.exe    1.08    29,596 K    34,672 K    1764    Avast Antivirus    AVAST Software    (Verified) Avast Software s.r.o.
Interrupts    0.80    0 K    0 K    n/a    Hardware Interrupts and DPCs        
svchost.exe    0.65    11,164 K    12,792 K    464    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
SeaPort.EXE    0.46    4,280 K    3,772 K    2896    Microsoft SeaPort Search Enhancement Broker    Microsoft Corporation    (Verified) Microsoft Corporation
AvastSvc.exe    0.30    119,848 K    40,968 K    1332    Avast Service    AVAST Software    (Verified) Avast Software s.r.o.
System    0.29    460 K    1,060 K    4            
aswEngSrv.exe    0.13    53,340 K    74,832 K    3936    Avast Antivirus engine server    AVAST Software    (Verified) Avast Software s.r.o.
explorer.exe    0.13    48,284 K    67,176 K    1488    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.12    20,200 K    14,728 K    1020    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.10    7,932 K    8,800 K    556    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.10    20,000 K    10,848 K    1204    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.09    24,596 K    25,292 K    560    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.07    137,320 K    236,620 K    1408    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SUPERANTISPYWARE.EXE    0.06    16,072 K    1,700 K    1708    SUPERAntiSpyware Application    SUPERAntiSpyware    (Verified) Support.com Inc
svchost.exe    0.04    7,044 K    7,152 K    2428    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVC.EXE    0.03    7,216 K    3,024 K    1036    Microsoft® Windows Live ID Service    Microsoft Corp.    (Verified) Microsoft Corporation
SearchIndexer.exe    0.03    25,616 K    11,176 K    3224    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
FacebookGameroom.exe    0.03    28,068 K    15,256 K    1944    FacebookGameroom    Facebook    (Verified) Facebook, Inc.
daemonu.exe    0.01    2,772 K    1,676 K    5216    NVIDIA Settings Update Manager    NVIDIA Corporation    (Verified) NVIDIA Corporation
SASCORE64.EXE    0.01    1,968 K    776 K    2236    Core Service    SUPERAntiSpyware.com    (Verified) SUPERAntiSpyware.com
svchost.exe    0.01    5,208 K    5,740 K    916    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.01    3,712 K    2,932 K    4752    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
taskhost.exe    0.01    7,316 K    2,452 K    1412    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
mbamtray.exe    < 0.01    25,724 K    9,000 K    3584    Malwarebytes Tray Application    Malwarebytes    (Verified) Malwarebytes Inc
wmpnetwk.exe    < 0.01    11,676 K    6,988 K    6128    Windows Media Player Network Sharing Service    Microsoft Corporation    (Verified) Microsoft Windows
aswidsagent.exe    < 0.01    24,276 K    20,376 K    196    Avast Software Analyzer    AVAST Software    (Verified) Avast Software s.r.o.
officeclicktorun.exe    < 0.01    28,476 K    11,552 K    2304    Microsoft Office Click-to-Run    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    148,836 K    138,184 K    1072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
nvvsvc.exe    < 0.01    5,172 K    3,356 K    1164    NVIDIA Driver Helper Service, Version 307.83    NVIDIA Corporation    (Verified) NVIDIA Corporation
MBAMService.exe    < 0.01    23,532 K    16,324 K    3176    Malwarebytes Service    Malwarebytes    (Verified) Malwarebytes Inc
WUDFHost.exe        1,892 K    1,304 K    5476    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        2,820 K    6,960 K    1804    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVCM.EXE        1,196 K    304 K    3168    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.    (Verified) Microsoft Corporation
winlogon.exe        2,832 K    1,484 K    612    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,464 K    240 K    536    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows
UpdaterService.exe        1,128 K    824 K    2588    Updater Service    Acer Incorporated    (Verified) Acer Incorporated
unsecapp.exe        1,492 K    1,780 K    5936    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
taskeng.exe        1,944 K    5,632 K    6780    Task Scheduler Engine    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        11,228 K    10,560 K    5876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        7,264 K    7,464 K    284    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        1,664 K    812 K    1088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,108 K    2,260 K    2368    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        15,360 K    13,608 K    2072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,384 K    3,928 K    788    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,748 K    1,788 K    2552    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,132 K    2,432 K    132    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,460 K    3,152 K    5180    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
spoolsv.exe        7,812 K    4,936 K    996    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        480 K    312 K    332    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows
sftvsa.exe        1,396 K    380 K    2324    Microsoft Application Virtualization Virtual Service Agent    Microsoft Corporation    (Verified) Microsoft Corporation
sftlist.exe        6,456 K    2,716 K    3428    Microsoft Application Virtualization Client Service    Microsoft Corporation    (Verified) Microsoft Corporation
services.exe        8,152 K    6,272 K    648    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows
RAVCpl64.exe        8,944 K    2,436 K    1620    Realtek HD Audio Manager    Realtek Semiconductor    (A certificate was explicitly revoked by its issuer) Realtek Semiconductor
procexp.exe        3,912 K    8,260 K    4804    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
OSPPSVC.EXE        3,096 K    10,668 K    2460    Microsoft Office Software Protection Platform Service    Microsoft Corporation    (Verified) Microsoft Corporation
nvxdsync.exe        7,560 K    9,384 K    1156    NVIDIA User Experience Driver Component    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvvsvc.exe        2,540 K    3,112 K    876    NVIDIA Driver Helper Service, Version 307.83    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvtray.exe        8,328 K    5,484 K    1992    NVIDIA Settings    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvSCPAPISvr.exe        2,488 K    1,036 K    2192    Stereo Vision Control Panel API Server    NVIDIA Corporation    (Verified) NVIDIA Corporation
nSvcIp.exe        2,744 K    4,300 K    3400    NVIDIA Corporation        (Verified) NVIDIA Corporation
nSvcAppFlt.exe        2,060 K    1,728 K    2484    app_filter Module        (Verified) NVIDIA Corporation
lsm.exe        2,568 K    2,032 K    676    Local Session Manager Service    Microsoft Corporation    (Verified) Microsoft Windows
lsass.exe        5,948 K    7,652 K    668    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows
jusched.exe        2,628 K    528 K    2288    Java Update Scheduler    Oracle Corporation    (Verified) Oracle America, Inc.
jucheck.exe        6,104 K    4,280 K    4888    Java Update Checker    Oracle Corporation    (Verified) Oracle America, Inc.
HotkeyUtility.exe        7,600 K    2,732 K    2024    Hotkey Utility        (Verified) Acer Incorporated
GREGsvc.exe        824 K    264 K    2512    Global Registration Service    Acer Incorporated    (Verified) Acer Incorporated
GoogleCrashHandler64.exe        1,456 K    352 K    4128    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler.exe        1,416 K    528 K    4112    Google Crash Handler    Google LLC    (Verified) Google LLC
firefox.exe        45,092 K    77,204 K    6728    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        54,944 K    104,588 K    1444    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        19,784 K    35,888 K    2628    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Facebook Gameroom Browser.exe        41,860 K    2,292 K    2084    Facebook Gameroom Browser    The CefSharp Authors    (Verified) Facebook, Inc.
dsHttpApiService.exe        2,292 K    756 K    2400    DraftSight API Service    Dassault Systèmes    (No signature was present in the subject) Dassault Systèmes
dllhost.exe        2,536 K    1,900 K    6000    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        2,448 K    2,220 K    496    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
AvastUI.exe        11,384 K    5,364 K    5084    Avast Antivirus    AVAST Software    (Verified) Avast Software s.r.o.
AvastBrowserCrashHandler64.exe        1,556 K    476 K    4120    Avast Browser Update    AVAST Software    (Verified) AVAST Software s.r.o.
AvastBrowserCrashHandler.exe        1,532 K    528 K    4100    Avast Browser Update    AVAST Software    (Verified) AVAST Software s.r.o.
audiodg.exe        17,328 K    18,120 K    3648    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
armsvc.exe        1,120 K    328 K    2260    Adobe Acrobat Update Service    Adobe Systems    (Verified) Adobe Inc.


 


  • 0

#5
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       332 N/A                                         
csrss.exe                      496 N/A                                         
wininit.exe                    536 N/A                                         
csrss.exe                      556 N/A                                         
winlogon.exe                   612 N/A                                         
services.exe                   648 N/A                                         
lsass.exe                      668 KeyIso, SamSs                               
lsm.exe                        676 N/A                                         
svchost.exe                    788 DcomLaunch, PlugPlay, Power                 
nvvsvc.exe                     876 nvsvc                                       
svchost.exe                    916 RpcEptMapper, RpcSs                         
svchost.exe                   1020 AudioSrv, Dhcp, eventlog,                   
                                   HomeGroupProvider, lmhosts, wscsvc          
svchost.exe                    284 AudioEndpointBuilder, HomeGroupListener,    
                                   Netman, PcaSvc, TrkWks, UxSms, WPDBusEnum,  
                                   wudfsvc                                     
svchost.exe                    464 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, WdiServiceHost, WinHttpAutoProxySvc    
svchost.exe                    560 Appinfo, BITS, Browser, gpsvc, IKEEXT,      
                                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,     
                                   Schedule, SENS, ShellHWDetection, Themes,   
                                   Winmgmt, wuauserv                           
nvxdsync.exe                  1156 N/A                                         
nvvsvc.exe                    1164 N/A                                         
svchost.exe                   1204 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
AvastSvc.exe                  1332 avast! Antivirus                            
dwm.exe                       1464 N/A                                         
explorer.exe                  1488 N/A                                         
RAVCpl64.exe                  1620 N/A                                         
SUPERANTISPYWARE.EXE          1708 N/A                                         
AvastUI.exe                   1764 N/A                                         
FacebookGameroom.exe          1944 N/A                                         
nvtray.exe                    1992 N/A                                         
HotkeyUtility.exe             2024 N/A                                         
spoolsv.exe                    996 Spooler                                     
taskhost.exe                  1412 N/A                                         
svchost.exe                   2072 BFE, DPS, MpsSvc                            
SASCORE64.EXE                 2236 !SASCORE                                    
armsvc.exe                    2260 AdobeARMservice                             
jusched.exe                   2288 N/A                                         
officeclicktorun.exe          2304 ClickToRunSvc                               
svchost.exe                   2368 DiagTrack                                   
dsHttpApiService.exe          2400 DraftSight API Service                      
svchost.exe                   2428 FDResPub, SSDPSRV, upnphost                 
nSvcAppFlt.exe                2484 ForceWare Intelligent Application Manager (I
                                   AM)                                         
GREGsvc.exe                   2512 GREGService                                 
svchost.exe                   2552 hpqcxs08, hpqddsvc                          
UpdaterService.exe            2588 Live Updater Service                        
SeaPort.EXE                   2896 SeaPort                                     
sftvsa.exe                    2324 sftvsa                                      
nvSCPAPISvr.exe               2192 Stereo Service                              
svchost.exe                    132 stisvc                                      
svchost.exe                   1072 SysMain                                     
WLIDSVC.EXE                   1036 wlidsvc                                     
WLIDSVCM.EXE                  3168 N/A                                         
MBAMService.exe               3176 MBAMService                                 
nSvcIp.exe                    3400 nSvcIp                                      
sftlist.exe                   3428 sftlist                                     
aswEngSrv.exe                 3936 N/A                                         
AvastBrowserCrashHandler.     4100 N/A                                         
GoogleCrashHandler.exe        4112 N/A                                         
AvastBrowserCrashHandler6     4120 N/A                                         
GoogleCrashHandler64.exe      4128 N/A                                         
aswidsagent.exe                196 aswbIDSAgent                                
svchost.exe                   4752 HPSLPSVC                                    
SearchIndexer.exe             3224 WSearch                                     
svchost.exe                   5180 PolicyAgent                                 
WUDFHost.exe                  5476 N/A                                         
unsecapp.exe                  5936 N/A                                         
wmpnetwk.exe                  6128 WMPNetworkSvc                               
svchost.exe                   5876 p2pimsvc, p2psvc, PNRPsvc                   
Facebook Gameroom Browser     2084 N/A                                         
dllhost.exe                   6000 N/A                                         
daemonu.exe                   5216 nvUpdatusService                            
AvastUI.exe                   5084 N/A                                         
mbamtray.exe                  3584 N/A                                         
jucheck.exe                   4888 N/A                                         
svchost.exe                   1088 SDRSVC                                      
firefox.exe                   6392 N/A                                         
firefox.exe                   6528 N/A                                         
firefox.exe                   1444 N/A                                         
firefox.exe                   1408 N/A                                         
firefox.exe                   6728 N/A                                         
firefox.exe                   2628 N/A                                         
procexp.exe                   4804 N/A                                         
procexp64.exe                 5328 N/A                                         
notepad.exe                   1688 N/A                                         
cmd.exe                       3916 N/A                                         
conhost.exe                   4448 N/A                                         
taskeng.exe                   6524 N/A                                         
tasklist.exe                  8100 N/A                                         
WmiPrvSE.exe                  3896 N/A                                         

 


  • 0

#6
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Speccy file

Attached Files


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   3.66KB   9 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

 

We need a new version of FRST.  Pause Avast (right click on the Avast icon , click on Avast Shield Control, Disable for until Computer is Restarted, OK, Stop)



  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Check the Addition.txt box
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


Smart Screen, Windows Defender and Avast have all been blocking FRST recently.  It's a false positive so pause your antivirus when downloading or running FRST.  If you get a message saying Smart Screen has blocked it you can click on More Info and you will see an option to Run Anyway.

  Post both logs.

 

After running the new FRST scan, put

mfc100enu.dll;ifc100esn.dll

in the FRST Search Box and hit Search Files.  You will only get one log please post.

 


  • 0

#8
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Dave (30-06-2020 20:10:16) Run:5
Running from C:\Users\Dave\Desktop
Loaded Profiles: Dave & UpdatusUser (Available Profiles: Dave & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {A74A3273-7518-4420-8468-7EA25CE72266} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-09] (AVAST Software) <==== ATTENTION
Task: {F959764E-043B-46BA-8356-084DEB917C95} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-09] (AVAST Software) <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core.job => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA.job => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe
S3 WacHidRouterPro; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416\Extensions\[email protected] [2020-04-30]
CMD: type C:\Program Files (x86)\0420202023004583.bat
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: sc start netman
CMD: sc config WMPNetworkSvc start= disabled
CDM: sc config cvhsvc start= disabled
CMD: sc config wudfsvc start= auto
REG: Reg Add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /v WpadOverride /t REG_DWORD /d 1 /f
REG: Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v LoadAppInit_DLLs /t REG_DWORD /d 0 /f
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:

*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A74A3273-7518-4420-8468-7EA25CE72266} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A74A3273-7518-4420-8468-7EA25CE72266} => key removed successfully
C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F959764E-043B-46BA-8356-084DEB917C95} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F959764E-043B-46BA-8356-084DEB917C95} => key removed successfully
C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore => key removed successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core.job => moved successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA.job => moved successfully
HKLM\System\CurrentControlSet\Services\WacHidRouterPro => key removed successfully
WacHidRouterPro => service removed successfully
HKLM\System\CurrentControlSet\Services\wacomrouterfilter => key removed successfully
wacomrouterfilter => service removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NAUpdate => key removed successfully
HKLM\System\CurrentControlSet\Services\NAUpdate => key not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NOBU => key removed successfully
HKLM\System\CurrentControlSet\Services\NOBU => key not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup => key removed successfully
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416\Extensions\[email protected] => moved successfully

========= type C:\Program Files (x86)\0420202023004583.bat =========

The system cannot find the file specified.
Error occurred while processing: C:\Program.
The system cannot find the file specified.
Error occurred while processing: Files.
The system cannot find the path specified.

========= End of CMD: =========


========= SFC /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.

Verification 0% complete.Verification 1% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 4% complete.Verification 4% complete.Verification 5% complete.Verification 5% complete.Verification 6% complete.Verification 7% complete.Verification 7% complete.Verification 8% complete.Verification 8% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 11% complete.Verification 12% complete.Verification 13% complete.Verification 13% complete.Verification 14% complete.Verification 14% complete.Verification 15% complete.Verification 16% complete.Verification 16% complete.Verification 17% complete.Verification 17% complete.Verification 18% complete.Verification 19% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 23% complete.Verification 24% complete.Verification 25% complete.Verification 25% complete.Verification 26% complete.Verification 26% complete.Verification 27% complete.Verification 28% complete.Verification 28% complete.Verification 29% complete.Verification 29% complete.Verification 30% complete.Verification 31% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 34% complete.Verification 34% complete.Verification 35% complete.Verification 35% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 38% complete.Verification 39% complete.Verification 40% complete.Verification 40% complete.Verification 41% complete.Verification 41% complete.Verification 42% complete.Verification 43% complete.Verification 43% complete.Verification 44% complete.Verification 44% complete.Verification 45% complete.Verification 46% complete.Verification 46% complete.Verification 47% complete.Verification 47% complete.Verification 48% complete.Verification 49% complete.Verification 49% complete.Verification 50% complete.Verification 50% complete.Verification 51% complete.Verification 52% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 56% complete.Verification 57% complete.Verification 58% complete.Verification 58% complete.Verification 59% complete.Verification 59% complete.Verification 60% complete.Verification 61% complete.Verification 61% complete.Verification 62% complete.Verification 62% complete.Verification 63% complete.Verification 64% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 67% complete.Verification 67% complete.Verification 68% complete.Verification 68% complete.Verification 69% complete.Verification 70% complete.Verification 70% complete.Verification 71% complete.Verification 71% complete.Verification 72% complete.Verification 73% complete.Verification 73% complete.Verification 74% complete.Verification 74% complete.Verification 75% complete.Verification 76% complete.Verification 76% complete.Verification 77% complete.Verification 77% complete.Verification 78% complete.Verification 79% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 82% complete.Verification 82% complete.Verification 83% complete.Verification 83% complete.Verification 84% complete.Verification 85% complete.Verification 85% complete.Verification 86% complete.Verification 86% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 89% complete.Verification 90% complete.Verification 91% complete.Verification 91% complete.Verification 92% complete.Verification 92% complete.Verification 93% complete.Verification 94% complete.Verification 94% complete.Verification 95% complete.Verification 95% complete.Verification 96% complete.Verification 97% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 100% complete.


Windows Resource Protection did not find any integrity violations.


========= End of CMD: =========


========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========

2020-06-27 15:17:15, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:17:15, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2020-06-27 15:17:19, Info                  CSI    0000000c [SR] Verify complete
2020-06-27 15:17:21, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:17:21, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2020-06-27 15:17:24, Info                  CSI    00000010 [SR] Verify complete
2020-06-27 15:17:27, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:17:27, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2020-06-27 15:17:32, Info                  CSI    00000014 [SR] Verify complete
2020-06-27 15:17:36, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:17:36, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-06-27 15:17:42, Info                  CSI    00000018 [SR] Verify complete
2020-06-27 15:17:45, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:17:45, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2020-06-27 15:17:53, Info                  CSI    0000001c [SR] Verify complete
2020-06-27 15:17:57, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:17:57, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2020-06-27 15:17:59, Info                  CSI    00000020 [SR] Verify complete
2020-06-27 15:18:01, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:01, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:05, Info                  CSI    00000024 [SR] Verify complete
2020-06-27 15:18:09, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:09, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:11, Info                  CSI    00000028 [SR] Verify complete
2020-06-27 15:18:12, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:12, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:15, Info                  CSI    0000002c [SR] Verify complete
2020-06-27 15:18:18, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:18, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:21, Info                  CSI    00000030 [SR] Verify complete
2020-06-27 15:18:23, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:23, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:24, Info                  CSI    00000034 [SR] Verify complete
2020-06-27 15:18:25, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:25, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:27, Info                  CSI    00000038 [SR] Verify complete
2020-06-27 15:18:29, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:29, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:30, Info                  CSI    0000003c [SR] Verify complete
2020-06-27 15:18:31, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:31, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:33, Info                  CSI    00000040 [SR] Verify complete
2020-06-27 15:18:35, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:35, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:36, Info                  CSI    00000044 [SR] Verify complete
2020-06-27 15:18:38, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:38, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:39, Info                  CSI    00000048 [SR] Verify complete
2020-06-27 15:18:42, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:42, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:45, Info                  CSI    0000004c [SR] Verify complete
2020-06-27 15:18:47, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:47, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:50, Info                  CSI    00000050 [SR] Verify complete
2020-06-27 15:18:52, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:52, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:54, Info                  CSI    00000054 [SR] Verify complete
2020-06-27 15:18:56, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:56, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2020-06-27 15:18:58, Info                  CSI    00000058 [SR] Verify complete
2020-06-27 15:18:59, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:18:59, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:01, Info                  CSI    0000005c [SR] Verify complete
2020-06-27 15:19:02, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:02, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:04, Info                  CSI    00000060 [SR] Verify complete
2020-06-27 15:19:06, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:06, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:07, Info                  CSI    00000064 [SR] Verify complete
2020-06-27 15:19:08, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:08, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:10, Info                  CSI    00000068 [SR] Verify complete
2020-06-27 15:19:16, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:16, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:18, Info                  CSI    0000006c [SR] Verify complete
2020-06-27 15:19:19, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:19, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:20, Info                  CSI    00000070 [SR] Verify complete
2020-06-27 15:19:22, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:22, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:23, Info                  CSI    00000074 [SR] Verify complete
2020-06-27 15:19:24, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:24, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:26, Info                  CSI    00000078 [SR] Verify complete
2020-06-27 15:19:27, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:27, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:29, Info                  CSI    0000007c [SR] Verify complete
2020-06-27 15:19:30, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:30, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:31, Info                  CSI    00000080 [SR] Verify complete
2020-06-27 15:19:32, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:32, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:34, Info                  CSI    00000084 [SR] Verify complete
2020-06-27 15:19:35, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:35, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:39, Info                  CSI    00000088 [SR] Verify complete
2020-06-27 15:19:40, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:40, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:42, Info                  CSI    0000008c [SR] Verify complete
2020-06-27 15:19:43, Info                  CSI    0000008d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:43, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:45, Info                  CSI    00000090 [SR] Verify complete
2020-06-27 15:19:46, Info                  CSI    00000091 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:46, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:48, Info                  CSI    00000094 [SR] Verify complete
2020-06-27 15:19:49, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:49, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:52, Info                  CSI    00000098 [SR] Verify complete
2020-06-27 15:19:53, Info                  CSI    00000099 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:53, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:54, Info                  CSI    0000009c [SR] Verify complete
2020-06-27 15:19:55, Info                  CSI    0000009d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:55, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2020-06-27 15:19:57, Info                  CSI    000000a0 [SR] Verify complete
2020-06-27 15:19:58, Info                  CSI    000000a1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:19:58, Info                  CSI    000000a2 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:00, Info                  CSI    000000a4 [SR] Verify complete
2020-06-27 15:20:02, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:02, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:03, Info                  CSI    000000a8 [SR] Verify complete
2020-06-27 15:20:04, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:04, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:06, Info                  CSI    000000ac [SR] Verify complete
2020-06-27 15:20:07, Info                  CSI    000000ad [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:07, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:10, Info                  CSI    000000b0 [SR] Verify complete
2020-06-27 15:20:11, Info                  CSI    000000b1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:11, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:12, Info                  CSI    000000b4 [SR] Verify complete
2020-06-27 15:20:14, Info                  CSI    000000b5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:14, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:15, Info                  CSI    000000b8 [SR] Verify complete
2020-06-27 15:20:16, Info                  CSI    000000b9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:16, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:18, Info                  CSI    000000bc [SR] Verify complete
2020-06-27 15:20:19, Info                  CSI    000000bd [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:19, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:21, Info                  CSI    000000c0 [SR] Verify complete
2020-06-27 15:20:21, Info                  CSI    000000c1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:21, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:23, Info                  CSI    000000c4 [SR] Verify complete
2020-06-27 15:20:24, Info                  CSI    000000c5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:24, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:28, Info                  CSI    000000c8 [SR] Verify complete
2020-06-27 15:20:28, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:28, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:32, Info                  CSI    000000cc [SR] Verify complete
2020-06-27 15:20:33, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:33, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:36, Info                  CSI    000000d0 [SR] Verify complete
2020-06-27 15:20:36, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:36, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:42, Info                  CSI    000000d4 [SR] Verify complete
2020-06-27 15:20:42, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:42, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:50, Info                  CSI    000000d9 [SR] Verify complete
2020-06-27 15:20:51, Info                  CSI    000000da [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:51, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2020-06-27 15:20:56, Info                  CSI    000000e0 [SR] Verify complete
2020-06-27 15:20:57, Info                  CSI    000000e1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:20:57, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:02, Info                  CSI    000000e5 [SR] Verify complete
2020-06-27 15:21:02, Info                  CSI    000000e6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:02, Info                  CSI    000000e7 [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:08, Info                  CSI    000000e9 [SR] Verify complete
2020-06-27 15:21:08, Info                  CSI    000000ea [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:08, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:17, Info                  CSI    0000010d [SR] Verify complete
2020-06-27 15:21:17, Info                  CSI    0000010e [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:17, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:27, Info                  CSI    00000114 [SR] Verify complete
2020-06-27 15:21:27, Info                  CSI    00000115 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:27, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:35, Info                  CSI    00000118 [SR] Verify complete
2020-06-27 15:21:35, Info                  CSI    00000119 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:35, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:40, Info                  CSI    0000011c [SR] Verify complete
2020-06-27 15:21:40, Info                  CSI    0000011d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:40, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:46, Info                  CSI    00000120 [SR] Verify complete
2020-06-27 15:21:46, Info                  CSI    00000121 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:46, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:51, Info                  CSI    00000124 [SR] Verify complete
2020-06-27 15:21:52, Info                  CSI    00000125 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:52, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2020-06-27 15:21:58, Info                  CSI    00000128 [SR] Verify complete
2020-06-27 15:21:59, Info                  CSI    00000129 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:21:59, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2020-06-27 15:22:10, Info                  CSI    0000014d [SR] Verify complete
2020-06-27 15:22:11, Info                  CSI    0000014e [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:22:11, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2020-06-27 15:22:21, Info                  CSI    00000151 [SR] Verify complete
2020-06-27 15:22:22, Info                  CSI    00000152 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:22:22, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2020-06-27 15:22:33, Info                  CSI    00000155 [SR] Verify complete
2020-06-27 15:22:34, Info                  CSI    00000156 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:22:34, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2020-06-27 15:22:40, Info                  CSI    0000015b [SR] Verify complete
2020-06-27 15:22:40, Info                  CSI    0000015c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:22:40, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2020-06-27 15:22:42, Info                  CSI    0000015f [SR] Verify complete
2020-06-27 15:22:42, Info                  CSI    00000160 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:22:42, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2020-06-27 15:22:44, Info                  CSI    00000163 [SR] Verify complete
2020-06-27 15:22:45, Info                  CSI    00000164 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:22:45, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2020-06-27 15:22:53, Info                  CSI    0000016c [SR] Verify complete
2020-06-27 15:22:54, Info                  CSI    0000016d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:22:54, Info                  CSI    0000016e [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:00, Info                  CSI    0000017c [SR] Verify complete
2020-06-27 15:23:00, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:00, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:02, Info                  CSI    00000180 [SR] Verify complete
2020-06-27 15:23:03, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:03, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:07, Info                  CSI    00000184 [SR] Verify complete
2020-06-27 15:23:08, Info                  CSI    00000185 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:08, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:14, Info                  CSI    00000188 [SR] Verify complete
2020-06-27 15:23:14, Info                  CSI    00000189 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:14, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:24, Info                  CSI    0000018d [SR] Verify complete
2020-06-27 15:23:24, Info                  CSI    0000018e [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:24, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:34, Info                  CSI    00000192 [SR] Verify complete
2020-06-27 15:23:35, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:35, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:37, Info                  CSI    00000196 [SR] Verify complete
2020-06-27 15:23:38, Info                  CSI    00000197 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:38, Info                  CSI    00000198 [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:40, Info                  CSI    0000019a [SR] Verify complete
2020-06-27 15:23:41, Info                  CSI    0000019b [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:41, Info                  CSI    0000019c [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:50, Info                  CSI    0000019e [SR] Verify complete
2020-06-27 15:23:51, Info                  CSI    0000019f [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:51, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2020-06-27 15:23:58, Info                  CSI    000001a2 [SR] Verify complete
2020-06-27 15:23:58, Info                  CSI    000001a3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:23:58, Info                  CSI    000001a4 [SR] Beginning Verify and Repair transaction
2020-06-27 15:24:08, Info                  CSI    000001a6 [SR] Verify complete
2020-06-27 15:24:08, Info                  CSI    000001a7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:24:08, Info                  CSI    000001a8 [SR] Beginning Verify and Repair transaction
2020-06-27 15:24:18, Info                  CSI    000001c0 [SR] Verify complete
2020-06-27 15:24:18, Info                  CSI    000001c1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:24:18, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2020-06-27 15:24:25, Info                  CSI    000001c4 [SR] Verify complete
2020-06-27 15:24:25, Info                  CSI    000001c5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:24:25, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2020-06-27 15:24:44, Info                  CSI    000001c8 [SR] Verify complete
2020-06-27 15:24:45, Info                  CSI    000001c9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:24:45, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2020-06-27 15:24:56, Info                  CSI    000001cd [SR] Verify complete
2020-06-27 15:24:56, Info                  CSI    000001ce [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:24:56, Info                  CSI    000001cf [SR] Beginning Verify and Repair transaction
2020-06-27 15:25:05, Info                  CSI    000001d1 [SR] Verify complete
2020-06-27 15:25:05, Info                  CSI    000001d2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:25:05, Info                  CSI    000001d3 [SR] Beginning Verify and Repair transaction
2020-06-27 15:25:11, Info                  CSI    000001d5 [SR] Verify complete
2020-06-27 15:25:11, Info                  CSI    000001d6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:25:11, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2020-06-27 15:25:17, Info                  CSI    000001d9 [SR] Verify complete
2020-06-27 15:25:18, Info                  CSI    000001da [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:25:18, Info                  CSI    000001db [SR] Beginning Verify and Repair transaction
2020-06-27 15:25:23, Info                  CSI    000001dd [SR] Verify complete
2020-06-27 15:25:23, Info                  CSI    000001de [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:25:23, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2020-06-27 15:25:27, Info                  CSI    000001e3 [SR] Verify complete
2020-06-27 15:25:28, Info                  CSI    000001e4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:25:28, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
2020-06-27 15:25:46, Info                  CSI    000001e7 [SR] Verify complete
2020-06-27 15:25:47, Info                  CSI    000001e8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:25:47, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2020-06-27 15:25:57, Info                  CSI    000001ec [SR] Verify complete
2020-06-27 15:25:57, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:25:57, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2020-06-27 15:26:11, Info                  CSI    000001f0 [SR] Verify complete
2020-06-27 15:26:12, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:26:12, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2020-06-27 15:26:30, Info                  CSI    000001f5 [SR] Verify complete
2020-06-27 15:26:31, Info                  CSI    000001f6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:26:31, Info                  CSI    000001f7 [SR] Beginning Verify and Repair transaction
2020-06-27 15:26:58, Info                  CSI    000001fa [SR] Verify complete
2020-06-27 15:26:59, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:26:59, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:13, Info                  CSI    000001fe [SR] Verify complete
2020-06-27 15:27:14, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:14, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:18, Info                  CSI    00000202 [SR] Verify complete
2020-06-27 15:27:19, Info                  CSI    00000203 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:19, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:24, Info                  CSI    00000206 [SR] Verify complete
2020-06-27 15:27:24, Info                  CSI    00000207 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:24, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:31, Info                  CSI    0000020b [SR] Verify complete
2020-06-27 15:27:32, Info                  CSI    0000020c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:32, Info                  CSI    0000020d [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:37, Info                  CSI    00000210 [SR] Verify complete
2020-06-27 15:27:38, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:38, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:43, Info                  CSI    00000214 [SR] Verify complete
2020-06-27 15:27:43, Info                  CSI    00000215 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:43, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:50, Info                  CSI    00000219 [SR] Verify complete
2020-06-27 15:27:50, Info                  CSI    0000021a [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:50, Info                  CSI    0000021b [SR] Beginning Verify and Repair transaction
2020-06-27 15:27:57, Info                  CSI    0000021f [SR] Verify complete
2020-06-27 15:27:57, Info                  CSI    00000220 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:27:57, Info                  CSI    00000221 [SR] Beginning Verify and Repair transaction
2020-06-27 15:28:08, Info                  CSI    00000223 [SR] Verify complete
2020-06-27 15:28:08, Info                  CSI    00000224 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:28:08, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2020-06-27 15:28:17, Info                  CSI    00000228 [SR] Verify complete
2020-06-27 15:28:17, Info                  CSI    00000229 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:28:17, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2020-06-27 15:28:23, Info                  CSI    0000022c [SR] Verify complete
2020-06-27 15:28:24, Info                  CSI    0000022d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:28:24, Info                  CSI    0000022e [SR] Beginning Verify and Repair transaction
2020-06-27 15:28:28, Info                  CSI    00000230 [SR] Verify complete
2020-06-27 15:28:29, Info                  CSI    00000231 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:28:29, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2020-06-27 15:28:34, Info                  CSI    00000234 [SR] Verify complete
2020-06-27 15:28:39, Info                  CSI    00000235 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:28:39, Info                  CSI    00000236 [SR] Beginning Verify and Repair transaction
2020-06-27 15:28:47, Info                  CSI    00000238 [SR] Verify complete
2020-06-27 15:28:48, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:28:48, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2020-06-27 15:28:56, Info                  CSI    0000023c [SR] Verify complete
2020-06-27 15:28:57, Info                  CSI    0000023d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:28:57, Info                  CSI    0000023e [SR] Beginning Verify and Repair transaction
2020-06-27 15:29:02, Info                  CSI    00000240 [SR] Verify complete
2020-06-27 15:29:02, Info                  CSI    00000241 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:29:02, Info                  CSI    00000242 [SR] Beginning Verify and Repair transaction
2020-06-27 15:29:08, Info                  CSI    00000244 [SR] Verify complete
2020-06-27 15:29:08, Info                  CSI    00000245 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:29:08, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2020-06-27 15:29:23, Info                  CSI    00000248 [SR] Verify complete
2020-06-27 15:29:23, Info                  CSI    00000249 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:29:23, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2020-06-27 15:29:47, Info                  CSI    0000024c [SR] Verify complete
2020-06-27 15:29:48, Info                  CSI    0000024d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:29:48, Info                  CSI    0000024e [SR] Beginning Verify and Repair transaction
2020-06-27 15:29:55, Info                  CSI    00000250 [SR] Verify complete
2020-06-27 15:29:55, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:29:55, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:02, Info                  CSI    00000254 [SR] Verify complete
2020-06-27 15:30:02, Info                  CSI    00000255 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:02, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:04, Info                  CSI    00000258 [SR] Verify complete
2020-06-27 15:30:04, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:04, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:08, Info                  CSI    0000025c [SR] Verify complete
2020-06-27 15:30:09, Info                  CSI    0000025d [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:09, Info                  CSI    0000025e [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:15, Info                  CSI    00000260 [SR] Verify complete
2020-06-27 15:30:15, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:15, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:18, Info                  CSI    00000264 [SR] Verify complete
2020-06-27 15:30:18, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:18, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:20, Info                  CSI    00000268 [SR] Verify complete
2020-06-27 15:30:20, Info                  CSI    00000269 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:20, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:26, Info                  CSI    00000272 [SR] Verify complete
2020-06-27 15:30:26, Info                  CSI    00000273 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:26, Info                  CSI    00000274 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:30, Info                  CSI    00000276 [SR] Verify complete
2020-06-27 15:30:30, Info                  CSI    00000277 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:30, Info                  CSI    00000278 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:34, Info                  CSI    0000027a [SR] Verify complete
2020-06-27 15:30:34, Info                  CSI    0000027b [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:34, Info                  CSI    0000027c [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:38, Info                  CSI    0000027e [SR] Verify complete
2020-06-27 15:30:39, Info                  CSI    0000027f [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:39, Info                  CSI    00000280 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:46, Info                  CSI    00000282 [SR] Verify complete
2020-06-27 15:30:46, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:46, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2020-06-27 15:30:56, Info                  CSI    00000287 [SR] Verify complete
2020-06-27 15:30:56, Info                  CSI    00000288 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:30:56, Info                  CSI    00000289 [SR] Beginning Verify and Repair transaction
2020-06-27 15:31:00, Info                  CSI    0000028b [SR] Verify complete
2020-06-27 15:31:01, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:31:01, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
2020-06-27 15:31:02, Info                  CSI    0000028f [SR] Verify complete
2020-06-27 15:31:03, Info                  CSI    00000290 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:31:03, Info                  CSI    00000291 [SR] Beginning Verify and Repair transaction
2020-06-27 15:31:14, Info                  CSI    00000294 [SR] Verify complete
2020-06-27 15:31:15, Info                  CSI    00000295 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:31:15, Info                  CSI    00000296 [SR] Beginning Verify and Repair transaction
2020-06-27 15:31:29, Info                  CSI    0000029a [SR] Verify complete
2020-06-27 15:31:30, Info                  CSI    0000029b [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:31:30, Info                  CSI    0000029c [SR] Beginning Verify and Repair transaction
2020-06-27 15:31:37, Info                  CSI    000002a1 [SR] Verify complete
2020-06-27 15:31:38, Info                  CSI    000002a2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:31:38, Info                  CSI    000002a3 [SR] Beginning Verify and Repair transaction
2020-06-27 15:31:46, Info                  CSI    000002ad [SR] Verify complete
2020-06-27 15:31:46, Info                  CSI    000002ae [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:31:46, Info                  CSI    000002af [SR] Beginning Verify and Repair transaction
2020-06-27 15:31:55, Info                  CSI    000002b6 [SR] Verify complete
2020-06-27 15:31:56, Info                  CSI    000002b7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:31:56, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
2020-06-27 15:32:03, Info                  CSI    000002bd [SR] Verify complete
2020-06-27 15:32:03, Info                  CSI    000002be [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:32:03, Info                  CSI    000002bf [SR] Beginning Verify and Repair transaction
2020-06-27 15:32:24, Info                  CSI    000002c3 [SR] Verify complete
2020-06-27 15:32:36, Info                  CSI    000002c4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:32:36, Info                  CSI    000002c5 [SR] Beginning Verify and Repair transaction
2020-06-27 15:49:46, Info                  CSI    000002c7 [SR] Verify complete
2020-06-27 15:49:59, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:49:59, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2020-06-27 15:50:32, Info                  CSI    000002ee [SR] Verify complete
2020-06-27 15:50:43, Info                  CSI    000002ef [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:50:43, Info                  CSI    000002f0 [SR] Beginning Verify and Repair transaction
2020-06-27 15:50:55, Info                  CSI    000002f2 [SR] Verify complete
2020-06-27 15:50:59, Info                  CSI    000002f3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:50:59, Info                  CSI    000002f4 [SR] Beginning Verify and Repair transaction
2020-06-27 15:51:05, Info                  CSI    000002f6 [SR] Verify complete
2020-06-27 15:51:06, Info                  CSI    000002f7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:51:06, Info                  CSI    000002f8 [SR] Beginning Verify and Repair transaction
2020-06-27 15:51:13, Info                  CSI    000002fa [SR] Verify complete
2020-06-27 15:51:15, Info                  CSI    000002fb [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:51:15, Info                  CSI    000002fc [SR] Beginning Verify and Repair transaction
2020-06-27 15:51:22, Info                  CSI    00000309 [SR] Verify complete
2020-06-27 15:51:24, Info                  CSI    0000030a [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:51:24, Info                  CSI    0000030b [SR] Beginning Verify and Repair transaction
2020-06-27 15:51:33, Info                  CSI    0000030e [SR] Verify complete
2020-06-27 15:51:34, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:51:34, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2020-06-27 15:51:41, Info                  CSI    0000031b [SR] Verify complete
2020-06-27 15:51:44, Info                  CSI    0000031c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:51:44, Info                  CSI    0000031d [SR] Beginning Verify and Repair transaction
2020-06-27 15:51:50, Info                  CSI    00000322 [SR] Verify complete
2020-06-27 15:51:53, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:51:53, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2020-06-27 15:51:57, Info                  CSI    00000326 [SR] Verify complete
2020-06-27 15:51:59, Info                  CSI    00000327 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:51:59, Info                  CSI    00000328 [SR] Beginning Verify and Repair transaction
2020-06-27 15:52:08, Info                  CSI    0000032b [SR] Verify complete
2020-06-27 15:52:09, Info                  CSI    0000032c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:52:09, Info                  CSI    0000032d [SR] Beginning Verify and Repair transaction
2020-06-27 15:52:11, Info                  CSI    0000032f [SR] Verify complete
2020-06-27 15:52:12, Info                  CSI    00000330 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:52:12, Info                  CSI    00000331 [SR] Beginning Verify and Repair transaction
2020-06-27 15:52:19, Info                  CSI    00000333 [SR] Verify complete
2020-06-27 15:52:20, Info                  CSI    00000334 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:52:20, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2020-06-27 15:52:27, Info                  CSI    00000337 [SR] Verify complete
2020-06-27 15:52:27, Info                  CSI    00000338 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:52:27, Info                  CSI    00000339 [SR] Beginning Verify and Repair transaction
2020-06-27 15:52:33, Info                  CSI    0000033b [SR] Verify complete
2020-06-27 15:52:34, Info                  CSI    0000033c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:52:34, Info                  CSI    0000033d [SR] Beginning Verify and Repair transaction
2020-06-27 15:52:43, Info                  CSI    00000357 [SR] Verify complete
2020-06-27 15:52:46, Info                  CSI    00000358 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:52:46, Info                  CSI    00000359 [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:02, Info                  CSI    0000035b [SR] Verify complete
2020-06-27 15:53:03, Info                  CSI    0000035c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:03, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:08, Info                  CSI    0000035f [SR] Verify complete
2020-06-27 15:53:09, Info                  CSI    00000360 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:09, Info                  CSI    00000361 [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:14, Info                  CSI    00000363 [SR] Verify complete
2020-06-27 15:53:14, Info                  CSI    00000364 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:14, Info                  CSI    00000365 [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:17, Info                  CSI    00000369 [SR] Verify complete
2020-06-27 15:53:18, Info                  CSI    0000036a [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:18, Info                  CSI    0000036b [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:23, Info                  CSI    0000036d [SR] Verify complete
2020-06-27 15:53:24, Info                  CSI    0000036e [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:24, Info                  CSI    0000036f [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:29, Info                  CSI    00000371 [SR] Verify complete
2020-06-27 15:53:30, Info                  CSI    00000372 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:30, Info                  CSI    00000373 [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:34, Info                  CSI    00000375 [SR] Verify complete
2020-06-27 15:53:35, Info                  CSI    00000376 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:35, Info                  CSI    00000377 [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:39, Info                  CSI    0000037a [SR] Verify complete
2020-06-27 15:53:39, Info                  CSI    0000037b [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:39, Info                  CSI    0000037c [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:44, Info                  CSI    0000037e [SR] Verify complete
2020-06-27 15:53:45, Info                  CSI    0000037f [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:45, Info                  CSI    00000380 [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:51, Info                  CSI    00000382 [SR] Verify complete
2020-06-27 15:53:51, Info                  CSI    00000383 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:51, Info                  CSI    00000384 [SR] Beginning Verify and Repair transaction
2020-06-27 15:53:57, Info                  CSI    00000386 [SR] Verify complete
2020-06-27 15:53:58, Info                  CSI    00000387 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:53:58, Info                  CSI    00000388 [SR] Beginning Verify and Repair transaction
2020-06-27 15:54:02, Info                  CSI    0000038b [SR] Verify complete
2020-06-27 15:54:04, Info                  CSI    0000038c [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:54:04, Info                  CSI    0000038d [SR] Beginning Verify and Repair transaction
2020-06-27 15:54:10, Info                  CSI    0000038f [SR] Verify complete
2020-06-27 15:54:11, Info                  CSI    00000390 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:54:11, Info                  CSI    00000391 [SR] Beginning Verify and Repair transaction
2020-06-27 15:54:17, Info                  CSI    00000393 [SR] Verify complete
2020-06-27 15:54:18, Info                  CSI    00000394 [SR] Verifying 100 (0x0000000000000064) components
2020-06-27 15:54:18, Info                  CSI    00000395 [SR] Beginning Verify and Repair transaction
2020-06-27 15:54:23, Info                  CSI    00000397 [SR] Verify complete
2020-06-27 15:54:25, Info                  CSI    00000398 [SR] Verifying 87 (0x0000000000000057) components
2020-06-27 15:54:25, Info                  CSI    00000399 [SR] Beginning Verify and Repair transaction
2020-06-27 15:54:29, Info                  CSI    0000039b [SR] Verify complete
2020-06-27 15:54:29, Info                  CSI    0000039c [SR] Repairing 0 components
2020-06-27 15:54:29, Info                  CSI    0000039d [SR] Beginning Verify and Repair transaction
2020-06-27 15:54:29, Info                  CSI    0000039f [SR] Repair complete
2020-06-30 20:14:58, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:14:58, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:03, Info                  CSI    0000000c [SR] Verify complete
2020-06-30 20:15:05, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:05, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:07, Info                  CSI    00000010 [SR] Verify complete
2020-06-30 20:15:08, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:08, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:10, Info                  CSI    00000014 [SR] Verify complete
2020-06-30 20:15:11, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:11, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:13, Info                  CSI    00000018 [SR] Verify complete
2020-06-30 20:15:14, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:14, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:16, Info                  CSI    0000001c [SR] Verify complete
2020-06-30 20:15:18, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:18, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:20, Info                  CSI    00000020 [SR] Verify complete
2020-06-30 20:15:21, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:21, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:22, Info                  CSI    00000024 [SR] Verify complete
2020-06-30 20:15:23, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:23, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:25, Info                  CSI    00000028 [SR] Verify complete
2020-06-30 20:15:26, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:26, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:27, Info                  CSI    0000002c [SR] Verify complete
2020-06-30 20:15:28, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:28, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:30, Info                  CSI    00000030 [SR] Verify complete
2020-06-30 20:15:31, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:31, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:33, Info                  CSI    00000034 [SR] Verify complete
2020-06-30 20:15:34, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:34, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:35, Info                  CSI    00000038 [SR] Verify complete
2020-06-30 20:15:36, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:36, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:38, Info                  CSI    0000003c [SR] Verify complete
2020-06-30 20:15:40, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:40, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:41, Info                  CSI    00000040 [SR] Verify complete
2020-06-30 20:15:42, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:42, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:44, Info                  CSI    00000044 [SR] Verify complete
2020-06-30 20:15:45, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:45, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:47, Info                  CSI    00000048 [SR] Verify complete
2020-06-30 20:15:48, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:48, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:50, Info                  CSI    0000004c [SR] Verify complete
2020-06-30 20:15:51, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:51, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:52, Info                  CSI    00000050 [SR] Verify complete
2020-06-30 20:15:53, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:53, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:55, Info                  CSI    00000054 [SR] Verify complete
2020-06-30 20:15:56, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:56, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2020-06-30 20:15:58, Info                  CSI    00000058 [SR] Verify complete
2020-06-30 20:15:58, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:15:58, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:00, Info                  CSI    0000005c [SR] Verify complete
2020-06-30 20:16:01, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:01, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:02, Info                  CSI    00000060 [SR] Verify complete
2020-06-30 20:16:03, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:03, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:05, Info                  CSI    00000064 [SR] Verify complete
2020-06-30 20:16:06, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:06, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:07, Info                  CSI    00000068 [SR] Verify complete
2020-06-30 20:16:08, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:08, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:09, Info                  CSI    0000006c [SR] Verify complete
2020-06-30 20:16:11, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:11, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:12, Info                  CSI    00000070 [SR] Verify complete
2020-06-30 20:16:13, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:13, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:14, Info                  CSI    00000074 [SR] Verify complete
2020-06-30 20:16:15, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:15, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:17, Info                  CSI    00000078 [SR] Verify complete
2020-06-30 20:16:18, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:18, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:19, Info                  CSI    0000007c [SR] Verify complete
2020-06-30 20:16:20, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:20, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:22, Info                  CSI    00000080 [SR] Verify complete
2020-06-30 20:16:22, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:22, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:24, Info                  CSI    00000084 [SR] Verify complete
2020-06-30 20:16:25, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:25, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:29, Info                  CSI    00000088 [SR] Verify complete
2020-06-30 20:16:33, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:33, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:36, Info                  CSI    0000008c [SR] Verify complete
2020-06-30 20:16:38, Info                  CSI    0000008d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:38, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:40, Info                  CSI    00000090 [SR] Verify complete
2020-06-30 20:16:41, Info                  CSI    00000091 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:41, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:43, Info                  CSI    00000094 [SR] Verify complete
2020-06-30 20:16:44, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:44, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:46, Info                  CSI    00000098 [SR] Verify complete
2020-06-30 20:16:47, Info                  CSI    00000099 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:47, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:52, Info                  CSI    0000009c [SR] Verify complete
2020-06-30 20:16:53, Info                  CSI    0000009d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:53, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2020-06-30 20:16:55, Info                  CSI    000000a0 [SR] Verify complete
2020-06-30 20:16:57, Info                  CSI    000000a1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:16:57, Info                  CSI    000000a2 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:04, Info                  CSI    000000a4 [SR] Verify complete
2020-06-30 20:17:05, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:05, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:06, Info                  CSI    000000a8 [SR] Verify complete
2020-06-30 20:17:07, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:07, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:09, Info                  CSI    000000ac [SR] Verify complete
2020-06-30 20:17:10, Info                  CSI    000000ad [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:10, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:12, Info                  CSI    000000b0 [SR] Verify complete
2020-06-30 20:17:13, Info                  CSI    000000b1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:13, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:14, Info                  CSI    000000b4 [SR] Verify complete
2020-06-30 20:17:15, Info                  CSI    000000b5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:15, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:16, Info                  CSI    000000b8 [SR] Verify complete
2020-06-30 20:17:17, Info                  CSI    000000b9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:17, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:19, Info                  CSI    000000bc [SR] Verify complete
2020-06-30 20:17:20, Info                  CSI    000000bd [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:20, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:21, Info                  CSI    000000c0 [SR] Verify complete
2020-06-30 20:17:22, Info                  CSI    000000c1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:22, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:24, Info                  CSI    000000c4 [SR] Verify complete
2020-06-30 20:17:24, Info                  CSI    000000c5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:24, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:28, Info                  CSI    000000c8 [SR] Verify complete
2020-06-30 20:17:29, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:29, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:32, Info                  CSI    000000cc [SR] Verify complete
2020-06-30 20:17:33, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:33, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:36, Info                  CSI    000000d0 [SR] Verify complete
2020-06-30 20:17:36, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:36, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:42, Info                  CSI    000000d4 [SR] Verify complete
2020-06-30 20:17:43, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:43, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:51, Info                  CSI    000000d9 [SR] Verify complete
2020-06-30 20:17:52, Info                  CSI    000000da [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:52, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2020-06-30 20:17:58, Info                  CSI    000000e0 [SR] Verify complete
2020-06-30 20:17:58, Info                  CSI    000000e1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:17:58, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:04, Info                  CSI    000000e5 [SR] Verify complete
2020-06-30 20:18:04, Info                  CSI    000000e6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:04, Info                  CSI    000000e7 [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:09, Info                  CSI    000000e9 [SR] Verify complete
2020-06-30 20:18:10, Info                  CSI    000000ea [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:10, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:18, Info                  CSI    0000010d [SR] Verify complete
2020-06-30 20:18:18, Info                  CSI    0000010e [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:18, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:24, Info                  CSI    00000114 [SR] Verify complete
2020-06-30 20:18:24, Info                  CSI    00000115 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:24, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:32, Info                  CSI    00000118 [SR] Verify complete
2020-06-30 20:18:32, Info                  CSI    00000119 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:32, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:37, Info                  CSI    0000011c [SR] Verify complete
2020-06-30 20:18:37, Info                  CSI    0000011d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:37, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:44, Info                  CSI    00000120 [SR] Verify complete
2020-06-30 20:18:44, Info                  CSI    00000121 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:44, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:49, Info                  CSI    00000124 [SR] Verify complete
2020-06-30 20:18:50, Info                  CSI    00000125 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:50, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2020-06-30 20:18:56, Info                  CSI    00000128 [SR] Verify complete
2020-06-30 20:18:57, Info                  CSI    00000129 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:18:57, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2020-06-30 20:19:09, Info                  CSI    0000014d [SR] Verify complete
2020-06-30 20:19:09, Info                  CSI    0000014e [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:19:09, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2020-06-30 20:19:18, Info                  CSI    00000151 [SR] Verify complete
2020-06-30 20:19:18, Info                  CSI    00000152 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:19:18, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2020-06-30 20:19:34, Info                  CSI    00000155 [SR] Verify complete
2020-06-30 20:19:35, Info                  CSI    00000156 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:19:35, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2020-06-30 20:19:41, Info                  CSI    0000015b [SR] Verify complete
2020-06-30 20:19:41, Info                  CSI    0000015c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:19:41, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2020-06-30 20:19:44, Info                  CSI    0000015f [SR] Verify complete
2020-06-30 20:19:44, Info                  CSI    00000160 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:19:44, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2020-06-30 20:19:46, Info                  CSI    00000163 [SR] Verify complete
2020-06-30 20:19:46, Info                  CSI    00000164 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:19:46, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2020-06-30 20:19:53, Info                  CSI    0000016c [SR] Verify complete
2020-06-30 20:19:54, Info                  CSI    0000016d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:19:54, Info                  CSI    0000016e [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:00, Info                  CSI    0000017c [SR] Verify complete
2020-06-30 20:20:00, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:00, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:02, Info                  CSI    00000180 [SR] Verify complete
2020-06-30 20:20:02, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:02, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:07, Info                  CSI    00000184 [SR] Verify complete
2020-06-30 20:20:08, Info                  CSI    00000185 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:08, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:12, Info                  CSI    00000188 [SR] Verify complete
2020-06-30 20:20:13, Info                  CSI    00000189 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:13, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:22, Info                  CSI    0000018d [SR] Verify complete
2020-06-30 20:20:22, Info                  CSI    0000018e [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:22, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:33, Info                  CSI    00000192 [SR] Verify complete
2020-06-30 20:20:33, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:33, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:35, Info                  CSI    00000196 [SR] Verify complete
2020-06-30 20:20:36, Info                  CSI    00000197 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:36, Info                  CSI    00000198 [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:38, Info                  CSI    0000019a [SR] Verify complete
2020-06-30 20:20:38, Info                  CSI    0000019b [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:38, Info                  CSI    0000019c [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:47, Info                  CSI    0000019e [SR] Verify complete
2020-06-30 20:20:47, Info                  CSI    0000019f [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:47, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2020-06-30 20:20:53, Info                  CSI    000001a2 [SR] Verify complete
2020-06-30 20:20:54, Info                  CSI    000001a3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:20:54, Info                  CSI    000001a4 [SR] Beginning Verify and Repair transaction
2020-06-30 20:21:07, Info                  CSI    000001a6 [SR] Verify complete
2020-06-30 20:21:07, Info                  CSI    000001a7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:21:07, Info                  CSI    000001a8 [SR] Beginning Verify and Repair transaction
2020-06-30 20:21:17, Info                  CSI    000001c0 [SR] Verify complete
2020-06-30 20:21:18, Info                  CSI    000001c1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:21:18, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2020-06-30 20:21:24, Info                  CSI    000001c4 [SR] Verify complete
2020-06-30 20:21:25, Info                  CSI    000001c5 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:21:25, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2020-06-30 20:21:42, Info                  CSI    000001c8 [SR] Verify complete
2020-06-30 20:21:43, Info                  CSI    000001c9 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:21:43, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2020-06-30 20:21:54, Info                  CSI    000001cd [SR] Verify complete
2020-06-30 20:21:55, Info                  CSI    000001ce [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:21:55, Info                  CSI    000001cf [SR] Beginning Verify and Repair transaction
2020-06-30 20:22:03, Info                  CSI    000001d1 [SR] Verify complete
2020-06-30 20:22:04, Info                  CSI    000001d2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:22:04, Info                  CSI    000001d3 [SR] Beginning Verify and Repair transaction
2020-06-30 20:22:10, Info                  CSI    000001d5 [SR] Verify complete
2020-06-30 20:22:10, Info                  CSI    000001d6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:22:10, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2020-06-30 20:22:16, Info                  CSI    000001d9 [SR] Verify complete
2020-06-30 20:22:17, Info                  CSI    000001da [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:22:17, Info                  CSI    000001db [SR] Beginning Verify and Repair transaction
2020-06-30 20:22:22, Info                  CSI    000001dd [SR] Verify complete
2020-06-30 20:22:22, Info                  CSI    000001de [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:22:22, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2020-06-30 20:22:27, Info                  CSI    000001e3 [SR] Verify complete
2020-06-30 20:22:27, Info                  CSI    000001e4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:22:27, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
2020-06-30 20:22:45, Info                  CSI    000001e7 [SR] Verify complete
2020-06-30 20:22:45, Info                  CSI    000001e8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:22:45, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2020-06-30 20:22:54, Info                  CSI    000001ec [SR] Verify complete
2020-06-30 20:22:54, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:22:54, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:00, Info                  CSI    000001f0 [SR] Verify complete
2020-06-30 20:23:00, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:00, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:08, Info                  CSI    000001f5 [SR] Verify complete
2020-06-30 20:23:08, Info                  CSI    000001f6 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:08, Info                  CSI    000001f7 [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:19, Info                  CSI    000001fa [SR] Verify complete
2020-06-30 20:23:20, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:20, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:25, Info                  CSI    000001fe [SR] Verify complete
2020-06-30 20:23:26, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:26, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:31, Info                  CSI    00000202 [SR] Verify complete
2020-06-30 20:23:31, Info                  CSI    00000203 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:31, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:37, Info                  CSI    00000206 [SR] Verify complete
2020-06-30 20:23:38, Info                  CSI    00000207 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:38, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:45, Info                  CSI    0000020b [SR] Verify complete
2020-06-30 20:23:46, Info                  CSI    0000020c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:46, Info                  CSI    0000020d [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:50, Info                  CSI    00000210 [SR] Verify complete
2020-06-30 20:23:50, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:50, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2020-06-30 20:23:55, Info                  CSI    00000214 [SR] Verify complete
2020-06-30 20:23:56, Info                  CSI    00000215 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:23:56, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:02, Info                  CSI    00000219 [SR] Verify complete
2020-06-30 20:24:02, Info                  CSI    0000021a [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:02, Info                  CSI    0000021b [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:09, Info                  CSI    0000021f [SR] Verify complete
2020-06-30 20:24:10, Info                  CSI    00000220 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:10, Info                  CSI    00000221 [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:17, Info                  CSI    00000223 [SR] Verify complete
2020-06-30 20:24:18, Info                  CSI    00000224 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:18, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:26, Info                  CSI    00000228 [SR] Verify complete
2020-06-30 20:24:26, Info                  CSI    00000229 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:26, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:31, Info                  CSI    0000022c [SR] Verify complete
2020-06-30 20:24:31, Info                  CSI    0000022d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:31, Info                  CSI    0000022e [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:33, Info                  CSI    00000230 [SR] Verify complete
2020-06-30 20:24:33, Info                  CSI    00000231 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:33, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:40, Info                  CSI    00000234 [SR] Verify complete
2020-06-30 20:24:41, Info                  CSI    00000235 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:41, Info                  CSI    00000236 [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:46, Info                  CSI    00000238 [SR] Verify complete
2020-06-30 20:24:47, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:47, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2020-06-30 20:24:55, Info                  CSI    0000023c [SR] Verify complete
2020-06-30 20:24:55, Info                  CSI    0000023d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:24:55, Info                  CSI    0000023e [SR] Beginning Verify and Repair transaction
2020-06-30 20:25:00, Info                  CSI    00000240 [SR] Verify complete
2020-06-30 20:25:00, Info                  CSI    00000241 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:25:00, Info                  CSI    00000242 [SR] Beginning Verify and Repair transaction
2020-06-30 20:25:04, Info                  CSI    00000244 [SR] Verify complete
2020-06-30 20:25:05, Info                  CSI    00000245 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:25:05, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2020-06-30 20:25:18, Info                  CSI    00000248 [SR] Verify complete
2020-06-30 20:25:19, Info                  CSI    00000249 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:25:19, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2020-06-30 20:25:40, Info                  CSI    0000024c [SR] Verify complete
2020-06-30 20:25:41, Info                  CSI    0000024d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:25:41, Info                  CSI    0000024e [SR] Beginning Verify and Repair transaction
2020-06-30 20:25:48, Info                  CSI    00000250 [SR] Verify complete
2020-06-30 20:25:48, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:25:48, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2020-06-30 20:25:55, Info                  CSI    00000254 [SR] Verify complete
2020-06-30 20:25:55, Info                  CSI    00000255 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:25:55, Info                  CSI    00000256 [SR] Beginning Verify and Repair transaction
2020-06-30 20:25:56, Info                  CSI    00000258 [SR] Verify complete
2020-06-30 20:25:57, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:25:57, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:01, Info                  CSI    0000025c [SR] Verify complete
2020-06-30 20:26:02, Info                  CSI    0000025d [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:02, Info                  CSI    0000025e [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:07, Info                  CSI    00000260 [SR] Verify complete
2020-06-30 20:26:07, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:07, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:10, Info                  CSI    00000264 [SR] Verify complete
2020-06-30 20:26:10, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:10, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:12, Info                  CSI    00000268 [SR] Verify complete
2020-06-30 20:26:12, Info                  CSI    00000269 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:12, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:17, Info                  CSI    00000272 [SR] Verify complete
2020-06-30 20:26:18, Info                  CSI    00000273 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:18, Info                  CSI    00000274 [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:21, Info                  CSI    00000276 [SR] Verify complete
2020-06-30 20:26:22, Info                  CSI    00000277 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:22, Info                  CSI    00000278 [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:25, Info                  CSI    0000027a [SR] Verify complete
2020-06-30 20:26:26, Info                  CSI    0000027b [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:26, Info                  CSI    0000027c [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:30, Info                  CSI    0000027e [SR] Verify complete
2020-06-30 20:26:30, Info                  CSI    0000027f [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:30, Info                  CSI    00000280 [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:36, Info                  CSI    00000282 [SR] Verify complete
2020-06-30 20:26:37, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:37, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:48, Info                  CSI    00000287 [SR] Verify complete
2020-06-30 20:26:48, Info                  CSI    00000288 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:48, Info                  CSI    00000289 [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:54, Info                  CSI    0000028b [SR] Verify complete
2020-06-30 20:26:55, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:55, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
2020-06-30 20:26:56, Info                  CSI    0000028f [SR] Verify complete
2020-06-30 20:26:57, Info                  CSI    00000290 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:26:57, Info                  CSI    00000291 [SR] Beginning Verify and Repair transaction
2020-06-30 20:27:08, Info                  CSI    00000294 [SR] Verify complete
2020-06-30 20:27:09, Info                  CSI    00000295 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:27:09, Info                  CSI    00000296 [SR] Beginning Verify and Repair transaction
2020-06-30 20:27:22, Info                  CSI    0000029a [SR] Verify complete
2020-06-30 20:27:23, Info                  CSI    0000029b [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:27:23, Info                  CSI    0000029c [SR] Beginning Verify and Repair transaction
2020-06-30 20:27:30, Info                  CSI    000002a1 [SR] Verify complete
2020-06-30 20:27:31, Info                  CSI    000002a2 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:27:31, Info                  CSI    000002a3 [SR] Beginning Verify and Repair transaction
2020-06-30 20:27:39, Info                  CSI    000002ad [SR] Verify complete
2020-06-30 20:27:40, Info                  CSI    000002ae [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:27:40, Info                  CSI    000002af [SR] Beginning Verify and Repair transaction
2020-06-30 20:27:48, Info                  CSI    000002b6 [SR] Verify complete
2020-06-30 20:27:49, Info                  CSI    000002b7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:27:49, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
2020-06-30 20:27:56, Info                  CSI    000002bd [SR] Verify complete
2020-06-30 20:27:56, Info                  CSI    000002be [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:27:56, Info                  CSI    000002bf [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:01, Info                  CSI    000002c3 [SR] Verify complete
2020-06-30 20:28:01, Info                  CSI    000002c4 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:01, Info                  CSI    000002c5 [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:06, Info                  CSI    000002c7 [SR] Verify complete
2020-06-30 20:28:07, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:07, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:15, Info                  CSI    000002ee [SR] Verify complete
2020-06-30 20:28:15, Info                  CSI    000002ef [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:15, Info                  CSI    000002f0 [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:21, Info                  CSI    000002f2 [SR] Verify complete
2020-06-30 20:28:21, Info                  CSI    000002f3 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:21, Info                  CSI    000002f4 [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:26, Info                  CSI    000002f6 [SR] Verify complete
2020-06-30 20:28:26, Info                  CSI    000002f7 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:26, Info                  CSI    000002f8 [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:32, Info                  CSI    000002fa [SR] Verify complete
2020-06-30 20:28:32, Info                  CSI    000002fb [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:32, Info                  CSI    000002fc [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:37, Info                  CSI    00000309 [SR] Verify complete
2020-06-30 20:28:37, Info                  CSI    0000030a [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:37, Info                  CSI    0000030b [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:43, Info                  CSI    0000030e [SR] Verify complete
2020-06-30 20:28:44, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:44, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:50, Info                  CSI    0000031b [SR] Verify complete
2020-06-30 20:28:50, Info                  CSI    0000031c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:50, Info                  CSI    0000031d [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:56, Info                  CSI    00000322 [SR] Verify complete
2020-06-30 20:28:57, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:28:57, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2020-06-30 20:28:59, Info                  CSI    00000326 [SR] Verify complete
2020-06-30 20:29:00, Info                  CSI    00000327 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:00, Info                  CSI    00000328 [SR] Beginning Verify and Repair transaction
2020-06-30 20:29:09, Info                  CSI    0000032b [SR] Verify complete
2020-06-30 20:29:09, Info                  CSI    0000032c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:09, Info                  CSI    0000032d [SR] Beginning Verify and Repair transaction
2020-06-30 20:29:11, Info                  CSI    0000032f [SR] Verify complete
2020-06-30 20:29:11, Info                  CSI    00000330 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:11, Info                  CSI    00000331 [SR] Beginning Verify and Repair transaction
2020-06-30 20:29:18, Info                  CSI    00000333 [SR] Verify complete
2020-06-30 20:29:18, Info                  CSI    00000334 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:18, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2020-06-30 20:29:24, Info                  CSI    00000337 [SR] Verify complete
2020-06-30 20:29:24, Info                  CSI    00000338 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:24, Info                  CSI    00000339 [SR] Beginning Verify and Repair transaction
2020-06-30 20:29:29, Info                  CSI    0000033b [SR] Verify complete
2020-06-30 20:29:30, Info                  CSI    0000033c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:30, Info                  CSI    0000033d [SR] Beginning Verify and Repair transaction
2020-06-30 20:29:39, Info                  CSI    00000357 [SR] Verify complete
2020-06-30 20:29:40, Info                  CSI    00000358 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:40, Info                  CSI    00000359 [SR] Beginning Verify and Repair transaction
2020-06-30 20:29:58, Info                  CSI    0000035b [SR] Verify complete
2020-06-30 20:29:58, Info                  CSI    0000035c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:29:58, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:03, Info                  CSI    0000035f [SR] Verify complete
2020-06-30 20:30:03, Info                  CSI    00000360 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:03, Info                  CSI    00000361 [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:07, Info                  CSI    00000363 [SR] Verify complete
2020-06-30 20:30:07, Info                  CSI    00000364 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:07, Info                  CSI    00000365 [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:10, Info                  CSI    00000369 [SR] Verify complete
2020-06-30 20:30:10, Info                  CSI    0000036a [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:10, Info                  CSI    0000036b [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:14, Info                  CSI    0000036d [SR] Verify complete
2020-06-30 20:30:14, Info                  CSI    0000036e [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:14, Info                  CSI    0000036f [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:19, Info                  CSI    00000371 [SR] Verify complete
2020-06-30 20:30:20, Info                  CSI    00000372 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:20, Info                  CSI    00000373 [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:24, Info                  CSI    00000375 [SR] Verify complete
2020-06-30 20:30:24, Info                  CSI    00000376 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:24, Info                  CSI    00000377 [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:28, Info                  CSI    0000037a [SR] Verify complete
2020-06-30 20:30:28, Info                  CSI    0000037b [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:28, Info                  CSI    0000037c [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:32, Info                  CSI    0000037e [SR] Verify complete
2020-06-30 20:30:32, Info                  CSI    0000037f [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:32, Info                  CSI    00000380 [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:37, Info                  CSI    00000382 [SR] Verify complete
2020-06-30 20:30:37, Info                  CSI    00000383 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:37, Info                  CSI    00000384 [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:43, Info                  CSI    00000386 [SR] Verify complete
2020-06-30 20:30:44, Info                  CSI    00000387 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:44, Info                  CSI    00000388 [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:51, Info                  CSI    0000038b [SR] Verify complete
2020-06-30 20:30:51, Info                  CSI    0000038c [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:51, Info                  CSI    0000038d [SR] Beginning Verify and Repair transaction
2020-06-30 20:30:56, Info                  CSI    0000038f [SR] Verify complete
2020-06-30 20:30:57, Info                  CSI    00000390 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:30:57, Info                  CSI    00000391 [SR] Beginning Verify and Repair transaction
2020-06-30 20:31:02, Info                  CSI    00000393 [SR] Verify complete
2020-06-30 20:31:03, Info                  CSI    00000394 [SR] Verifying 100 (0x0000000000000064) components
2020-06-30 20:31:03, Info                  CSI    00000395 [SR] Beginning Verify and Repair transaction
2020-06-30 20:31:07, Info                  CSI    00000397 [SR] Verify complete
2020-06-30 20:31:08, Info                  CSI    00000398 [SR] Verifying 87 (0x0000000000000057) components
2020-06-30 20:31:08, Info                  CSI    00000399 [SR] Beginning Verify and Repair transaction
2020-06-30 20:31:14, Info                  CSI    0000039b [SR] Verify complete
2020-06-30 20:31:14, Info                  CSI    0000039c [SR] Repairing 0 components
2020-06-30 20:31:14, Info                  CSI    0000039d [SR] Beginning Verify and Repair transaction
2020-06-30 20:31:14, Info                  CSI    0000039f [SR] Repair complete

========= End of CMD: =========


========= sc start netman =========

[SC] StartService FAILED 1056:

An instance of the service is already running.


========= End of CMD: =========


========= sc config WMPNetworkSvc start= disabled =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========

CDM: sc config cvhsvc start= disabled => Error: No automatic fix found for this entry.

========= sc config wudfsvc start= auto =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========


========= Reg Add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /v WpadOverride /t REG_DWORD /d 1 /f =========

The operation completed successfully.



========= End of Reg: =========


========= Reg Add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v LoadAppInit_DLLs /t REG_DWORD /d 0 /f =========

The operation completed successfully.



========= End of Reg: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 20:32:02 ====


  • 0

#9
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by Dave (administrator) on DAVE-PC (eMachines EL1358G) (30-06-2020 20:44:48)
Running from C:\Users\Dave\Desktop
Loaded Profiles: Dave & UpdatusUser
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Dassault Systèmes) [File not signed] C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\eMachines\OOBEOffer\ootag.exe [13856 2010-02-23] (Acer Incorporated -> Microsoft)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\eMachines\OOBEOffer\OOTag.exe [13856 2010-02-23] (Acer Incorporated -> Microsoft)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] (Acer Incorporated -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-03-23] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3386438342-948231862-3273088082-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] (Acer Incorporated -> )
HKU\S-1-5-21-3386438342-948231862-3273088082-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\eMachines.scr [456224 2010-07-29] (Acer Incorporated -> )
HKLM\...\Windows x64\Print Processors\Canon TS3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDR.DLL [482816 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [257024 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3100 series: C:\Windows\system32\CNMLMDR.DLL [1302016 2017-03-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\Windows\system32\hpz3lw72.dll [46080 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\83.0.4529.97\Installer\chrmstp.exe [2020-06-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-19]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Dave\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F5B9D0B-4544-4129-AFEC-BC4BE17B351D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {161821B0-2D54-434D-A6CC-F802D634B276} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2602C6AC-EA7D-485D-BBA0-3E53780BDCCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {2759C0AF-19B8-415A-922B-B0FB86BFDB2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {2C07DD9F-7E8B-407C-B334-EB38C6EC06DA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2E5F3393-B2EC-4A7F-9FE5-7EE55CE005B4} - System32\Tasks\{119550F2-DA53-447E-8FBF-4D4385C41223} => C:\Windows\system32\pcalua.exe -a C:\Users\Dave\Downloads\SpyHunter-Installer.exe -d C:\Users\Dave\Downloads
Task: {40421BFC-F4F2-4EDC-A218-6EA64DD7EC37} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {64F3FC4A-1293-4D58-A71F-EB64E195E0A9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {680A34B3-B27D-46B5-86CC-2C48DCB8B24D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-29] (Facebook, Inc. -> Facebook Inc.)
Task: {68A55FCA-A045-4967-AB34-F38380030BA2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {6B8A45AD-3821-4632-A893-ACCA90A8292C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{119550F2-DA53-447E-8FBF-4D4385C41223}" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\{6AF7519B-0DAE-4932-BFDF-3F6EEEAE38E2}" /ENABLE
Task: {7AD15C98-7BB2-4266-B7AE-86168B72C6D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {8B532580-7124-4BD9-8FEC-6F3831E5F0EE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-29] (Facebook, Inc. -> Facebook Inc.)
Task: {91E8DB34-9BB3-4165-9DA0-540A2FD0A5B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {9331F427-E284-4605-B093-3E1AEEBF55DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {99F6599F-1694-443A-8D09-333C85DE0290} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1954104 2020-06-04] (Avast Software s.r.o. -> AVAST Software)
Task: {9DDD43A7-20E2-47FA-89DC-C1D0EBD47DF6} - System32\Tasks\{6AF7519B-0DAE-4932-BFDF-3F6EEEAE38E2} => C:\Windows\system32\pcalua.exe -a C:\Users\Dave\Downloads\FacebookGameroom.exe -d C:\Users\Dave\Downloads
Task: {A5B9F4F0-365D-4776-B7C2-0EBDA23A0C71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {B09B01C2-5494-44ED-B044-64CA209FEABA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {C7479F58-8BDC-45CF-9D4F-AB1EF182223D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {DB441C9E-7481-4FCD-9BFD-F39B104BD891} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {E4020714-41E7-49DE-A56B-44DF1110173C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F42D1F34-9066-4805-8EFD-4AF10C34B03C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1954104 2020-06-04] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{74E2BF45-B74D-4278-A7DF-13D98932F62C}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8216FDD7-FFC6-4D7F-8804-B5273519CEAD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=odc179
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-3386438342-948231862-3273088082-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3386438342-948231862-3273088082-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3386438342-948231862-3273088082-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2020-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2020-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation -> Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: fdmhm4o8.default-1460756312416
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416 [2020-06-30]
FF Notifications: Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416 -> hxxp://livemap.pogotoledo.com; hxxps://live.pogotoledoohio.com; hxxps://www.truthfinder.com; hxxps://myhomenetwork.att.com; hxxps://0.solo84.biz; hxxps://www.pinterest.com; hxxps://www.instagram.com
FF Extension: (Avast Online Security) - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\fdmhm4o8.default-1460756312416\Extensions\[email protected] [2020-06-17]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-27] [Legacy] [not signed]
FF HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2020-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2020-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-08-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-26] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-26] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3386438342-948231862-3273088082-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dave\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-3386438342-948231862-3273088082-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default [2020-04-25]
CHR Extension: (Avast Online Security) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-10] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\83.0.4529.97\elevation_service.exe [1062576 2020-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3051928 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
R2 DraftSight API Service; C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [78336 2012-07-07] (Dassault Systèmes) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] (NVIDIA Corporation -> )
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated -> Acer Incorporated)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated -> Acer Incorporated)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] (NVIDIA Corporation -> )
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [19456 2014-05-08] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-19] (Avast Software s.r.o. -> AVAST Software)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [23784 2016-10-06] (Wacom Technology Corporation -> Windows ® Win 7 DDK provider)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-06-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-06] (Malwarebytes Inc -> Malwarebytes)
S3 mr7910; C:\Windows\System32\DRIVERS\mr7910.sys [55808 2007-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Mars Semiconductor Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-30 20:42 - 2020-06-30 20:43 - 002291712 _____ (Farbar) C:\Users\Dave\Desktop\FRST64(1).exe
2020-06-30 20:10 - 2020-06-30 20:32 - 000114498 _____ C:\Users\Dave\Desktop\Fixlog.txt
2020-06-30 19:57 - 2020-06-30 19:57 - 000003288 ____N C:\bootsqm.dat
2020-06-30 19:55 - 2020-06-30 19:55 - 000000000 __SHD C:\found.002
2020-06-28 12:23 - 2020-06-28 12:24 - 000648828 _____ C:\Users\Dave\Desktop\DAVE-PC.txt
2020-06-28 12:18 - 2020-06-28 12:18 - 000000765 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-06-28 12:18 - 2020-06-28 12:18 - 000000765 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-06-28 12:18 - 2020-06-28 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-06-28 12:18 - 2020-06-28 12:18 - 000000000 ____D C:\Program Files\Speccy
2020-06-28 11:54 - 2020-06-28 11:54 - 006889184 _____ (Piriform Ltd) C:\Users\Dave\Desktop\spsetup132.exe
2020-06-28 11:45 - 2020-06-28 11:45 - 000007940 _____ C:\junk.txt
2020-06-27 16:29 - 2020-06-27 16:29 - 000009971 _____ C:\Users\Dave\Desktop\System Idle Process.txt
2020-06-27 16:25 - 2020-06-27 16:25 - 000036408 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2020-06-27 16:24 - 2020-06-27 16:24 - 002798456 _____ (Sysinternals - www.sysinternals.com) C:\Users\Dave\Desktop\procexp.exe
2020-06-27 16:21 - 2020-06-27 16:23 - 000013574 _____ C:\VEW.txt
2020-06-27 16:15 - 2020-06-27 16:15 - 000061440 _____ ( ) C:\Users\Dave\Desktop\VEW.exe
2020-06-27 15:18 - 2020-06-27 15:18 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-06-26 23:37 - 2020-06-26 23:40 - 000044173 _____ C:\Users\Dave\Desktop\Addition.txt
2020-06-26 23:34 - 2020-06-30 20:48 - 000034733 _____ C:\Users\Dave\Desktop\FRST.txt
2020-06-26 23:28 - 2020-06-26 23:28 - 002290688 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2020-06-07 23:18 - 2020-06-07 23:18 - 024166400 _____ C:\Program Files (x86)\GUT31DC.tmp
2020-06-07 23:18 - 2020-06-07 23:18 - 000000000 ____D C:\Program Files (x86)\GUM31BC.tmp
2020-06-07 18:18 - 2020-06-07 18:18 - 024166400 _____ C:\Program Files (x86)\GUT43C1.tmp
2020-06-07 18:18 - 2020-06-07 18:18 - 000000000 ____D C:\Program Files (x86)\GUM43A1.tmp
2020-06-07 12:20 - 2020-06-07 12:20 - 024166400 _____ C:\Program Files (x86)\GUT14BF.tmp
2020-06-07 12:20 - 2020-06-07 12:20 - 000000000 ____D C:\Program Files (x86)\GUM14BE.tmp
2020-06-06 21:49 - 2020-06-06 21:49 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-06-06 21:19 - 2020-06-06 21:19 - 024166400 _____ C:\Program Files (x86)\GUTFC00.tmp
2020-06-06 21:19 - 2020-06-06 21:19 - 000000000 ____D C:\Program Files (x86)\GUMFBFF.tmp
2020-06-06 16:10 - 2020-06-06 16:10 - 024166400 _____ C:\Program Files (x86)\GUTB6D0.tmp
2020-06-06 16:10 - 2020-06-06 16:10 - 000000000 ____D C:\Program Files (x86)\GUMB6CF.tmp
2020-06-05 21:03 - 2020-06-05 21:03 - 024166400 _____ C:\Program Files (x86)\GUT51E1.tmp
2020-06-05 21:03 - 2020-06-05 21:03 - 000000000 ____D C:\Program Files (x86)\GUM51E0.tmp
2020-06-04 21:45 - 2020-06-04 21:45 - 024166400 _____ C:\Program Files (x86)\GUT3F9F.tmp
2020-06-04 21:45 - 2020-06-04 21:45 - 000000000 ____D C:\Program Files (x86)\GUM3F9E.tmp
2020-06-03 21:07 - 2020-06-13 10:54 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-30 20:46 - 2015-08-04 22:09 - 000000000 ____D C:\FRST
2020-06-30 20:45 - 2009-07-14 00:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-30 20:45 - 2009-07-14 00:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-30 20:38 - 2016-11-18 07:16 - 000000000 ____D C:\Users\Dave\AppData\LocalLow\Mozilla
2020-06-30 20:38 - 2012-04-03 21:18 - 000000000 ____D C:\Users\Dave\AppData\Local\CrashDumps
2020-06-30 20:37 - 2018-06-09 12:11 - 000000000 ____D C:\Users\Dave\AppData\Local\AVAST Software
2020-06-30 20:35 - 2018-12-05 01:36 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-06-30 20:35 - 2011-11-18 21:46 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-30 20:34 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-30 20:04 - 2020-05-19 22:47 - 000003132 _____ C:\Windows\system32\Tasks\{6AF7519B-0DAE-4932-BFDF-3F6EEEAE38E2}
2020-06-30 20:04 - 2017-06-02 18:21 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-06-30 20:04 - 2013-06-21 22:23 - 000003138 _____ C:\Windows\system32\Tasks\{119550F2-DA53-447E-8FBF-4D4385C41223}
2020-06-30 20:04 - 2012-03-23 23:08 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-30 20:04 - 2012-03-23 23:08 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-30 20:03 - 2020-04-20 22:28 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-30 20:03 - 2012-09-29 10:31 - 000003908 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001UA
2020-06-30 20:03 - 2012-09-29 10:31 - 000003540 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3386438342-948231862-3273088082-1001Core
2020-06-30 20:02 - 2020-04-20 22:28 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-30 20:00 - 2019-02-22 23:31 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-06-30 19:59 - 2019-08-09 19:18 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-30 19:59 - 2018-03-14 19:30 - 000004458 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-30 18:09 - 2015-12-03 17:59 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-06-27 15:11 - 2012-03-23 23:07 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-22 16:53 - 2012-03-23 23:13 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-22 16:53 - 2012-03-23 23:13 - 000002152 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-22 16:53 - 2012-03-23 23:13 - 000002152 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-20 16:14 - 2012-08-06 19:20 - 000000000 ____D C:\Users\Dave\Documents\My Drawings
2020-06-17 18:14 - 2020-03-11 19:02 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-06-17 18:14 - 2018-06-09 12:15 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-06-17 18:14 - 2018-06-09 12:15 - 000002355 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-06-17 18:14 - 2018-06-09 12:15 - 000002355 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-06-16 17:13 - 2013-08-02 22:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-16 17:12 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2020-06-16 17:10 - 2013-08-02 21:58 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-06-13 10:59 - 2013-04-14 03:04 - 000000000 ____D C:\Users\UpdatusUser
2020-06-13 10:54 - 2018-12-11 23:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-09 20:03 - 2012-03-30 23:09 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-09 20:03 - 2012-03-15 22:27 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-09 20:03 - 2012-03-15 22:27 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-09 20:03 - 2011-03-31 05:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-06-04 21:56 - 2016-03-28 14:59 - 000002028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 21:45 - 2013-04-14 10:55 - 000007924 _____ C:\Windows\wininit.ini

==================== Files in the root of some directories ========

2020-04-20 23:00 - 2020-04-20 23:00 - 000000472 _____ () C:\Program Files (x86)\0420202023004583.bat
2020-06-07 12:20 - 2020-06-07 12:20 - 024166400 _____ () C:\Program Files (x86)\GUT14BF.tmp
2020-06-07 23:18 - 2020-06-07 23:18 - 024166400 _____ () C:\Program Files (x86)\GUT31DC.tmp
2020-06-04 21:45 - 2020-06-04 21:45 - 024166400 _____ () C:\Program Files (x86)\GUT3F9F.tmp
2020-06-07 18:18 - 2020-06-07 18:18 - 024166400 _____ () C:\Program Files (x86)\GUT43C1.tmp
2020-06-05 21:03 - 2020-06-05 21:03 - 024166400 _____ () C:\Program Files (x86)\GUT51E1.tmp
2020-06-06 16:10 - 2020-06-06 16:10 - 024166400 _____ () C:\Program Files (x86)\GUTB6D0.tmp
2020-06-06 21:19 - 2020-06-06 21:19 - 024166400 _____ () C:\Program Files (x86)\GUTFC00.tmp
2013-11-03 18:20 - 2014-06-26 17:47 - 000000035 _____ () C:\Users\Dave\AppData\Roaming\WB.CFG
2013-12-31 14:01 - 2014-01-03 13:38 - 000000005 _____ () C:\Users\Dave\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-11-03 18:20 - 2014-02-01 01:41 - 000000005 _____ () C:\Users\Dave\AppData\Roaming\WBPU-TTL.DAT

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-28 17:55
==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by Dave (30-06-2020 20:50:18)
Running from C:\Users\Dave\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-03-16 01:00:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3386438342-948231862-3273088082-500 - Administrator - Disabled)
Dave (S-1-5-21-3386438342-948231862-3273088082-1001 - Administrator - Enabled) => C:\Users\Dave
Guest (S-1-5-21-3386438342-948231862-3273088082-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3386438342-948231862-3273088082-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-3386438342-948231862-3273088082-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 83.0.4529.97 - AVAST Software)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6200 (HKLM-x32\...\{F631F1BE-00B0-49CF-8DFB-9885975B27CD}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
C6200_Help (HKLM-x32\...\{162d74e4-7d6d-4949-8018-50e96e314696}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DraftSight (HKLM-x32\...\{8EBF1B19-7756-42E5-A663-93ACB1D1FEA8}) (Version: 9.1.173 - Dassault Systemes)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0221.2011 - Acer Incorporated)
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Text Pad (HKLM-x32\...\Free Text Pad) (Version: 1.0 - Zenith Technology Limited)
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (HKLM-x32\...\{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (HKLM-x32\...\{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (HKLM-x32\...\{B28635AB-1DF3-4F07-BFEA-975D911B549B}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.11.3.0 - LG Electronics)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5249.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6684 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PS_AIO_02_ProductContext (HKLM-x32\...\{B4B2096B-B13E-408E-8985-BD07463D5487}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (HKLM-x32\...\{94F8D42D-BB31-4858-9705-7D756D8D9655}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{685B0843-6C8D-4E42-B60D-2B86B45526E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1146 - SUPERAntiSpyware.com)
tconnect Uploader (HKLM-x32\...\{9BA100BF-B59D-4657-9530-891B6EE24E31}) (Version: 2.4.13 - Tandem Diabetes Care, Inc.) Hidden
tconnect Uploader (HKLM-x32\...\InstallShield_{9BA100BF-B59D-4657-9530-891B6EE24E31}) (Version: 2.4.13 - Tandem Diabetes Care, Inc.)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-3386438342-948231862-3273088082-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Codec Pack (HKLM-x32\...\Windows Codec Pack11.041.44) (Version: 11.041.44 - Media Codecs Interactive)
Windows Driver Package - Abbott Labs (ADC) (ABB3410) Ports  (08/20/2010 6.1.7600.16385) (HKLM\...\EAABA618D0DC9DE364FD2DC5275356D95D21738D) (Version: 08/20/2010 6.1.7600.16385 - Abbott Labs (ADC))
Windows Driver Package - LifeScan Inc (silabenm) Ports  (04/24/2012 6.5.3.0) (HKLM\...\85826CFA743E51588AB2C35697F31CFB103E00AD) (Version: 04/24/2012 6.5.3.0 - LifeScan Inc)
Windows Driver Package - Prolific (Ser2pl) Ports  (04/02/2012 3.4.31.231) (HKLM\...\59FB067CC32267218DA603A4E568117953CD31C1) (Version: 04/02/2012 3.4.31.231 - Prolific)
Windows Driver Package - STMicroelectronics (usbser) Ports  (06/08/2010 1.00.0000.1) (HKLM\...\A54597F056F4EDE2433F3CB842410A4F5171F1E5) (Version: 06/08/2010 1.00.0000.1 - STMicroelectronics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2013-11-20] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-19] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Dave\Desktop\Stuff\Netflix.lnk -> C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe () -> hxxp://homepage.emachines.com/redirect.aspx?rid=09000003

==================== Loaded Modules (Whitelisted) =============

2012-07-07 07:01 - 2012-07-07 07:01 - 002623408 _____ () [File not signed] C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\QtCore4.dll
2012-07-07 07:01 - 2012-07-07 07:01 - 000948144 _____ () [File not signed] C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\QtNetwork4.dll
2012-07-07 07:01 - 2012-07-07 07:01 - 000387505 _____ () [File not signed] C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\QtXml4.dll
2009-09-20 13:24 - 2009-09-20 13:24 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 13:24 - 2009-09-20 13:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 13:24 - 2009-09-20 13:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2010-10-22 13:08 - 2010-10-22 13:08 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2019-04-13 13:20 - 000000044 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-3386438342-948231862-3273088082-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Fitbit Connect => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Fitbit Connect => "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8739928A-BE5C-446C-B0E0-4291BB78FAA6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944F18B4-2348-462B-A994-C69B20A15319}] => (Allow) LPort=2869
FirewallRules: [{3A686F86-81C7-4476-AD0A-B76C59948B24}] => (Allow) LPort=1900
FirewallRules: [{8ED5BDF2-34CD-49E0-A5AF-3DCB31E17385}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{70D0560B-B11B-41EE-824F-50BCCD82E82E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{460FB2F0-7C44-42B8-905E-A73E4A177E0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{209C159F-6500-4288-A31C-0D41277EACEA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B6D024A5-3E7D-4E3C-9A71-166E9ACA641D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{FE9178A9-0B5D-4950-83C4-328DF58FE6DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{059A8E39-AF51-460D-910B-275CA11D7DEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{E4FB83D0-9104-4F55-B6CD-536DE8D14762}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{A7DDCAC9-E9C4-46F1-AB2D-39010E1DC066}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{F6804E05-4415-4E7B-9E4E-EEE128791AB4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{4E0B0301-AED7-4449-B958-12E05DEED4E7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{6B50C10F-4892-49A1-8810-FC55392BE24D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{ED3656DB-3BF0-457C-91DE-89F919017AE6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{3534C275-82B8-4DB5-AF20-42AA94BA0E3E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{5EB8C8FC-2953-4B5E-B636-EA33E5A2E5E9}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{059E02F3-80B1-484B-9352-E99E87288501}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{56D85588-A90A-47EA-927E-F77099A5D48E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{392AAC56-9EB6-40CE-B53E-D3353D19871E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{0928A0D9-BC84-4D3A-B135-937E3D4C8DF9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{7EF279E3-B97F-4320-9109-632D00264BFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe (Hewlett Packard -> Hewlett-Packard Development Co. L.P.)
FirewallRules: [{13F52B63-340E-4424-8D31-8F1E9960B42C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{CDDFF6C8-D9BD-44FB-84A0-CCA6330A63C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{230F1142-A337-47B6-9622-08F8C4910C80}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{663AADDC-1E16-41F2-AEEC-34D9264798AD}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{D910256B-6A2C-4329-A0FA-52B916D5F3D8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E43D8AF-D74E-4294-A87F-42E94CABA106}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DAA705F5-51CE-4405-A583-8DF9FA92D550}] => (Allow) C:\Users\Dave\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{11C0E1CD-8821-42FF-B031-1D4317E788C7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDDF1E9C-1547-4C13-97CA-7EB44C8A6252}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D0BB555-1B26-4D4D-9A6E-BD806D040994}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93D49B60-9CA6-4639-AD86-476ECDFD7C52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C38082AE-CF34-4026-B084-24C9A48AC7D7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C3F415C-FD47-478B-8EB7-5A39EF58D481}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58331FDA-30E3-4D6A-A529-F6FD4BF9B592}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C0554F3-3186-4E75-B019-826788792A84}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8E1D47A8-2900-45CA-8E00-D28857D18EC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-01-2017 00:09:20 Scheduled Checkpoint
11-01-2017 04:01:13 Windows Update
23-02-2017 04:01:17 Windows Update
15-03-2017 03:01:22 Windows Update
13-04-2017 03:01:44 Windows Update
11-05-2017 03:01:48 Windows Update
14-05-2017 03:01:54 Windows Update
21-05-2017 16:08:55 Scheduled Checkpoint
23-05-2017 03:01:15 Windows Update
15-06-2017 03:01:41 Windows Update
13-07-2017 03:01:22 Windows Update
04-08-2017 22:43:04 Scheduled Checkpoint
09-08-2017 03:00:28 Windows Update
10-08-2017 03:00:32 Windows Update
13-09-2017 03:01:58 Windows Update
11-10-2017 03:01:34 Windows Update
04-11-2017 20:15:35 Removed Bonjour
04-11-2017 20:18:30 Removed Apple Application Support
04-11-2017 20:19:48 Removed Apple Mobile Device Support
04-11-2017 20:21:17 Removed Apple Software Update
04-11-2017 20:22:56 Removed iTunes
14-11-2017 18:10:29 Windows Update
15-11-2017 04:01:19 Windows Update
26-11-2017 14:18:08 Scheduled Checkpoint
04-12-2017 20:29:58 Removed Java 8 Update 25
04-12-2017 20:36:53 Removed Java 8 Update 31
04-12-2017 20:39:13 Removed Java 8 Update 111
04-12-2017 21:21:50 Restore Point Created by FRST
12-01-2018 08:03:27 Scheduled Checkpoint
07-04-2018 22:39:01 Scheduled Checkpoint
01-05-2018 21:37:19 Scheduled Checkpoint
20-07-2018 15:40:31 Scheduled Checkpoint
28-07-2018 00:00:05 Scheduled Checkpoint
13-09-2018 18:40:49 Scheduled Checkpoint
27-09-2018 15:04:25 Scheduled Checkpoint
09-10-2018 00:53:43 Scheduled Checkpoint
20-11-2018 07:28:30 Scheduled Checkpoint
19-12-2018 00:49:31 Scheduled Checkpoint
20-03-2019 23:36:59 Scheduled Checkpoint
01-06-2019 00:29:01 Scheduled Checkpoint
15-06-2019 23:26:47 Scheduled Checkpoint
17-07-2019 22:49:51 Scheduled Checkpoint
31-07-2019 12:38:22 Scheduled Checkpoint
08-08-2019 18:53:55 Scheduled Checkpoint
23-09-2019 21:41:10 Installed tconnect Uploader
26-10-2019 02:11:20 Scheduled Checkpoint
15-11-2019 00:52:47 Scheduled Checkpoint
14-12-2019 04:53:06 Scheduled Checkpoint
22-12-2019 03:55:48 Scheduled Checkpoint
01-02-2020 05:45:05 Scheduled Checkpoint
16-02-2020 01:26:11 Scheduled Checkpoint
29-03-2020 20:44:40 AdwCleaner_BeforeCleaning_29/03/2020_20:43:51
07-04-2020 11:35:39 Scheduled Checkpoint
20-04-2020 22:57:56 Removed Evernote v. 4.5.1
20-04-2020 23:01:43 Removed Fitbit Connect
20-04-2020 23:08:07 Removed Gtk# for .Net 2.12.26
20-04-2020 23:26:24 Removed Nero DiscSpeed 10.
20-04-2020 23:30:49 Removed Nero Express 10.
20-04-2020 23:32:55 Removed Nero Multimedia Suite 10 Essentials.
20-04-2020 23:38:28 Removed Norton Online Backup
20-04-2020 23:44:04 Removed Times Reader
28-04-2020 17:59:10 Scheduled Checkpoint
03-06-2020 18:44:54 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Photosmart C6300 series
Description: Photosmart C6300 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart C6200 series
Description: Photosmart C6200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/30/2020 08:45:40 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/30/2020 08:39:19 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (06/30/2020 08:37:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FacebookGameroom.exe, version: 1.23.7426.18586, time stamp: 0x5eac5a24
Faulting module name: CRYPT32.dll, version: 6.1.7601.23769, time stamp: 0x58ee4773
Exception code: 0xc0000005
Fault offset: 0x00027503
Faulting process id: 0x7b8
Faulting application start time: 0x01d64f3f6955a9e0
Faulting application path: C:\Users\Dave\AppData\Local\Facebook\Games\FacebookGameroom.exe
Faulting module path: C:\Windows\syswow64\CRYPT32.dll
Report Id: 13401b20-bb33-11ea-87fa-f80f413db0f9

Error: (06/30/2020 08:37:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FacebookGameroom.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at FacebookGames.WinTrust.WinVerifyTrust(IntPtr, System.Guid, FacebookGames.WinTrustData)
   at FacebookGames.WinTrust.VerifyEmbeddedSignature(System.String)
   at FacebookGames.SignatureHelper.VerifyFacebookSignature(System.String)
   at FacebookGames.FenixFinder.IsFenixDll(System.String)
   at System.Linq.Enumerable+WhereArrayIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext()
   at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.Collections.Generic.IEnumerable`1<System.__Canon>)
   at System.Linq.Enumerable.ToList[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>)
   at FacebookGames.FenixFinder.GetFenixFilesInPluginsDirectory()
   at FacebookGames.FenixFinder.FindLatestFenixVersionDownloaded()
   at FacebookGames.FenixFinder.CheckIfFenixIsPackaged(Boolean)
   at FacebookGames.Program.InitializeCefSettings()
   at FacebookGames.Program.OnInstanceNotRunnning()
   at FacebookGames.SingleInstanceProgramHelper.RunSingleInstanceProgram(System.String, OnInstanceNotRunningDelegate, OnInstanceAlreadyRunningDelegate)
   at FacebookGames.Program.Main()

Error: (06/30/2020 08:35:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/30/2020 08:49:29 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/30/2020 08:49:29 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: Hitachi HDS721010CLA332

Firmware Version: JP4O

Serial Number:       JP2940J83HKPGV

Port: 0

Error: (06/30/2020 08:49:25 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/30/2020 08:49:25 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: Hitachi HDS721010CLA332

Firmware Version: JP4O

Serial Number:       JP2940J83HKPGV

Port: 0


==================== Memory info ===========================

BIOS: American Megatrends Inc. P01-B4 11/04/2011
Motherboard: eMachines EL1358G
Processor: AMD Athlon™ II X2 220 Processor
Percentage of memory in use: 87%
Total physical RAM: 2815.37 MB
Available physical RAM: 353.08 MB
Total Virtual: 5628.92 MB
Available Virtual: 1797.48 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:403.32 GB) NTFS

\\?\Volume{bd45a545-124f-11e1-be3d-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{bd45a544-124f-11e1-be3d-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:19.53 GB) (Free:8.3 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 35D5C1F3)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


  • 0

#10
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by Dave (30-06-2020 21:06:24)
Running from C:\Users\Dave\Desktop
Boot Mode: Normal

================== Search Files: "mfc100enu.dll;ifc100esn.dll" =============

C:\Windows\SysWOW64\mfc100enu.dll
[2011-06-11 02:58][2011-06-11 02:58] 000055120 _____ (Microsoft Corporation) 2A2C442F00B45E01D4C882EEA69A01BC [File is digitally signed]

C:\Windows\System32\mfc100enu.dll
[2011-06-11 02:15][2011-06-11 02:15] 000055120 _____ (Microsoft Corporation) 5E2F28A979A0CE9B43F1815A593617C5 [File is digitally signed]

C:\Program Files\Microsoft Office 15\root\vfs\SystemX86\mfc100enu.dll
[2013-08-02 21:59][2013-08-02 22:04] 000055120 _____ (Microsoft Corporation) F908FE45F8FE9E0D4CBE65F9FF5DF6DA [File is digitally signed]

C:\Program Files\Microsoft Office 15\root\vfs\System\mfc100enu.dll
[2013-08-02 22:04][2013-08-02 22:27] 000055120 _____ (Microsoft Corporation) 91D051930E1AC33FBD9014FF3CB9B5BD [File is digitally signed]


====== End of Search ======


  • 0

#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

We are getting the disk error again:
 

 

Error: (06/30/2020 08:49:25 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/30/2020 08:49:25 PM) (Source: nvstor64) (EventID: 3) (User: )
Description: Data error on device.

 

 

I see you have speccy.  Let's see if we can read the S.M.A.R.T. info on the drive.

 

 Run Speccy (right click and run as admin).  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 

Also let's check Process Explorer:

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.



 


  • 0

#12
psu88

psu88

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    91.31    0 K    24 K    0            
procexp64.exe    2.24    30,884 K    52,724 K    3964    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
WmiPrvSE.exe    1.56    8,460 K    13,276 K    3472    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    0.87    0 K    0 K    n/a    Hardware Interrupts and DPCs        
dwm.exe    0.77    34,292 K    32,660 K    1368    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.64    14,868 K    13,388 K    248    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.49    76,644 K    92,564 K    1768    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SeaPort.EXE    0.44    5,164 K    4,188 K    408    Microsoft SeaPort Search Enhancement Broker    Microsoft Corporation    (Verified) Microsoft Corporation
System    0.35    5,640 K    1,456 K    4            
AvastUI.exe    0.21    30,876 K    27,404 K    1808    Avast Antivirus    AVAST Software    (Verified) Avast Software s.r.o.
csrss.exe    0.21    7,940 K    8,456 K    524    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.20    30,356 K    32,876 K    284    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.12    19,788 K    14,136 K    976    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
explorer.exe    0.12    43,476 K    42,316 K    1392    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.10    15,320 K    12,004 K    1096    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.07    5,712 K    5,432 K    2656    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
SUPERANTISPYWARE.EXE    0.07    16,516 K    5,792 K    1796    SUPERAntiSpyware Application    SUPERAntiSpyware    (Verified) Support.com Inc
firefox.exe    0.05    231,648 K    158,500 K    5372    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe    0.04    108,244 K    27,364 K    6768    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
WLIDSVC.EXE    0.04    7,096 K    4,976 K    3048    Microsoft® Windows Live ID Service    Microsoft Corp.    (Verified) Microsoft Corporation
AvastSvc.exe    0.02    117,652 K    41,296 K    1160    Avast Service    AVAST Software    (Verified) Avast Software s.r.o.
CCleaner64.exe    0.02    28,100 K    4,352 K    2176    CCleaner    Piriform Software Ltd    (Verified) Piriform Software Ltd
SASCORE64.EXE    0.01    1,956 K    892 K    1048    Core Service    SUPERAntiSpyware.com    (Verified) SUPERAntiSpyware.com
svchost.exe    0.01    5,784 K    6,120 K    880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.01    3,852 K    3,900 K    5012    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
taskhost.exe    0.01    12,508 K    9,396 K    1620    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe    0.01    22,664 K    4,360 K    4276    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
AvastBrowserUpdate.exe    0.01    2,392 K    2,996 K    3640    Avast Browser Update    AVAST Software    (Verified) AVAST Software s.r.o.
daemonu.exe    0.01    2,796 K    1,648 K    2192    NVIDIA Settings Update Manager    NVIDIA Corporation    (Verified) NVIDIA Corporation
svchost.exe    < 0.01    127,772 K    122,788 K    2080    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
officeclicktorun.exe    < 0.01    30,056 K    21,600 K    2064    Microsoft Office Click-to-Run    Microsoft Corporation    (Verified) Microsoft Corporation
lsass.exe    < 0.01    7,300 K    8,448 K    636    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    11,576 K    11,080 K    5824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
nvvsvc.exe    < 0.01    5,288 K    3,560 K    1232    NVIDIA Driver Helper Service, Version 307.83    NVIDIA Corporation    (Verified) NVIDIA Corporation
WmiPrvSE.exe    < 0.01    18,952 K    24,940 K    4516    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
MBAMService.exe    < 0.01    21,184 K    24,040 K    3104    Malwarebytes Service    Malwarebytes    (Verified) Malwarebytes Inc
svchost.exe    < 0.01    14,872 K    12,692 K    1752    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        1,936 K    1,344 K    2088    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVCM.EXE        1,208 K    520 K    3236    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.    (Verified) Microsoft Corporation
winlogon.exe        2,876 K    1,664 K    580    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,472 K    468 K    532    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows
UpdaterService.exe        1,116 K    888 K    2876    Updater Service    Acer Incorporated    (Verified) Acer Incorporated
unsecapp.exe        2,112 K    2,400 K    3340    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
taskhost.exe        5,584 K    1,140 K    6252    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
taskeng.exe        2,224 K    2,992 K    2140    Task Scheduler Engine    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        7,104 K    7,616 K    1008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,524 K    4,436 K    744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        1,708 K    688 K    7036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,820 K    2,296 K    2852    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,488 K    2,684 K    2756    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,516 K    3,284 K    708    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        5,892 K    7,280 K    2332    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
spoolsv.exe        8,084 K    6,364 K    1664    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        580 K    528 K    332    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows
sftvsa.exe        1,412 K    432 K    2960    Microsoft Application Virtualization Virtual Service Agent    Microsoft Corporation    (Verified) Microsoft Corporation
sftlist.exe        6,504 K    2,796 K    3268    Microsoft Application Virtualization Client Service    Microsoft Corporation    (Verified) Microsoft Corporation
services.exe        8,424 K    7,448 K    628    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows
RAVCpl64.exe        8,972 K    2,588 K    1732    Realtek HD Audio Manager    Realtek Semiconductor    (A certificate was explicitly revoked by its issuer) Realtek Semiconductor
procexp.exe        3,792 K    8,012 K    6472    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
nvxdsync.exe        7,464 K    9,528 K    1224    NVIDIA User Experience Driver Component    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvvsvc.exe        2,620 K    3,264 K    840    NVIDIA Driver Helper Service, Version 307.83    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvtray.exe        8,968 K    5,448 K    1468    NVIDIA Settings    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvSCPAPISvr.exe        2,364 K    1,116 K    1908    Stereo Vision Control Panel API Server    NVIDIA Corporation    (Verified) NVIDIA Corporation
nSvcIp.exe        2,760 K    4,372 K    3192    NVIDIA Corporation        (Verified) NVIDIA Corporation
nSvcAppFlt.exe        2,072 K    1,832 K    2692    app_filter Module        (Verified) NVIDIA Corporation
msiexec.exe        3,832 K    10,452 K    5928    Windows® installer    Microsoft Corporation    (Verified) Microsoft Windows
mbamtray.exe        26,320 K    9,520 K    5456    Malwarebytes Tray Application    Malwarebytes    (Verified) Malwarebytes Inc
lsm.exe        2,716 K    2,156 K    644    Local Session Manager Service    Microsoft Corporation    (Verified) Microsoft Windows
jusched.exe        5,300 K    3,648 K    2488    Java Update Scheduler    Oracle Corporation    (Verified) Oracle America, Inc.
jucheck.exe        5,600 K    3,868 K    6304    Java Update Checker    Oracle Corporation    (Verified) Oracle America, Inc.
HotkeyUtility.exe        7,616 K    2,688 K    2400    Hotkey Utility        (Verified) Acer Incorporated
GREGsvc.exe        832 K    292 K    2824    Global Registration Service    Acer Incorporated    (Verified) Acer Incorporated
GoogleCrashHandler64.exe        1,580 K    528 K    5348    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler.exe        1,440 K    528 K    3564    Google Crash Handler    Google LLC    (Verified) Google LLC
firefox.exe        66,996 K    62,308 K    5380    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        17,324 K    3,516 K    5512    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        13,176 K    20,316 K    736    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
FacebookUpdate.exe        2,680 K    744 K    3324    Facebook Installer    Facebook Inc.    (Verified) Facebook, Inc.
dsHttpApiService.exe        2,380 K    808 K    2360    DraftSight API Service    Dassault Systèmes    (No signature was present in the subject) Dassault Systèmes
dllhost.exe        2,564 K    1,992 K    2280    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
CVHSVC.EXE        3,944 K    1,760 K    3076    Microsoft Office Client Virtualization Service     Microsoft Corporation    (Verified) Microsoft Corporation
ctfmon.exe        2,120 K    768 K    4424    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        2,576 K    2,472 K    464    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
AvastUI.exe        11,248 K    2,744 K    6164    Avast Antivirus    AVAST Software    (Verified) Avast Software s.r.o.
AvastBrowserCrashHandler64.exe        1,692 K    592 K    2216    Avast Browser Update    AVAST Software    (Verified) AVAST Software s.r.o.
AvastBrowserCrashHandler.exe        1,768 K    1,232 K    2236    Avast Browser Update    AVAST Software    (Verified) AVAST Software s.r.o.
aswEngSrv.exe        9,516 K    26,656 K    7160    Avast Antivirus engine server    AVAST Software    (Verified) Avast Software s.r.o.
armsvc.exe        1,120 K    372 K    1316    Adobe Acrobat Update Service    Adobe Systems    (Verified) Adobe Inc.


 

Attached Files


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,921 posts
  • MVP

Speccy talks about some bad sectors.  Since the disk check didn't fix the problem we need to run the drive maker's test.  Your drive is an orphan now since Western Digital bought up the company but the drive test is still available.

 

https://www.softpedi...ness-Test.shtml

 

Download, Save & right click then Extract All, Extract.  To just run the test, right click on WinDFT.exe and Run As Admin.  To install the test you can do the same to setup.exe.

 

It should see your drive.  Check the box in front of your drive then Ext Test.  Will take several hours to complete.

 

Often a test will fail but offer to try to fix the drive.  You may want to stop the test and back up any data you can't afford to lose then go back and let it try to fix it.

 

Once done rerun the disk check we did previously

http://www.geekstogo...w/#entry2650861


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP