I was trying to install OpenCV from: https://opencv.org/releases.html using the official download link Win Pack 3.4.0:
Before the download finished Windows Defender quarantined the .part file opencv-3.4.0-vc14_vc15.exe.part.
This stopped the download from firefox. I put the file onto virus total to get better details and make sure it's not a false positive.https://www.virustot...89e3b/detection
2/61 is not a lot of flags, but it also meant that there might be something going on with it.
I just want to make sure there is no issue. OpenCV seems like a trustworthy program as well
There are no symptoms of infection, but the flag is still there. A scan with Malwarebytes turns up nothing.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2018
Ran by jj (administrator) on JJ-PC (01-01-2018 16:12:40)
Running from C:\Users\jj\Desktop
Loaded Profiles: jj (Available Profiles: jj)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
2017-12-31 08:35 - 2017-09-26 22:42 - 000000000 ____D C:\Users\jj\AppData\Roaming\discord
2017-12-31 08:34 - 2017-09-20 19:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-12-31 08:34 - 2017-08-19 06:35 - 000000000 __SHD C:\Users\jj\IntelGraphicsProfiles
2017-12-31 08:34 - 2017-08-19 06:16 - 000000000 ____D C:\Users\jj\AppData\LocalLow\Mozilla
2017-12-30 14:16 - 2017-09-30 01:36 - 000000000 ____D C:\Program Files\Notepad++
2017-12-30 14:10 - 2017-08-19 09:14 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-30 04:42 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-30 04:42 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-29 16:07 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-29 09:52 - 2017-09-29 00:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-12-29 07:31 - 2017-08-19 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
2017-12-29 07:31 - 2017-08-19 04:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-12-29 06:57 - 2017-03-18 03:40 - 000000000 ____D C:\Temp1234
2017-12-28 19:22 - 2017-09-29 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-28 16:28 - 2017-08-19 06:16 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-28 16:28 - 2017-08-19 06:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-28 05:04 - 2017-11-28 15:52 - 000000000 ____D C:\Program Files (x86)\Overwatch
2017-12-28 05:04 - 2017-11-28 15:51 - 000000000 ____D C:\Users\jj\AppData\Local\Battle.net
2017-12-28 05:04 - 2017-11-28 15:50 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-12-27 21:55 - 2017-08-19 23:45 - 000000000 ____D C:\ProgramData\Hi-Rez Studios
2017-12-27 21:55 - 2017-08-19 23:45 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-12-27 18:01 - 2017-08-19 05:40 - 000000000 ____D C:\Users\jj\AppData\Local\ElevatedDiagnostics
2017-12-27 13:47 - 2017-07-12 17:25 - 000000000 ____D C:\Users\jj\AppData\Local\VirtualStore
2017-12-27 06:58 - 2017-09-11 23:21 - 000033792 _____ (www.vtaskstudio.com) C:\Users\jj\Desktop\tinytask.exe
2017-12-22 16:16 - 2017-09-20 23:24 - 000807464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-12-22 05:26 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-15 16:23 - 2016-09-12 20:10 - 004485376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-12-15 16:23 - 2016-09-12 20:10 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-12-15 16:23 - 2016-08-02 23:05 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-12-15 15:15 - 2017-09-15 17:39 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-15 14:34 - 2017-09-20 19:49 - 005964688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-12-15 14:34 - 2017-09-20 19:49 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-12-15 14:34 - 2017-09-20 19:49 - 001767408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-12-15 14:34 - 2017-09-20 19:49 - 000608056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-12-15 14:34 - 2017-09-20 19:49 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-12-15 14:34 - 2017-09-20 19:49 - 000123704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-12-15 14:34 - 2017-09-20 19:49 - 000082928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-12-14 10:17 - 2017-09-20 19:49 - 007917671 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-12-13 23:45 - 2017-09-20 19:51 - 001155182 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-13 23:45 - 2017-08-21 02:56 - 000000000 ____D C:\ProgramData\Intel
2017-12-13 23:44 - 2017-09-20 19:49 - 000000000 ____D C:\Program Files\Intel
2017-12-12 23:48 - 2017-09-29 16:58 - 000000000 ____D C:\Users\jj\AppData\Roaming\NVIDIA
2017-12-12 23:48 - 2017-09-20 19:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-12 23:47 - 2017-09-20 19:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-12 23:34 - 2017-09-20 19:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-12 23:33 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-12 23:33 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-12 23:33 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-12 23:33 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-12 23:33 - 2017-09-29 00:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-12 21:18 - 2017-09-20 19:49 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-12 20:19 - 2017-10-10 13:01 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-12 20:19 - 2017-08-19 08:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-12 20:19 - 2017-08-19 08:00 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-11 19:47 - 2017-08-19 06:16 - 000000000 ____D C:\Users\jj\AppData\Roaming\Mozilla
2017-12-11 19:46 - 2017-08-19 07:34 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-12-11 16:34 - 2017-09-26 22:42 - 000000000 ____D C:\Users\jj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-12-11 16:34 - 2017-09-26 22:42 - 000000000 ____D C:\Users\jj\AppData\Local\Discord
2017-12-10 03:23 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-09 23:47 - 2017-09-29 05:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-12-09 23:32 - 2017-09-29 05:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-09 23:31 - 2017-09-20 19:59 - 000000000 ____D C:\Users\jj\AppData\Local\TileDataLayer
2017-12-09 23:31 - 2017-09-20 17:21 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-12-09 23:30 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-09 23:30 - 2017-09-29 00:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-09 23:29 - 2017-09-29 05:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-09 23:29 - 2017-09-20 19:54 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-09 23:27 - 2017-09-29 05:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-09 23:22 - 2017-09-29 00:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-09 23:20 - 2017-09-29 05:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-09 23:18 - 2017-11-28 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2017-12-09 23:18 - 2017-11-28 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-12-09 23:18 - 2017-11-14 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-09 23:18 - 2017-09-29 05:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\schemas
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-09 23:18 - 2017-09-29 05:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-09 23:18 - 2017-09-25 07:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-09 23:18 - 2017-09-01 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.7
2017-12-09 23:18 - 2017-08-19 06:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-12-09 23:18 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-09 23:18 - 2009-07-13 19:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-12-09 23:17 - 2017-11-12 22:28 - 000000000 ____D C:\Program Files\Synaptics
2017-12-09 23:17 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\OCR
2017-12-09 23:17 - 2017-09-20 19:49 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2017-12-09 23:17 - 2009-07-13 21:32 - 000000000 ____D C:\Program Files\Microsoft Games
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-09 23:16 - 2017-09-29 06:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-09 23:16 - 2017-09-29 05:46 - 000000000 ____D C:\PerfLogs
2017-12-09 23:13 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-12-09 23:13 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-12-09 07:12 - 2017-10-31 17:25 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-12-06 23:27 - 2017-11-28 15:52 - 000000000 ____D C:\Users\jj\AppData\Local\Blizzard Entertainment
2017-12-05 13:17 - 2016-09-12 20:10 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETF6B5.tmp
2017-12-05 13:17 - 2016-09-12 20:10 - 003817400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SET5B8.tmp
2017-12-03 14:38 - 2017-09-29 05:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-03 14:38 - 2017-09-29 05:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2017-08-19 04:33 - 2017-08-19 05:41 - 000000000 _____ () C:\Users\jj\AppData\Local\Driver_LOM_8161Present.flag
2017-12-29 08:54 - 2017-12-29 08:54 - 000035960 _____ () C:\Users\jj\AppData\Local\recently-used.xbel
2017-09-20 18:08 - 2017-11-06 23:07 - 000007602 _____ () C:\Users\jj\AppData\Local\resmon.resmoncfg
Some files in TEMP:
2018-01-01 11:48 - 2017-12-05 11:36 - 000371184 _____ (NVIDIA Corporation) C:\Users\jj\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-30 11:43
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2018
Ran by jj (01-01-2018 16:13:09)
Running from C:\Users\jj\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-10 07:31:20)
Boot Mode: Normal
==================== Accounts: =============================
Administrator (S-1-5-21-1811013842-2646865305-2902354037-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1811013842-2646865305-2902354037-503 - Limited - Disabled)
Guest (S-1-5-21-1811013842-2646865305-2902354037-501 - Limited - Disabled)
jj (S-1-5-21-1811013842-2646865305-2902354037-1000 - Administrator - Enabled) => C:\Users\jj
WDAGUtilityAccount (S-1-5-21-1811013842-2646865305-2902354037-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell System Detect (HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\d24084d039586cae) (Version: - Dell)
Discord (HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\Discord) (Version: 0.0.299 - Discord Inc.)
Firefox Developer Edition 58.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 58.0 (x64 en-US)) (Version: 58.0 - Mozilla)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: - Intel Corporation)
Malwarebytes version (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 57.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.3 (x64 en-US)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
NVIDIA 3D Vision Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation)
NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation)
NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )
Python 3.6.4 (32-bit) (HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\{9218130b-5ad0-4cf7-82be-6993cfd6cb84}) (Version: 3.6.4150.0 - Python Software Foundation)
Python 3.6.4 Add to Path (32-bit) (HKLM-x32\...\{B7F6071F-CC88-469C-9AC6-BEBA83594819}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Core Interpreter (32-bit) (HKLM-x32\...\{D188614B-E656-4EF1-9F5A-23559EBE8F5A}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Development Libraries (32-bit) (HKLM-x32\...\{C3797E33-967D-4687-8F1A-9DE771A00125}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Documentation (32-bit) (HKLM-x32\...\{E09874D3-E898-4AB6-B043-EE24DF786088}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Executables (32-bit) (HKLM-x32\...\{47A75DB9-F3F5-4697-9261-DBA5162DBB9E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 pip Bootstrap (32-bit) (HKLM-x32\...\{54142B43-2FA5-4BBA-BF03-27C10EB50C1E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Standard Library (32-bit) (HKLM-x32\...\{2832768E-9BCA-4421-950C-7186B3BDFC45}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Tcl/Tk Support (32-bit) (HKLM-x32\...\{20888FA1-8127-42E3-969F-9BF93245AC83}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Test Suite (32-bit) (HKLM-x32\...\{D14FB2FA-51B2-415C-93BF-5053102235EE}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python 3.6.4 Utility Scripts (32-bit) (HKLM-x32\...\{D0730E44-E519-4F39-B926-E2FC0449D67C}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B42FF40A-60D4-4096-AC47-C86153D72797}) (Version: 3.6.6196.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.28144 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: - Synaptics Incorporated)
Twitch (HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: - Epic Games, Inc.) Hidden
Vulkan Run Time Libraries (HKLM\...\VulkanRT1.0.61.0) (Version: - LunarG, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: - Broadcom Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1811013842-2646865305-2902354037-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\jj\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1811013842-2646865305-2902354037-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\jj\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1811013842-2646865305-2902354037-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\jj\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-28] (Igor Pavlov)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-28] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-28] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1098D5D8-9508-402C-BD4D-46FDC299DCD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-06] (Microsoft Corporation)
Task: {221B5F0E-CB0A-4D53-8339-C0D58E8E49F7} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {2C122827-88C0-4621-878C-549F7B2A4BEA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {363BB2CF-A293-4E6C-B019-CD5FB1B4E2B9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F58CA2D-7E53-4F5D-B103-0ED8C2211D75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-06] (Microsoft Corporation)
Task: {4922CB50-4E77-4B03-87EF-54F859FE779C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {55F4D611-49DD-4E53-B75D-9DA1538C333B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation)
Task: {571ABAEE-B1B3-4CD7-B266-529FE4D813DD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5891B441-A5E7-404F-9B08-1A7E7DFD0402} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {6842EC2A-AB6B-439D-8C03-C8A2E114FFB1} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation)
Task: {6A5E444A-5722-4571-B272-4BC94393970A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation)
Task: {7875F204-D5D9-4647-8079-F5634264E26B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {7EC87130-9230-4286-82CC-273AFBC354FF} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-04] (Realtek Semiconductor)
Task: {87859C0D-F88C-4559-9A33-62B721F748D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-06] (Microsoft Corporation)
Task: {8F9AC82A-2F65-4BE8-8C1F-DD004FB86D9E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9545099C-0085-4E2F-8205-A2DB6517AF0B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9BD038E3-DCCF-4D5C-ADB0-9DFAC83BBF4B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {9D5518C7-08A4-46C0-9F45-052119101F3B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9EE92486-117C-4C9C-8EA7-2920C6690C24} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1B9349F-5FC3-48FD-A6D7-ED7C54286FAA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation)
Task: {A9226B39-869B-4A47-A964-F9E733BE04FA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
Task: {ABEC40F8-8A3F-49CE-9589-65433680520B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE537A76-E4D2-4E70-B348-3F1243DA4330} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B04302A9-7319-4F8C-A544-9EB8603F87C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B9B3E64C-B8FB-41E2-9336-FAA1C6DC5BFA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
Task: {C0A0B1BC-A1B9-403E-996C-5601415BB614} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2FB1912-C1C9-44C3-8548-B7EB8B006AC6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D6B0F706-BD0E-433B-A72D-018BD6CE9BC4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DDEB8E82-1D61-4ECA-8114-DBDE919C3027} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DE43B4DA-C351-4219-A473-4638BA4BEE2D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E1411781-D49F-4ECA-A2C1-FF2BB44BB09A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E24A508F-6A15-4D4B-AA96-09C1EF737C0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-06] (Microsoft Corporation)
Task: {F238E230-F945-4C89-B68D-2EEA4DF19EC8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {F52B91DB-4093-4D16-A261-7DE299CA9810} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F7AF0DE3-DB46-444B-9FAC-3A91CBBD5ED9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {FCF9892B-7C00-4BA4-A4DB-3DF5CF3ABD6C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\jj\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
==================== Loaded Modules (Whitelisted) ==============
2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000419840 _____ () c:\windows\system32\SSDM.dll
2017-09-15 17:39 - 2017-11-15 17:38 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-09 23:15 - 2017-12-09 23:15 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-09 23:15 - 2017-12-09 23:15 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-11 19:40 - 2017-12-11 19:41 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-11 19:40 - 2017-12-11 19:41 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-11 19:40 - 2017-12-11 19:41 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-11 19:40 - 2017-12-11 19:41 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-05 15:54 - 2017-12-05 15:54 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-15 06:34 - 2017-12-15 06:34 - 004320256 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1712.3352.0_x64__8wekyb3d8bbwe\Time.exe
2017-12-15 06:34 - 2017-12-15 06:34 - 000899072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1712.3352.0_x64__8wekyb3d8bbwe\TimeControls.dll
2017-12-15 06:34 - 2017-12-15 06:34 - 000783360 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1712.3352.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-12-13 13:28 - 2017-12-13 13:28 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 00:48 - 2017-10-04 00:49 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-10 08:42 - 2017-11-10 08:43 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-04 00:48 - 2017-10-04 00:49 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-09-20 20:32 - 2017-09-20 20:32 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-12-13 13:28 - 2017-12-13 13:28 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2017-12-30 14:21 - 2017-09-13 17:11 - 000742512 _____ () C:\Program Files\Sublime Text 3\plugin_host.exe
2017-12-14 10:15 - 2017-12-14 10:15 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-20 19:49 - 2017-12-15 14:34 - 000133704 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 004173824 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-09-29 05:41 - 2017-09-29 05:41 - 003634176 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-10-31 17:25 - 2017-12-09 07:12 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-15 17:39 - 2017-11-15 17:38 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-21 21:37 - 2017-12-21 21:37 - 000064512 _____ () C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_1.5.2.0_x86__1sdd7yawvg6ne\EarTrumpet.Interop.dll
2017-12-11 16:34 - 2017-12-11 10:54 - 001893880 _____ () C:\Users\jj\AppData\Local\Discord\app-0.0.299\ffmpeg.dll
2017-12-11 19:47 - 2017-12-11 19:47 - 001886712 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_toaster\discord_toaster.node
2017-12-11 19:47 - 2017-12-11 19:47 - 001773560 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_overlay2\discord_overlay2.node
2017-12-11 16:34 - 2017-12-11 10:54 - 001938424 _____ () C:\Users\jj\AppData\Local\Discord\app-0.0.299\libglesv2.dll
2017-12-11 16:34 - 2017-12-11 10:54 - 000095736 _____ () C:\Users\jj\AppData\Local\Discord\app-0.0.299\libegl.dll
2017-12-11 19:47 - 2017-12-11 19:47 - 009802232 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_voice\discord_voice.node
2017-12-11 19:47 - 2017-12-11 19:47 - 001505784 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_utils\discord_utils.node
2017-12-11 19:47 - 2017-12-11 19:47 - 000513016 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_erlpack\discord_erlpack.node
2017-12-11 19:47 - 2017-12-11 19:47 - 002662904 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_rpc\discord_rpc.node
2017-12-11 19:47 - 2017-12-11 19:47 - 001517048 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_game_utils\discord_game_utils.node
2017-12-11 19:48 - 2017-12-11 19:48 - 002749944 _____ () \\?\C:\Users\jj\AppData\Roaming\discord\0.0.299\modules\discord_contact_import\discord_contact_import.node
2017-12-13 23:45 - 2013-09-18 05:33 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000036878 _____ () C:\Program Files (x86)\Pidgin\libssp-0.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000671031 _____ () C:\Program Files (x86)\Pidgin\exchndl.dll
2017-12-21 22:12 - 2017-12-21 22:12 - 000904525 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2017-12-21 22:12 - 2017-12-21 22:12 - 000279059 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2017-12-21 22:12 - 2017-12-21 22:12 - 000118272 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2017-12-21 22:12 - 2017-12-21 22:12 - 000553382 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2017-12-21 22:12 - 2017-12-21 22:12 - 000177586 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 001136034 _____ () C:\Program Files (x86)\Pidgin\libxml2-2.dll
2017-12-21 22:12 - 2017-12-21 22:12 - 000216992 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000475580 _____ () C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000020997 _____ () C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000013253 _____ () C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000024924 _____ () C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000015702 _____ () C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000014147 _____ () C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000018882 _____ () C:\Program Files (x86)\Pidgin\plugins\history.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000012865 _____ () C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000019043 _____ () C:\Program Files (x86)\Pidgin\plugins\idle.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000018555 _____ () C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000015074 _____ () C:\Program Files (x86)\Pidgin\plugins\libaim.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000315843 _____ () C:\Program Files (x86)\Pidgin\liboscar.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000093066 _____ () C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000332178 _____ () C:\Program Files (x86)\Pidgin\plugins\libgg.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000016005 _____ () C:\Program Files (x86)\Pidgin\plugins\libicq.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000108441 _____ () C:\Program Files (x86)\Pidgin\plugins\libirc.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000128694 _____ () C:\Program Files (x86)\Pidgin\libsasl2-3.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000123540 _____ () C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000116071 _____ () C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000152852 _____ () C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000171123 _____ () C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000225616 _____ () C:\Program Files (x86)\Pidgin\libsilcclient-1-1-4.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000868705 _____ () C:\Program Files (x86)\Pidgin\libsilc-1-1-4.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000055880 _____ () C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000021337 _____ () C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000416644 _____ () C:\Program Files (x86)\Pidgin\libjabber.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000047934 _____ () C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000021795 _____ () C:\Program Files (x86)\Pidgin\plugins\markerline.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000013456 _____ () C:\Program Files (x86)\Pidgin\plugins\newline.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000029737 _____ () C:\Program Files (x86)\Pidgin\plugins\notify.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000021075 _____ () C:\Program Files (x86)\Pidgin\plugins\nss-prefs.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000017023 _____ () C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000029256 _____ () C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000015380 _____ () C:\Program Files (x86)\Pidgin\plugins\psychic.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000015429 _____ () C:\Program Files (x86)\Pidgin\plugins\relnot.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000015045 _____ () C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000069625 _____ () C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000031993 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000012004 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000015978 _____ () C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000030353 _____ () C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000032020 _____ () C:\Program Files (x86)\Pidgin\plugins\ticker.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000018399 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000023851 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000029791 _____ () C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000030771 _____ () C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000037191 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000044494 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000048402 _____ () C:\Program Files (x86)\Pidgin\sasl2\libanonymous-3.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000049962 _____ () C:\Program Files (x86)\Pidgin\sasl2\libcrammd5-3.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000079858 _____ () C:\Program Files (x86)\Pidgin\sasl2\libdigestmd5-3.dll
2017-03-09 18:12 - 2017-03-09 18:12 - 000048907 _____ () C:\Program Files (x86)\Pidgin\sasl2\libplain-3.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000554496 _____ () C:\Program Files (x86)\Pidgin\sqlite3.dll
2017-12-21 22:12 - 2017-12-21 22:12 - 000090496 _____ () C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000509014 _____ () C:\Program Files (x86)\Pidgin\spellcheck\lib\enchant\libenchant_ispell.dll
2017-03-09 18:11 - 2017-03-09 18:11 - 000999501 _____ () C:\Program Files (x86)\Pidgin\spellcheck\lib\enchant\libenchant_myspell.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 18:34 - 2017-11-11 00:50 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jj\Desktop\Eye.png
DNS Servers: -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Command Center Controllers"
HKLM\...\StartupApproved\Run32: => "USB3MON"
HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-1811013842-2646865305-2902354037-1000\...\StartupApproved\Run: => "OneDriveSetup"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{C23E864B-0035-4ED5-A453-FA2FE9F3CFEA}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{41C18ED9-FCFC-4693-BEE0-FEC5817A0D6A}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{462C08EE-CE6D-4CC7-9DC4-3E6C42D05509}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1E513755-C73C-4F17-871B-F4BD1D0BE3A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{1E5AFC3E-8C0F-4755-9B54-EE456DB4BF24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{1826D309-DD98-4985-8DBE-1064BAA15D68}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9BFCD1F0-A828-4BDB-8AF4-1480DCE40E39}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EAA4CFE7-8E31-4BC6-9A6D-5FB43264DF9D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{746F5627-9D9C-4E60-8CF8-1A43BEC0792D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{363CDF9E-1FFC-4FFC-8934-1911FCC99B7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{535E3966-1D0C-459B-BB0E-C4C6424AFD22}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{57BC4D95-5156-427A-BB65-AA28201C03A1}C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{15CC067C-9D93-4355-B86A-9585DBA4A58E}C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{19DC12E8-3C33-4843-AF13-73E35FE18D59}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{559BB330-6969-4DDC-9E3B-79DC6D31C7F9}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{7FBE12DC-709A-49E0-8A15-BB3BF23D57C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A7DC6EEB-4946-4ED4-A819-A2188F716246}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0B5D453F-3B3F-4134-9E2C-C267218F642C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C453F38C-18EF-4349-B9D8-630A2D0A8650}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{CF580BA2-C8B7-49D7-B89A-809F4243EE65}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{0ED7E3B8-DFDE-4BF1-AADB-7016ADC89160}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{2BF429EB-FB8B-46A1-8443-38794CF4AC0A}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{36961D17-FDD1-4AB4-BF47-3165FEF2F14A}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{B1A91E6D-771C-4D6B-BC8D-C709F2BFE68D}C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6098249C-164A-4ABE-8B34-3D8C0188CCE5}C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jj\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6DCAE615-553A-429E-87FA-238AC0C92567}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [{6CCF4E87-A17E-4DBE-89E8-A382DB185B4F}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{EA788C0A-0C27-433B-AD12-DC3ED688D175}C:\users\jj\desktop\windowsx64\axu.exe] => (Allow) C:\users\jj\desktop\windowsx64\axu.exe
FirewallRules: [UDP Query User{68632A9B-68AF-478B-AD60-3B44A869C65E}C:\users\jj\desktop\windowsx64\axu.exe] => (Allow) C:\users\jj\desktop\windowsx64\axu.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Class Guid:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Synaptics SMBus TouchPad
Description: Synaptics SMBus TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Class Guid:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
Error: (01/01/2018 02:34:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: malwarebytes_assistant.exe, version:, time stamp: 0x5a15ab19
Faulting module name: Qt5Core.dll, version:, time stamp: 0x59a63e00
Exception code: 0xc0000005
Fault offset: 0x0018de83
Faulting process id: 0x258c
Faulting application start time: 0x01d38350aa279bb9
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 86febeb8-bc6a-4351-a57e-bf152ba7c8af
Faulting package full name:
Faulting package-relative application ID:
Error: (01/01/2018 12:18:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/01/2018 12:18:55 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (01/01/2018 12:18:55 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (01/01/2018 12:18:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/01/2018 12:18:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/01/2018 12:18:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/01/2018 12:18:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/01/2018 11:54:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Axu.exe version 2017.1.1.12495 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1b24
Start Time: 01d383392f7a1f56
Termination Time: 4294967295
Application Path: C:\Users\jj\Desktop\Windowsx64\Axu.exe
Report Id: 6e66563c-1414-4cfd-bf99-d462d0800f0c
Faulting package full name:
Faulting package-relative application ID:
Error: (01/01/2018 05:43:58 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
System errors:
Error: (01/01/2018 08:49:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/01/2018 03:22:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/31/2017 08:49:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/31/2017 08:49:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/31/2017 08:34:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/31/2017 08:34:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/31/2017 08:33:58 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
Error: (12/31/2017 08:34:01 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:33:16 AM on 12/31/2017 was unexpected.
Error: (12/31/2017 03:50:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/30/2017 10:08:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: Intel® Core i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 61%
Total physical RAM: 7913.11 MB
Available physical RAM: 3010.21 MB
Total Virtual: 15849.11 MB
Available Virtual: 8765.15 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.78 GB) (Free:49.22 GB) NTFS
Drive e: (MagneticDisk) (Fixed) (Total:698.6 GB) (Free:650.61 GB) NTFS
==================== MBR & Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: A7EB6FAE)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A300234D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=928 MB) - (Type=27)
==================== End of Addition.txt ============================
Edited by alexander caldwell, 01 January 2018 - 06:55 PM.