Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HI got a big virus in system viles.. need help going over computers


  • Please log in to reply

#16
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

This guy is in my router and set up 3 networks using same name that i use..

 

Router is 22000.. netgear.. i know how to reset it... 

 

but when i make a new name and password how on earth do i do that when he is the admin or my comptuer and keylogging me without him knowing?

 

i download zeman anti logger earlier today and  he changed that program.. Now on the desktop its called Gyazo Gif.. but says underneath its Zeman antilogger

 

I need to get him out of my network but dont know how..

 

I did this last week.. i called my ip they made my network private and changed password but when i punch this stuff in he gets the info thru keylogs or might even be listening to my phone calls.. he prob is.


  • 0

Advertisements


#17
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

STILL WORKING ON MBAR TOO SCAN AND BOOT SCAN WITH AVAST BUT

 

THIS IS WHAT R KILL SAYS WHEN I RUN IT BTW

 

Rkill 2.9.1 by Lawrence Abrams (Grinler)
Copyright 2008-2020 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/20/2020 02:00:33 AM in x64 mode.
Windows Version: Windows 7 Ultimate N Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/20/2020 02:02:39 AM
Execution time: 0 hours(s), 2 minute(s), and 6 seconds(s)

  • 0

#18
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

wANT TO maybe help me an hour on here for like 25 bucks or somethign using team viewer or something

 

Also something weird happ

I think my phone is routing thru my comptuer ip

 

Let me explain .. Whats my ip when i google it is diff ip than this computer when i look my ip up.

Thats weird right?  My ip should be the same as my computer ip .

 

I think my computer stuff goes thru his proxy/ computer then being web filtered.. For example i literally saw on Sophos on my phone it told me i was being web filtered and he set up sophos to web filter me when on phone

 

Also think police are watching me.

LIke 4 years ago i got into trouble for calling somebody in Athens oh. misdemeanor stuff .. really . nothing major just a telephone argument i said some cusswords in realty but these [bleep]ers tried to get a felony on me over a telephone argument.. its nuts

 

anyways if i look up my ip i live in dayton ohio but my ip locatoin is in athens ohio?  whats the odds of this?

super super slim.. maybe my ip goes thru police then to me thru the ip sever? 

 

I also think for sure i got a hacker in my network. i mean somebody set up 2 new networks with same name yesterday after i wathed a youtube vid about it so.. there is 3 networks that have same name as mine now.. super weird..


Edited by steveairway, 20 March 2020 - 02:24 AM.

  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,327 posts
  • MVP

So far I see no evidence of a hacker.  Let's look at PC #2.  Run a FRST scan on PC#2 and Post the logs.  Also get a Speccy log and post it for PC #2.


  • 0

#20
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

Hey I ordered a windows ten disk... should be better and more secure as u know.

 

I will load it on all 3 computters then talk to u ...

 

better than talking about current computers  right now if i plan on reinstalling them all with a fresh version of windows ten right? 

 

i'll send logs anyways if your curious.

 

THE REASON THIS ONE HAS TO BE HACKED IS BECAUSE I  LITERALLY SAW THIS COMPUTER TURN ON AT 5 AM IN THE MORNING AND SOMEBODY WAS MOVING THE MOUSE AND STARTING TO LOAD IT UP..!!!!!!!!!!!!!!!!!!!!!!!!!!!!

 

THIS ALL STARTED WHEN I WAS ON DISCORD AND SOME GUY SAID TO ME HE COULD SEE MY WEBCAM AND ALSO TO HIT THE STICKY KEY MESSAGE THING ABOUT HITTING SHIFT KEY FIVE TIMES.    

 

ALSO I RAN ZEMANA ONCE AND HIT SAID I HAD TROJAN. GEN 9... AL2180 OR WHATNOT.

 

IF YOU STUDY THE HTML STICKY KEY THING,, PANDA WROTE ARTICLE ABOUT THIS THAT I FOUND.... ITS NOT EXACTLY A VIRUS .. ITS A WAY TO ATTACK THOUGH AS U PROB KNOW.. 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2020
Ran by Mike (administrator) on MIKELAPTOPWIN7 (Hewlett-Packard HP ProBook 6560b) (22-03-2020 03:33:02)
Running from C:\Users\Mike\Downloads
Loaded Profiles: Mike & postgres (Available Profiles: Mike & postgres)
Platform: Windows 7 Ultimate N Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Broadcom Corporation) [File not signed] C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Broadcom Corporation) [File not signed] C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel® Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(SMSC) [File not signed] C:\Program Files\SGFX\sgfxmgr.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Zemana D.O.O. Sarajevo -> Copyright 2018.) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
(Zemana D.O.O. Sarajevo -> Copyright 2018.) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [HoldemManager.Server] => C:\Users\Mike\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [1147 2020-03-21] () [File not signed]
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1815584 2020-02-28] (TEFINCOM S.A. -> NordVPN)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-21] (Google LLC -> Google LLC)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {15ED3066-F1BD-48EE-966B-8C5B2406AD74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {22289654-4EB4-4F1D-8EBE-27EA13053D7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1116024 2020-02-26] (HP Inc. -> HP Inc.)
Task: {7241198A-CE73-491B-B6B0-F4EB98DE136D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7497891C-79A9-438A-905B-76967959E0FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1116024 2020-02-26] (HP Inc. -> HP Inc.)
Task: {8031B836-8B5C-457D-B10E-F916A5144AFF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {AAD10E4A-D32C-4CA1-B1DF-0169B8E6D027} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {C135738A-582D-4855-A96F-722D7E602386} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {C6D4E3F5-4C1F-4C6B-9B44-E6F92900907E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {E1D5A690-932F-4697-9AA2-ECADEA506C71} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {ED02D60F-9B28-47FF-A7CC-D702658C73E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [308088 2020-02-12] (HP Inc. -> HP Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{551BEBA7-DD54-4B4D-91C5-0D0379F13077}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{85A0EFE3-9BA8-4D69-8B7D-768D503F8FEE}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2018-09-07] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2018-09-07] (Logitech Inc -> Logitech, Inc.)
 
FireFox:
========
FF DefaultProfile: 2t3fi1vw.default
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2t3fi1vw.default [2019-11-18]
FF Extension: (Avast Online Security) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2t3fi1vw.default\Extensions\[email protected] [2019-11-18]
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\5xftgsj3.default-release [2020-03-21]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\5xftgsj3.default-release\Extensions\[email protected] [2019-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-12-29] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
 
Chrome: 
=======
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default [2020-03-22]
CHR NewTab: Default ->  Not-active:"chrome-extension://pifdldjocgdmmlpjpkafopdclpeceiif/index.html", Not-active:"chrome-extension://kgnmiidkjfoodibgboejadngnfblkmaj/index.html"
CHR DefaultSearchURL: Default -> hxxps://tinder.com/static/android-chrome-192x192.png
CHR Extension: (Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-23]
CHR Extension: (Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-23]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-23]
CHR Extension: (Honey) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-03-22]
CHR Extension: (Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-23]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-22]
CHR Extension: (Avast Online Security) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-29]
CHR Extension: (Tinder) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2019-10-07]
CHR Extension: (CouponViewer Add-On) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpabcakadbfmhiinljgodpkdeolfchlo [2020-01-16]
CHR Extension: (Grammarly for Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-03-22]
CHR Extension: (Satellite & Earth Maps) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgnmiidkjfoodibgboejadngnfblkmaj [2020-02-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Earth & Satellite Maps) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifdldjocgdmmlpjpkafopdclpeceiif [2020-02-27]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-22]
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-01]
CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel® Driver & Support Assistant -> Intel)
R2 HPDayStarterService; C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-03-23] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-01] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [234528 2020-02-28] (TEFINCOM S.A. -> )
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1296560 2019-08-07] (Bitdefender SRL -> Bitdefender)
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 SGFXMgr; C:\Program Files\SGFX\sgfxmgr.exe [8481280 2013-05-01] (SMSC) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2012-10-24] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [13206544 2020-02-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) <==== ATTENTION
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5862400 2018-10-23] (Broadcom Corporation) [File not signed]
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
R2 pgsql-8.3; "C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe" runservice -w -N "pgsql-8.3" -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"
S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1212416 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2020-02-28] (Disc Soft Ltd -> Disc Soft Ltd)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [57728 2020-03-07] (SurfRight B.V. -> )
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [161408 2017-09-12] (Zemana Ltd. -> Zemana Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-22] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-02-23] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R4 sgfxk; C:\Windows\System32\drivers\sgfxk64.sys [157432 2013-05-02] (SMSC -> SMSC)
R0 sgfxl; C:\Windows\System32\drivers\sgfxl64.sys [18168 2013-05-02] (SMSC -> SMSC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1864328 2012-10-03] (SONIX TECHNOLOGY CO. , LTD -> )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2020-02-28] (Disc Soft Ltd -> Duplex Secure Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [543744 2012-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2019-07-02] (Windows ® Win 7 DDK provider) [File not signed]
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2020-03-22] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2020-03-22] (Zemana Ltd. -> Zemana Ltd.)
U3 iswSvc; no ImagePath
R4 PsBoot; system32\Drivers\PsBoot.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-03-22 03:33 - 2020-03-22 03:35 - 000030917 _____ C:\Users\Mike\Downloads\FRST.txt
2020-03-22 03:12 - 2020-03-22 03:34 - 000000000 ____D C:\FRST
2020-03-22 03:11 - 2020-03-22 03:12 - 002279936 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2020-03-22 02:40 - 2020-03-22 02:40 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-03-22 02:03 - 2020-03-22 03:35 - 000356921 _____ C:\Windows\ZAM.krnl.trace
2020-03-22 02:03 - 2020-03-22 03:35 - 000048959 _____ C:\Windows\ZAM_Guard.krnl.trace
2020-03-22 02:03 - 2020-03-22 02:03 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2020-03-22 02:03 - 2020-03-22 02:03 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2020-03-22 02:02 - 2020-03-22 02:03 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2020-03-22 02:02 - 2020-03-22 02:02 - 000001113 _____ C:\Users\Public\Desktop\Zemana AntiLogger.lnk
2020-03-22 02:02 - 2020-03-22 02:02 - 000001113 _____ C:\ProgramData\Desktop\Zemana AntiLogger.lnk
2020-03-22 02:02 - 2020-03-22 02:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger
2020-03-22 02:02 - 2020-03-22 02:02 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK
2020-03-22 02:02 - 2017-09-12 16:53 - 000161408 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys
2020-03-22 02:00 - 2020-03-22 02:03 - 000000000 ____D C:\Users\Mike\AppData\Local\Zemana
2020-03-22 02:00 - 2020-03-22 02:00 - 012946608 _____ (Zemana Ltd. ) C:\Users\Mike\Downloads\Zemana.AntiLogger.Setup.exe
2020-03-22 00:16 - 2020-03-22 00:18 - 066778032 _____ C:\Users\Mike\Downloads\torbrowser-install-win64-9.0.6_en-US.exe
2020-03-21 20:13 - 2020-03-21 20:13 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill64-29760.exe
2020-03-21 20:09 - 2020-03-21 20:09 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-03-21 20:09 - 2020-03-21 20:09 - 000000796 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-03-21 20:09 - 2020-03-21 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-03-21 20:08 - 2020-03-21 20:09 - 000000000 ____D C:\Program Files\Speccy
2020-03-21 20:06 - 2020-03-21 20:07 - 006889184 _____ (Piriform Ltd) C:\Users\Mike\Downloads\spsetup132.exe
2020-03-03 19:02 - 2020-03-07 15:13 - 000057728 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2020-03-03 17:21 - 2020-03-03 17:21 - 000000000 ____D C:\SWSetup
2020-03-03 17:19 - 2020-03-03 17:20 - 012973760 _____ (HP Inc.) C:\Users\Mike\Downloads\sp85528.exe
2020-03-03 17:09 - 2020-03-03 17:07 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-03 17:09 - 2020-03-03 17:07 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-03 17:09 - 2020-03-03 17:06 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-01 08:22 - 2020-03-01 08:22 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill64-14652.exe
2020-03-01 08:06 - 2020-03-01 08:06 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill64.exe
2020-03-01 07:41 - 2020-03-21 20:19 - 000002180 _____ C:\Users\Mike\Desktop\Rkill.txt
2020-03-01 07:40 - 2020-03-01 07:40 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill.exe
2020-03-01 07:30 - 2020-03-01 07:37 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-03-01 07:30 - 2020-03-01 07:30 - 000103232 _____ C:\ProgramData\agent.1583062199.bdinstall.v2.bin
2020-03-01 07:30 - 2020-03-01 07:30 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-03-01 07:28 - 2020-03-01 07:29 - 010527368 _____ C:\Users\Mike\Downloads\bitdefender_online.exe
2020-03-01 07:22 - 2020-03-22 03:11 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2020-03-01 07:22 - 2020-03-01 07:22 - 000000000 ____D C:\ProgramData\NortonInstaller
2020-03-01 07:21 - 2020-03-01 07:22 - 005613920 _____ (COMODO) C:\Users\Mike\Downloads\cav_installer_138430010_1a.exe
2020-03-01 07:20 - 2020-03-22 03:03 - 000000000 ____D C:\ProgramData\Norton
2020-03-01 07:04 - 2020-03-01 07:04 - 000000000 ____H C:\Users\Mike\Documents\Default.rdp
2020-03-01 07:03 - 2020-03-01 07:03 - 000000000 ____D C:\Program Files\HitmanPro
2020-03-01 06:51 - 2020-03-01 06:51 - 000000759 _____ C:\Users\Mike\Desktop\NATHAN - Shortcut.lnk
2020-03-01 06:09 - 2020-03-01 06:22 - 000302604 _____ C:\Windows\ntbtlog.txt
2020-03-01 05:50 - 2020-03-01 05:50 - 000279656 _____ C:\Windows\Minidump\030120-25287-01.dmp
2020-03-01 05:47 - 2020-03-01 05:47 - 011539456 _____ (SurfRight B.V.) C:\Users\Mike\Downloads\HitmanPro_x64 (1).exe
2020-03-01 05:30 - 2020-03-01 05:42 - 000000000 ____D C:\ProgramData\HitmanPro
2020-03-01 03:59 - 2020-03-01 03:59 - 000279600 _____ C:\Windows\Minidump\030120-24975-01.dmp
2020-03-01 03:43 - 2020-03-01 04:48 - 000000000 ___RD C:\Users\Mike\Documents\Notes
2020-03-01 02:49 - 2020-03-22 01:45 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Panda Security
2020-03-01 02:48 - 2020-03-22 01:46 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-03-01 02:47 - 2020-03-01 02:47 - 000021504 ___SH C:\Users\Mike\Desktop\Thumbs.db
2020-03-01 02:44 - 2020-03-22 01:46 - 000000000 ____D C:\ProgramData\Panda Security
2020-03-01 02:43 - 2020-03-01 02:43 - 002261616 _____ (Panda Security, S.L.) C:\Users\Mike\Downloads\PANDAFREEAV.exe
2020-03-01 02:28 - 2020-03-01 02:28 - 000000186 _____ C:\Users\Mike\Documents\cc_20200301_012822.reg
2020-03-01 01:21 - 2020-03-22 00:32 - 000000832 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-03-01 01:21 - 2020-03-22 00:32 - 000000784 _____ C:\Users\Mike\Desktop\Start Tor Browser.lnk
2020-03-01 01:18 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\Desktop\Tor Browser
2020-03-01 01:16 - 2020-03-01 01:18 - 066716472 _____ C:\Users\Mike\Downloads\torbrowser-install-win64-9.0.5_en-US.exe
2020-03-01 01:14 - 2020-03-01 01:14 - 000002626 _____ C:\Users\Mike\Documents\cc_20200301_001419.reg
2020-03-01 00:02 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-03-01 00:02 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-03-01 00:02 - 2020-03-01 00:02 - 000001970 _____ C:\Users\Public\Desktop\NordVPN.lnk
2020-03-01 00:02 - 2020-03-01 00:02 - 000001970 _____ C:\ProgramData\Desktop\NordVPN.lnk
2020-02-29 23:58 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\NordVPN
2020-02-29 23:58 - 2020-03-01 00:02 - 000000000 ____D C:\Users\Mike\AppData\Local\NordVPN
2020-02-29 23:57 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-02-29 23:54 - 2020-02-29 23:54 - 000000000 ____D C:\Users\Mike\AppData\Roaming\NordVPN
2020-02-29 23:51 - 2020-02-29 23:51 - 014091752 _____ (NordVPN) C:\Users\Mike\Downloads\NordVPNSetup.exe
2020-02-29 14:30 - 2020-03-21 23:58 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-29 14:30 - 2020-03-21 23:58 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-29 14:30 - 2020-03-21 23:58 - 000002143 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-29 14:27 - 2020-02-29 14:28 - 001288408 _____ (Google LLC) C:\Users\Mike\Downloads\ChromeSetup.exe
2020-02-29 03:56 - 2020-02-29 03:56 - 000004544 _____ C:\New Journal Document.jnt
2020-02-28 23:35 - 2020-02-28 23:36 - 026984384 _____ (TeamViewer Germany GmbH) C:\Users\Mike\Downloads\TeamViewer_Setup.exe
2020-02-28 22:44 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Greenshot
2020-02-28 22:44 - 2020-02-28 22:44 - 000000000 ____D C:\Users\Mike\AppData\Local\Greenshot
2020-02-28 22:40 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2020-02-28 22:40 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\Greenshot
2020-02-28 22:40 - 2020-02-28 22:46 - 000000000 ____D C:\Users\Mike\Documents\PokerMavens.Documentation
2020-02-28 22:38 - 2020-02-28 22:39 - 001783200 _____ (Greenshot ) C:\Users\Mike\Downloads\Greenshot-INSTALLER-1.2.10.6-RELEASE.exe
2020-02-28 21:39 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\SecurityScans
2020-02-28 21:38 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\Microsoft Baseline Security Analyzer 2
2020-02-28 21:38 - 2020-02-28 21:38 - 000001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.2.lnk
2020-02-28 21:38 - 2020-02-28 21:38 - 000001081 _____ C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
2020-02-28 21:38 - 2020-02-28 21:38 - 000001081 _____ C:\ProgramData\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
2020-02-28 21:33 - 2020-02-28 21:33 - 001777664 _____ C:\Users\Mike\Downloads\MBSASetup-x64-EN.msi
2020-02-28 21:16 - 2020-02-28 21:17 - 000065232 _____ (Malwarebytes) C:\Users\Mike\Downloads\regassassin-setup-1.03.exe
2020-02-28 21:15 - 2020-02-28 21:15 - 001728127 _____ C:\Users\Mike\Downloads\Autoruns.zip
2020-02-28 20:57 - 2020-02-28 21:04 - 117690800 _____ (Microsoft Corporation) C:\Users\Mike\Downloads\MSERT.exe
2020-02-28 20:52 - 2020-02-28 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2020-02-28 20:52 - 2020-02-28 20:52 - 000381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2020-02-28 20:52 - 2020-02-28 20:52 - 000030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2020-02-28 20:49 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2020-02-28 20:49 - 2020-02-28 20:49 - 000000000 ____D C:\Users\Mike\AppData\Roaming\DAEMON Tools Lite
2020-02-28 20:48 - 2020-02-28 20:49 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2020-02-28 20:47 - 2020-02-28 20:48 - 013223208 _____ (Disc Soft Ltd) C:\Users\Mike\Downloads\DTLite501-0406.exe
2020-02-28 20:39 - 2020-02-28 20:39 - 000000000 ____D C:\Users\Mike\Documents\Iso.Windows7Ultimate.x64
2020-02-28 18:43 - 2020-02-28 18:43 - 000000036 _____ C:\Users\Mike\AppData\Local\housecall.guid.cache
2020-02-28 18:42 - 2020-02-28 18:42 - 002660528 _____ (Trend Micro Inc.) C:\Users\Mike\Downloads\HousecallLauncher64.1582929602.exe
2020-02-28 17:52 - 2019-11-05 15:03 - 000066848 _____ (Check Point Software Technologies) C:\Windows\system32\Drivers\cpbak.sys
2020-02-28 17:47 - 2020-02-28 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2020-02-28 17:47 - 2020-02-28 17:47 - 000000000 ____D C:\Program Files (x86)\Magical Jelly Bean
2020-02-28 17:46 - 2020-02-28 17:46 - 000928232 _____ (Magical Jelly Bean ) C:\Users\Mike\Downloads\KeyFinderInstaller.exe
2020-02-28 17:22 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\TAP-Windows
2020-02-28 01:11 - 2020-02-28 01:11 - 000000000 _____ C:\Windows\system32\Drivers\etc\lmhosts
2020-02-28 00:12 - 2020-02-28 17:24 - 000000000 ____D C:\ProgramData\Hotspot Shield
2020-02-28 00:11 - 2020-02-28 00:12 - 000441016 _____ C:\Windows\system32\Drivers\vsconfig.xml
2020-02-28 00:08 - 2020-02-28 00:08 - 000000762 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2020-02-28 00:08 - 2020-02-28 00:08 - 000000762 _____ C:\ProgramData\Desktop\ZoneAlarm Security.lnk
2020-02-28 00:08 - 2020-02-28 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2020-02-27 23:58 - 2020-02-29 14:27 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2020-02-27 23:54 - 2020-03-01 00:15 - 000000000 ____D C:\ProgramData\CheckPoint
2020-02-27 23:53 - 2020-02-27 23:53 - 005950256 _____ (Check Point Software Technologies Ltd.) C:\Users\Mike\Downloads\Unconfirmed 79209.crdownload
2020-02-27 23:52 - 2020-02-27 23:53 - 005950256 _____ (Check Point Software Technologies Ltd.) C:\Users\Mike\Downloads\zafwSetupWeb_158_023_18219.exe
2020-02-27 23:40 - 2020-02-27 23:41 - 000002470 _____ C:\Users\Mike\Documents\CCleaner.RegistryBackup.2020.02.27.reg
2020-02-24 02:10 - 2020-03-01 03:54 - 000007594 _____ C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
2020-02-24 01:13 - 2020-02-24 01:13 - 000000000 ____D C:\Users\Mike\AppData\Local\cache
2020-02-24 01:12 - 2020-03-01 18:58 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-02-24 01:12 - 2020-03-01 18:58 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-02-24 01:12 - 2020-02-24 01:12 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\Users\Mike\AppData\Local\mbamtray
2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\Users\Mike\AppData\Local\mbam
2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-02-24 01:11 - 2020-03-01 18:45 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-02-24 01:09 - 2020-02-24 01:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-02-24 00:59 - 2020-02-24 00:59 - 000000000 ____D C:\Program Files\Malwarebytes
2020-02-24 00:49 - 2020-02-24 00:49 - 000000000 ____D C:\Users\Mike\Documents\PCProtect
2020-02-24 00:47 - 2020-02-24 00:47 - 000043256 _____ C:\Users\Mike\Documents\cc_20200223_234726.reg
2020-02-24 00:43 - 2020-02-24 00:43 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-02-24 00:42 - 2020-02-24 00:43 - 000000000 ____D C:\ProgramData\PCProtect
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-03-22 03:30 - 2009-07-14 00:50 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-22 03:30 - 2009-07-14 00:50 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-22 03:06 - 2019-09-11 17:52 - 000000000 ____D C:\Windows\system32\MRT
2020-03-22 03:02 - 2019-11-02 22:25 - 000000000 ____D C:\Users\Mike\AppData\LocalLow\Mozilla
2020-03-22 03:02 - 2019-09-11 17:50 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-22 02:51 - 2018-10-21 06:02 - 000000000 ____D C:\Users\Mike
2020-03-22 02:46 - 2018-10-23 22:02 - 000098824 _____ C:\Users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT
2020-03-22 02:46 - 2009-07-14 01:12 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-22 02:46 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2020-03-22 02:41 - 2019-01-01 16:34 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2020-03-22 02:39 - 2019-11-13 17:16 - 000000000 ____D C:\Users\postgres
2020-03-22 02:38 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-22 02:37 - 2009-07-14 00:50 - 000428320 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-22 02:30 - 2019-11-16 16:27 - 000000000 ____D C:\Table Tamer
2020-03-22 02:30 - 2018-11-28 22:22 - 000000000 ____D C:\Users\Mike\AppData\Local\Table Tamer
2020-03-22 01:40 - 2019-02-08 16:44 - 000000000 ____D C:\Users\Mike\AppData\Local\Run It Once Poker
2020-03-22 01:40 - 2019-02-08 16:41 - 000000000 ____D C:\Program Files (x86)\RunItOncePoker
2020-03-22 01:37 - 2018-10-23 22:16 - 000000000 ____D C:\Users\Mike\AppData\Local\Google
2020-03-22 01:15 - 2019-11-18 05:21 - 000000000 ____D C:\Users\Mike\AppData\Local\AVAST Software
2020-03-22 01:15 - 2019-11-15 22:22 - 000000000 ____D C:\Program Files (x86)\StackAndTile
2020-03-22 01:15 - 2018-11-05 14:32 - 000000000 ____D C:\ProgramData\AVAST Software
2020-03-21 20:43 - 2019-05-14 19:55 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2020-03-21 20:09 - 2018-11-13 17:41 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Poker Mavens 6
2020-03-21 20:01 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2020-03-03 17:07 - 2020-02-16 03:48 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-03 17:05 - 2020-02-16 03:48 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-03 17:05 - 2020-02-16 03:48 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-03 17:05 - 2020-02-16 03:48 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-03-03 17:04 - 2020-02-16 03:48 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-03 17:04 - 2020-02-16 03:48 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-03 17:04 - 2020-02-16 03:48 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-01 06:52 - 2019-11-04 17:55 - 000000000 ____D C:\temp
2020-03-01 05:50 - 2019-01-23 16:11 - 000000000 ____D C:\Windows\Minidump
2020-03-01 04:48 - 2019-12-08 21:15 - 000000000 ____D C:\Users\Mike\AppData\Roaming\slobs-client
2020-03-01 04:47 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\registration
2020-03-01 03:56 - 2018-10-24 11:03 - 000000000 ____D C:\Users\Mike\AppData\Local\ElevatedDiagnostics
2020-03-01 03:47 - 2009-07-14 01:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-01 02:49 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-03-01 02:47 - 2019-11-10 23:35 - 000000915 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-03-01 02:47 - 2019-11-10 23:35 - 000000915 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-03-01 02:47 - 2019-11-03 21:55 - 000001047 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2020-03-01 02:47 - 2019-11-03 21:55 - 000001047 _____ C:\ProgramData\Desktop\OBS Studio.lnk
2020-02-29 20:33 - 2019-10-03 17:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-29 14:30 - 2018-10-23 22:16 - 000000000 ____D C:\Program Files (x86)\Google
2020-02-29 04:19 - 2019-01-14 21:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-28 23:48 - 2019-01-14 21:25 - 000000000 ____D C:\Users\Mike\AppData\Roaming\TeamViewer
2020-02-28 23:02 - 2009-07-14 00:50 - 000000000 ____D C:\Windows\ServiceProfiles
2020-02-28 17:31 - 2018-12-27 20:46 - 000000000 ____D C:\ProgramData\Package Cache
2020-02-27 23:53 - 2019-11-12 21:29 - 000000000 ____D C:\Windows\system32\appmgmt
2020-02-27 22:24 - 2009-07-13 23:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-02-27 19:55 - 2019-01-15 04:49 - 000000000 ____D C:\Users\Mike\AppData\Local\TeamViewer
2020-02-21 19:49 - 2019-06-01 15:22 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
 
==================== Files in the root of some directories ========
 
2020-02-28 18:43 - 2020-02-28 18:43 - 000000036 _____ () C:\Users\Mike\AppData\Local\housecall.guid.cache
2020-02-24 02:10 - 2020-03-01 03:54 - 000007594 _____ () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-02-29 16:07
==================== End of FRST.txt ========================
 
 
 
ADDITION  ADDITON 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2020
Ran by Mike (22-03-2020 03:36:08)
Running from C:\Users\Mike\Downloads
Windows 7 Ultimate N Service Pack 1 (X64) (2018-10-21 10:02:08)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3550179741-2894783952-792556322-500 - Administrator - Disabled)
Guest (S-1-5-21-3550179741-2894783952-792556322-501 - Limited - Disabled)
Mike (S-1-5-21-3550179741-2894783952-792556322-1000 - Administrator - Enabled) => C:\Users\Mike
postgres (S-1-5-21-3550179741-2894783952-792556322-1003 - Limited - Enabled) => C:\Users\postgres
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
Ace Poker Drills (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76A480D3}_is1) (Version: 1.1 - Ace Poker Solutions)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)
AMD Catalyst Install Manager (HKLM\...\{D0A76081-22E4-5B3F-5394-1229DDF73585}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
BlackChipPoker version 1.21.65 (HKLM-x32\...\{1B17EB4E-3E9C-4611-B8B5-31C0A00A1F70}_is1) (Version: 1.21.65 - Winning Poker Network, Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.143 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.143 - Broadcom Corporation)
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
Core Graphics Software (HKLM\...\{61768C93-76C2-4017-974F-9BE1D2BBD9A4}) (Version: 5.3.60.6579 - SMSC) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DriveHUD (HKLM-x32\...\{A385DB4B-3949-4BF7-97ED-8B4EA828F50C}) (Version: 1.6.2875 - Ace Poker Solutions) Hidden
DriveHUD (HKLM-x32\...\{bee462df-9abf-4c66-96b0-e1e362aa985c}) (Version: 1.6.2.2875 - Ace Poker Solutions)
Ericsson WWAN Module Firmware Update (HKLM-x32\...\{C7116457-0B69-4EF2-9B67-72BAD7A7D48F}) (Version: 1.00.0000 - Hewlett Packard)
Flopzilla (HKLM-x32\...\{C2A8E01F-B2D2-4D76-9350-2B088E87349F}) (Version: 1.8.6 - Flopzilla)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HP Client Automation Agent Preload  (HKLM-x32\...\{52B18ABC-AD5F-4C3C-B391-04F57B380449}) (Version: 7.5 - Hewlett-Packard)
HP DayStarter (HKLM\...\{74EC2285-AB57-4451-9292-4B4DE5934FC6}) (Version: 2.0.1.0 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP Mouse Suite (HKLM-x32\...\{213FF60A-9899-4145-8428-D144778BE117}) (Version: 1.1.2 - Hewlett-Packard)
HP Port Replicator Software Installer (HKLM-x32\...\{75BF632E-4761-4CF4-A368-E158B8A1BB1C}) (Version: 1.2.20 - HP)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{930B5F2B-8DB9-42F4-90E4-5D3DC30541C3}) (Version: 12.14.49.15 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{F4F3B985-9B21-4D67-B1B2-2829C5D392E8}) (Version: 2.4.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Ignition Casino Poker (HKLM-x32\...\{B63C2764-2878-40D2-A50E-B3BE6D5F122F}_is1) (Version: 4.0 - )
Intel® Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
LibreOffice 6.3.2.2 (HKLM\...\{6110D2CC-70B4-415E-AF5A-7BB496AB264B}) (Version: 6.3.2.2 - The Document Foundation)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.114 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{08C3441C-4FAF-48D3-A551-70DD6031734F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Node.js (HKLM-x32\...\{E5549415-58EA-4BBF-AE4A-C495F14D8088}) (Version: 10.16.0 - Node.js Foundation)
NordVPN (HKLM-x32\...\{83E5941F-5F93-4097-81F5-79FA38FFB875}) (Version: 6.27.11 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.27.11) (Version: 6.27.11 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Poker Mavens 6.06 (Pro) (HKLM-x32\...\Poker Mavens_is1) (Version:  - )
PokerTracker 3 (remove only) (HKLM-x32\...\PokerTracker3) (Version:  - )
PostgreSQL 8.3 (HKLM-x32\...\{B823632F-3B72-4514-8861-B961CE263224}) (Version: 8.3 - PostgreSQL Global Development Group)
PPPOKER (HKLM-x32\...\{91B423CD-8BD1-402B-8173-5069AAD89577}) (Version: 31.0 - LeinTech)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Skype version 8.56 (HKLM-x32\...\Skype_is1) (Version: 8.56 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
SMSC Core Graphics Software (HKLM-x32\...\Core Graphics Software) (Version: 5.3.60.6579 - SMSC)
SMSC LAN9500 Device Driver (HKLM\...\{B36E0195-2DD3-40EE-A924-7751ED5F15BB}) (Version: 13.05.14.0 - SMSC)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Streamlabs OBS 0.11.11 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.11 - General Workings, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1038 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
TN2 (HKLM-x32\...\{5EA9A919-61B4-42A0-B057-511DA81FC240}) (Version: 2.6.13 - PASG)
TN2 (HKLM-x32\...\{85E02B5C-DCDA-4BDE-AD98-1B5D5AA10E89}) (Version: 2.8.1 - PASG)
ViewSpan (HKLM\...\{33F3FCBA-4CC5-4A5B-A6DB-53478463D991}) (Version: 2.8.3.0 - SMSC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for PM Catcher 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Ace Poker Solutions LLC)
XSplit Gamecaster (HKLM-x32\...\{7F0DC866-BE32-4AE8-8242-A1F5753176B8}) (Version: 3.4.1812.0304 - SplitmediaLabs)
Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.664 - Zemana Ltd.)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.023.18219 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{713DC4CA-80B3-4349-9257-7D99320848A2}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2020-03-22] (Zemana D.O.O. Sarajevo -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2020-03-22] (Zemana D.O.O. Sarajevo -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan
 
==================== Loaded Modules (Whitelisted) =============
 
2019-11-04 16:09 - 2019-11-04 16:09 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2009-12-10 04:39 - 2009-12-10 04:39 - 000167936 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\LIBPQ.dll
2009-02-12 20:01 - 2009-02-12 20:01 - 000976384 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\libxml2.dll
2005-07-20 06:48 - 2005-07-20 06:48 - 000059904 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\zlib1.dll
2008-02-04 22:43 - 2008-02-04 22:43 - 000027136 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll
2012-02-10 14:26 - 2012-02-10 14:26 - 001083392 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000996020 _____ () [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-1-6.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000320645 _____ () [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000109568 _____ () [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
2018-10-23 21:46 - 2011-08-08 17:12 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
2018-10-23 22:02 - 2018-10-23 22:02 - 000066560 _____ (Broadcom Corporation) [File not signed] C:\Windows\assembly\GAC_64\bcmwlrmt\5.100.82.0__6d6a20262490fcdc\bcmwlrmt.dll
2018-10-23 22:01 - 2018-10-23 22:00 - 001058816 _____ (Broadcom Corporation) [File not signed] C:\Windows\System32\BCMLogon.dll
2018-10-23 22:01 - 2018-10-23 22:00 - 000073728 _____ (Broadcom Corporation) [File not signed] C:\Windows\system32\wltrynt.dll
2019-11-27 12:15 - 2019-11-27 12:15 - 000055296 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt32.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 12:15 - 2019-11-27 12:15 - 000020480 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr32.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2006-05-03 16:57 - 2006-05-03 16:57 - 000888832 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\iconv.dll
2009-01-06 15:51 - 2009-01-06 15:51 - 000968886 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\libiconv-2.dll
2009-01-06 15:51 - 2009-01-06 15:51 - 000083906 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\libintl-8.dll
2018-10-23 21:46 - 2011-08-08 17:08 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
2009-04-13 13:23 - 2009-04-13 13:23 - 000012288 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\comerr32.dll
2009-04-13 13:23 - 2009-04-13 13:23 - 000135168 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\gssapi32.dll
2009-04-13 13:23 - 2009-04-13 13:23 - 000019968 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\k5sprt32.dll
2009-04-13 13:23 - 2009-04-13 13:23 - 000634880 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\krb5_32.dll
2019-11-19 16:19 - 2019-11-19 16:19 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2007-10-16 12:40 - 2007-10-16 12:40 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\MSVCR71.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000622549 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libwinpthread-1.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000502272 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\freebl3.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000046592 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\lgpllibs.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 002184704 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\mozavcodec.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000236032 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\mozavutil.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000965632 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\mozglue.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 002620416 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\nss3.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000440320 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\nssckbi.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000253952 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\softokn3.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 110771200 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\xul.dll
2019-11-27 06:27 - 2019-11-27 06:27 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2019-11-10 12:38 - 2019-11-10 12:38 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2013-05-01 11:55 - 2013-05-01 11:55 - 000269312 _____ (SMSC) [File not signed] C:\Windows\system32\sgfxu64.dll
2009-04-13 15:09 - 2009-04-13 15:09 - 001032192 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\LIBEAY32.dll
2009-04-13 15:09 - 2009-04-13 15:09 - 000212992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\SSLEAY32.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 003525189 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libcrypto-1_1-x64.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 000985364 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssl-1_1-x64.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2019-01-04 04:22 - 000000829 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11;;c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HPMonitor.exe.lnk => C:\Windows\pss\HPMonitor.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpwjd.exe.lnk => C:\Windows\pss\hpwjd.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpwmsd.exe.lnk => C:\Windows\pss\hpwmsd.exe.lnk.CommonStartup
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Discord => C:\Users\Mike\AppData\Local\Discord\app-0.0.305\Discord.exe
MSCONFIG\startupreg: DSATray => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: NordVPN => C:\Program Files (x86)\NordVPN\NordVPN.exe
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: Poker Mavens 5 Server => "C:\Program Files (x86)\Briggs Softworks\Poker Mavens 5\PMServer.exe" -autostart
MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
MSCONFIG\startupreg: SgfxConfig => "C:\Program Files\SGFX\sgfxconfig.exe"
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{34637B6B-BA89-45B4-82D4-BB7A188ED311}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{A2F07BB9-EBC8-42A7-B0B9-E3313B9965AD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [TCP Query User{E2790D9E-DDF7-4BA1-914D-17F55C47AA17}C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe (Briggs Softworks -> )
FirewallRules: [UDP Query User{F8BAF6CD-F705-4997-B5F4-44871BAA46DC}C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe (Briggs Softworks -> )
FirewallRules: [TCP Query User{B142A748-B65D-4284-9EC5-EE4D23AB9F2A}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [UDP Query User{DA14DAEA-4EE9-4788-B288-E2A9BA95F39C}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [{E1FBD2CB-ED5D-466A-8F1D-2586434340C7}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{94A9FD5B-F39C-44DE-B45D-A91328BB79B5}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{5585D7AE-268F-4025-B0BD-756818680E72}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{A5A53819-4A22-4576-946A-4D77CAB37ED0}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [TCP Query User{FF1F6A5A-5264-4C49-B7DC-7E4465D5ED71}C:\program files\streamlabs obs\streamlabs obs.exe] => (Block) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{6BAF4205-A6FE-4E20-A96D-4A2C5680BBC8}C:\program files\streamlabs obs\streamlabs obs.exe] => (Block) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [TCP Query User{3EEED019-B2BC-4F69-A3DC-04CC1AEDB15F}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{A8D67A9C-6902-4C5F-A546-71D2D7F4F436}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [TCP Query User{26FEEA3D-F187-4CB4-BB85-9B65C918FA03}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [UDP Query User{E2A39CC7-D3C1-4638-93D8-C3C972776260}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [{DE639CB3-702F-48D6-A9AC-87C8488D268A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFD66CD5-9E58-4098-89DB-75A44ED91962}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04A3186F-E4A2-4A2F-AE27-A980A259C43B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09A7D703-191C-431A-A0BA-722A4B53DF74}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9BC25D34-9686-4AD3-9DDB-295BF9F53545}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{19C6EBEA-BEE4-4DA8-9CCE-6288FACDC4D7}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{ACF9850B-775F-4853-8B03-F9ABD7C57661}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{A7FE2610-4446-4DDD-89A0-5AAA2DA0DBEE}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F8D4B728-F995-4F16-B089-C1E3CFF30596}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
01-03-2020 04:41:06 Restore Operation
01-03-2020 05:41:57 Checkpoint by HitmanPro
22-03-2020 01:15:58 Removed Holdem Manager 3
22-03-2020 01:34:49 Removed Backup and Sync from Google
22-03-2020 03:00:14 Windows Update
 
==================== Faulty Device Manager Devices ============
 
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (03/22/2020 01:42:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program uninstall.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 43cc
 
Start Time: 01d6000c5060ee66
 
Termination Time: 2
 
Application Path: C:\Program Files (x86)\RunItOncePoker\uninstall.exe
 
Report Id: afd1f76f-6bff-11ea-a8dd-009c028b65dd
 
Error: (03/21/2020 07:49:46 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (03/10/2020 08:34:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 8ec
 
Start Time: 01d5f73b22f17a7d
 
Termination Time: 0
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: e7d8aa24-632f-11ea-9258-be3bc797cadf
 
Error: (03/10/2020 07:21:58 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (03/07/2020 03:03:43 PM) (Source: PerfNet) (EventID: 2002) (User: )
Description: Unable to open the Redirector service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (03/07/2020 03:03:43 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (03/03/2020 04:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Faulting module name: ntdll.dll, version: 6.1.7601.24545, time stamp: 0x5e0eb67f
Exception code: 0xc0000005
Fault offset: 0x0000000000032ad4
Faulting process id: 0x56c
Faulting application start time: 0x01d5f19d3ba19fed
Faulting application path: C:\Windows\Explorer.EXE
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 38df4a72-5d91-11ea-8906-bdfb6b050eb4
 
Error: (03/03/2020 04:52:46 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.
 
 
System errors:
=============
Error: (03/22/2020 02:47:01 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (03/22/2020 02:47:01 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (03/22/2020 02:46:59 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (03/22/2020 02:46:40 AM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (03/22/2020 02:42:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Browser Update Service (avast) service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (03/22/2020 02:39:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm ICM NET Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (03/22/2020 02:31:31 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.
 
Error: (03/22/2020 01:29:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.
 
 
Windows Defender:
===================================
Date: 2020-02-28 16:50:45.732
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{912F72FD-0E05-4F05-ACD1-CDD82B6FDDC4}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
 
Date: 2020-02-28 00:07:24.558
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{427C242A-0A02-4FAA-B71A-1F00F582E428}
Scan Type:AntiSpyware
Scan Parameters:Full Scan
 
Date: 2020-02-27 22:37:24.178
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{6AE37A02-D63E-4719-A04F-6316712C8945}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
 
CodeIntegrity:
===================================
 
Date: 2020-03-22 03:11:40.006
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 03:04:14.283
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 02:46:12.543
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 02:38:11.765
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 02:38:05.576
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 02:30:31.850
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 02:17:55.697
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 02:17:32.138
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
BIOS: Hewlett-Packard 68SCE Ver. F.67 02/13/2018
Motherboard: Hewlett-Packard 1619
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 87%
Total physical RAM: 8126.36 MB
Available physical RAM: 1019.66 MB
Total Virtual: 16250.86 MB
Available Virtual: 7894.94 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:292.13 GB) (Free:222.02 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:4.99 GB) (Free:4.99 GB) FAT32
 
\\?\Volume{734c8035-d530-11e8-bf1b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{734c8037-d530-11e8-bf1b-806e6f6e6963}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 59559CF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=868 MB) - (Type=27)
 
==================== End of Addition.txt =======================

 

ANY THOUGHTS ?  ANYWAYS HERE'S SCANS IF BORED AND WANT TO SEE MAYBE


Edited by steveairway, 22 March 2020 - 01:46 AM.

  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,327 posts
  • MVP

This PC has a suspicious TeamViewer program running on it.  TeamViewer does not show up in the Installed Programs list and it is running from a Temp folder.  This would definitely allow a hacker to control the PC.  Following fixlist will remove TeamViewer:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   1.54KB   89 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.


Remember when you ran MBAR and it complained about AppInit_DLLs?  This computer has an example of legitimate AppInit_DLLs:

 

AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)

 

 

As you can see Zemana is using the entries for some KeyCrypt dll purpose.

 

This PC has a problem with the driver installed by Daemon Tools.  Perhaps an uninstall and reinstall would help.

 

If you are going to reload the first  PC you should replace the hard drive first.  I would like to see a Speccy log of PC #2 & PC #3 before you load them with Win 10 to make sure that the harddrives are OK.

 

Get the free version of Speccy:

http://www.filehippo...download_speccy 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.



 

 

T


  • 0

#22
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

When i hit fix list it only sends this into my downloads.. TO USE FIXLIST SHOULD I PUT EACH OF THOSE COMMANDS INTO THE CMD THING??? 

 

 

 

will it work properly ?

 

I dont know how to put it into same folder as Frst 

 

thanks alot 

 

btw can hacker control computer while i'm using it without me noticing?

 

Btw ii think i had same problem on other  computers but i noticed this odd teamviewr file and delted them.. the Teamviewer Germany thing  ma nually when i saw this stuff in my files

 

Does this post really have 1200 views?  if so i guess maybge alot of people google this stuff then see these type of posts.. 

 

So anyways i hit fixlist which dowloaded it ... to downloads folder.. same place that FRST went so i guess now u mean to run FRST which i did and hit fix button and waiting for results and posting above stuff like u said. 


Edited by steveairway, 22 March 2020 - 06:51 PM.

  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,327 posts
  • MVP

FRST says it is:

Running from C:\Users\Mike\Downloads
so downloading the fixlist to your Download folder should work.

  • 0

#24
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

yes i'm running the fix button now on FRST.. seems to take awhile

 

how can u see that i'm running it .. just curious... 

 

i was thinking about taking the course  on here to help people with malware etc

 

is there good money in this fixing computers locally usually? 


Edited by steveairway, 22 March 2020 - 07:20 PM.

  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,327 posts
  • MVP

I can't see that you are running it but just know there is no reason it shouldn't work.  Will take about 10 minutes to complete as I also let it do a sfc /scannow to check the system files are good.

 

Most of the views are from bots that scour the net looking for stuff for the search engines like google and yahoo.

 

Don't know anything about the money side.  I just do this for free.


  • 0

Advertisements


#26
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

Well i'm far from rich but was hoping to send u a small donation your way after all this.

something reasonable ... 

 

i realy appreciate your help on all this .

 

FIXLOG

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-03-2020
Ran by Mike (22-03-2020 20:40:37) Run:2
Running from C:\Users\Mike\Downloads
Loaded Profiles: Mike (Available Profiles: Mike & postgres)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
R2 TeamViewer; C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [13206544 2020-02-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) <==== ATTENTION
C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
TeamViewer => service not found.
"C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe" => not found
"BVTFilter" => not found
avast => service not found.
avastm => service not found.
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
Verification 0% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 4% complete.Verification 5% complete.Verification 5% complete.Verification 6% complete.Verification 7% complete.Verification 7% complete.Verification 8% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 12% complete.Verification 12% complete.Verification 13% complete.Verification 14% complete.Verification 15% complete.Verification 15% complete.Verification 16% complete.Verification 17% complete.Verification 17% complete.Verification 18% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 24% complete.Verification 25% complete.Verification 25% complete.Verification 26% complete.Verification 27% complete.Verification 27% complete.Verification 28% complete.Verification 29% complete.Verification 30% complete.Verification 30% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 34% complete.Verification 35% complete.Verification 35% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 39% complete.Verification 40% complete.Verification 40% complete.Verification 41% complete.Verification 42% complete.Verification 42% complete.Verification 43% complete.Verification 44% complete.Verification 45% complete.Verification 45% complete.Verification 46% complete.Verification 47% complete.Verification 48% complete.Verification 48% complete.Verification 49% complete.Verification 50% complete.Verification 50% complete.Verification 51% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 57% complete.Verification 58% complete.Verification 58% complete.Verification 59% complete.Verification 60% complete.Verification 60% complete.Verification 61% complete.Verification 62% complete.Verification 63% complete.Verification 63% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 67% complete.Verification 68% complete.Verification 68% complete.Verification 69% complete.Verification 70% complete.Verification 70% complete.Verification 71% complete.Verification 72% complete.Verification 73% complete.Verification 73% complete.Verification 74% complete.Verification 75% complete.Verification 75% complete.Verification 76% complete.Verification 77% complete.Verification 78% complete.Verification 78% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 82% complete.Verification 83% complete.Verification 83% complete.Verification 84% complete.Verification 85% complete.Verification 85% complete.Verification 86% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 90% complete.Verification 91% complete.Verification 91% complete.Verification 92% complete.Verification 93% complete.Verification 93% complete.Verification 94% complete.Verification 95% complete.Verification 96% complete.Verification 96% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of them.
 
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example 
 
C:\Windows\Logs\CBS\CBS.log
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2020-03-22 20:12:51, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:12:51, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2020-03-22 20:12:52, Info                  CSI    0000000c [SR] Verify complete
2020-03-22 20:12:53, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:12:53, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2020-03-22 20:12:55, Info                  CSI    00000010 [SR] Verify complete
2020-03-22 20:12:56, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:12:56, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2020-03-22 20:12:57, Info                  CSI    00000014 [SR] Verify complete
2020-03-22 20:12:58, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:12:58, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-03-22 20:12:59, Info                  CSI    00000018 [SR] Verify complete
2020-03-22 20:13:00, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:00, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:01, Info                  CSI    0000001c [SR] Verify complete
2020-03-22 20:13:02, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:02, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:03, Info                  CSI    00000020 [SR] Verify complete
2020-03-22 20:13:04, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:04, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:05, Info                  CSI    00000024 [SR] Verify complete
2020-03-22 20:13:06, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:06, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:07, Info                  CSI    00000028 [SR] Verify complete
2020-03-22 20:13:08, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:08, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:09, Info                  CSI    0000002c [SR] Verify complete
2020-03-22 20:13:10, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:10, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:11, Info                  CSI    00000030 [SR] Verify complete
2020-03-22 20:13:12, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:12, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:13, Info                  CSI    00000034 [SR] Verify complete
2020-03-22 20:13:14, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:14, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:16, Info                  CSI    00000038 [SR] Verify complete
2020-03-22 20:13:16, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:16, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:18, Info                  CSI    0000003c [SR] Verify complete
2020-03-22 20:13:19, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:19, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:22, Info                  CSI    00000040 [SR] Verify complete
2020-03-22 20:13:22, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:22, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:25, Info                  CSI    00000044 [SR] Verify complete
2020-03-22 20:13:26, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:26, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:27, Info                  CSI    00000048 [SR] Verify complete
2020-03-22 20:13:27, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:27, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:29, Info                  CSI    0000004c [SR] Verify complete
2020-03-22 20:13:30, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:30, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:32, Info                  CSI    00000050 [SR] Verify complete
2020-03-22 20:13:32, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:32, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:33, Info                  CSI    00000054 [SR] Verify complete
2020-03-22 20:13:34, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:34, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:36, Info                  CSI    00000058 [SR] Verify complete
2020-03-22 20:13:36, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:36, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:38, Info                  CSI    0000005c [SR] Verify complete
2020-03-22 20:13:39, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:39, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:46, Info                  CSI    00000060 [SR] Verify complete
2020-03-22 20:13:47, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:47, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:49, Info                  CSI    00000064 [SR] Verify complete
2020-03-22 20:13:50, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:50, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:52, Info                  CSI    00000068 [SR] Verify complete
2020-03-22 20:13:52, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:52, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2020-03-22 20:13:58, Info                  CSI    0000006e [SR] Verify complete
2020-03-22 20:13:59, Info                  CSI    0000006f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:13:59, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:05, Info                  CSI    00000074 [SR] Verify complete
2020-03-22 20:14:05, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:05, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:08, Info                  CSI    00000079 [SR] Verify complete
2020-03-22 20:14:08, Info                  CSI    0000007a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:08, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:12, Info                  CSI    0000007e [SR] Verify complete
2020-03-22 20:14:13, Info                  CSI    0000007f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:13, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:17, Info                  CSI    00000082 [SR] Verify complete
2020-03-22 20:14:18, Info                  CSI    00000083 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:18, Info                  CSI    00000084 [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:25, Info                  CSI    000000a9 [SR] Verify complete
2020-03-22 20:14:25, Info                  CSI    000000aa [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:25, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:32, Info                  CSI    000000ad [SR] Verify complete
2020-03-22 20:14:32, Info                  CSI    000000ae [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:32, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:37, Info                  CSI    000000b1 [SR] Verify complete
2020-03-22 20:14:37, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:37, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:41, Info                  CSI    000000b5 [SR] Verify complete
2020-03-22 20:14:41, Info                  CSI    000000b6 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:41, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:46, Info                  CSI    000000b9 [SR] Verify complete
2020-03-22 20:14:46, Info                  CSI    000000ba [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:46, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2020-03-22 20:14:50, Info                  CSI    000000bd [SR] Verify complete
2020-03-22 20:14:51, Info                  CSI    000000be [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:14:51, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:07, Info                  CSI    000000e2 [SR] Verify complete
2020-03-22 20:15:07, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:07, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:16, Info                  CSI    000000e6 [SR] Verify complete
2020-03-22 20:15:16, Info                  CSI    000000e7 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:16, Info                  CSI    000000e8 [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:27, Info                  CSI    000000ea [SR] Verify complete
2020-03-22 20:15:27, Info                  CSI    000000eb [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:27, Info                  CSI    000000ec [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:36, Info                  CSI    000000ee [SR] Verify complete
2020-03-22 20:15:36, Info                  CSI    000000ef [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:36, Info                  CSI    000000f0 [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:38, Info                  CSI    000000f2 [SR] Verify complete
2020-03-22 20:15:38, Info                  CSI    000000f3 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:38, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:39, Info                  CSI    000000f6 [SR] Verify complete
2020-03-22 20:15:40, Info                  CSI    000000f7 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:40, Info                  CSI    000000f8 [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:45, Info                  CSI    000000fa [SR] Verify complete
2020-03-22 20:15:45, Info                  CSI    000000fb [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:45, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:52, Info                  CSI    0000010f [SR] Verify complete
2020-03-22 20:15:52, Info                  CSI    00000110 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:52, Info                  CSI    00000111 [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:54, Info                  CSI    00000113 [SR] Verify complete
2020-03-22 20:15:54, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:54, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2020-03-22 20:15:57, Info                  CSI    00000117 [SR] Verify complete
2020-03-22 20:15:58, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:15:58, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:01, Info                  CSI    0000011b [SR] Verify complete
2020-03-22 20:16:01, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:01, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:02, Info                  CSI    0000011f [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 20:16:06, Info                  CSI    00000121 [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 20:16:06, Info                  CSI    00000122 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2020-03-22 20:16:06, Info                  CSI    00000125 [SR] Could not reproject corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\IME\IMETC10\DICTS"\[l:18{9}]"IMTCS.IMD"; source file in store is also corrupted
2020-03-22 20:16:07, Info                  CSI    00000128 [SR] Verify complete
2020-03-22 20:16:08, Info                  CSI    00000129 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:08, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:11, Info                  CSI    0000012c [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 20:16:15, Info                  CSI    0000012f [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 20:16:15, Info                  CSI    00000130 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2020-03-22 20:16:16, Info                  CSI    00000133 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"imageres.dll"; source file in store is also corrupted
2020-03-22 20:16:16, Info                  CSI    00000135 [SR] Verify complete
2020-03-22 20:16:16, Info                  CSI    00000136 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:16, Info                  CSI    00000137 [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:19, Info                  CSI    00000139 [SR] Verify complete
2020-03-22 20:16:19, Info                  CSI    0000013a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:19, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:21, Info                  CSI    0000013d [SR] Verify complete
2020-03-22 20:16:22, Info                  CSI    0000013e [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:22, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:28, Info                  CSI    00000141 [SR] Verify complete
2020-03-22 20:16:29, Info                  CSI    00000142 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:29, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:33, Info                  CSI    00000145 [SR] Verify complete
2020-03-22 20:16:34, Info                  CSI    00000146 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:34, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:42, Info                  CSI    00000151 [SR] Verify complete
2020-03-22 20:16:42, Info                  CSI    00000152 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:42, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:48, Info                  CSI    00000163 [SR] Verify complete
2020-03-22 20:16:48, Info                  CSI    00000164 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:48, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2020-03-22 20:16:52, Info                  CSI    00000167 [SR] Verify complete
2020-03-22 20:16:53, Info                  CSI    00000168 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:16:53, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:08, Info                  CSI    0000016b [SR] Verify complete
2020-03-22 20:17:09, Info                  CSI    0000016c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:09, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:12, Info                  CSI    0000016f [SR] Verify complete
2020-03-22 20:17:13, Info                  CSI    00000170 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:13, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:18, Info                  CSI    00000173 [SR] Verify complete
2020-03-22 20:17:19, Info                  CSI    00000174 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:19, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:23, Info                  CSI    00000177 [SR] Verify complete
2020-03-22 20:17:24, Info                  CSI    00000178 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:24, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:30, Info                  CSI    0000017b [SR] Verify complete
2020-03-22 20:17:31, Info                  CSI    0000017c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:31, Info                  CSI    0000017d [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:35, Info                  CSI    00000181 [SR] Verify complete
2020-03-22 20:17:35, Info                  CSI    00000182 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:35, Info                  CSI    00000183 [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:38, Info                  CSI    00000185 [SR] Verify complete
2020-03-22 20:17:39, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:39, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2020-03-22 20:17:53, Info                  CSI    00000189 [SR] Verify complete
2020-03-22 20:17:53, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:17:53, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:02, Info                  CSI    0000018e [SR] Verify complete
2020-03-22 20:18:02, Info                  CSI    0000018f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:02, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:08, Info                  CSI    00000192 [SR] Verify complete
2020-03-22 20:18:09, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:09, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:16, Info                  CSI    00000197 [SR] Verify complete
2020-03-22 20:18:16, Info                  CSI    00000198 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:16, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:26, Info                  CSI    0000019c [SR] Verify complete
2020-03-22 20:18:27, Info                  CSI    0000019d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:27, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:34, Info                  CSI    000001a0 [SR] Verify complete
2020-03-22 20:18:34, Info                  CSI    000001a1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:34, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:39, Info                  CSI    000001a4 [SR] Verify complete
2020-03-22 20:18:40, Info                  CSI    000001a5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:40, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:44, Info                  CSI    000001a8 [SR] Verify complete
2020-03-22 20:18:46, Info                  CSI    000001a9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:46, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:51, Info                  CSI    000001ad [SR] Verify complete
2020-03-22 20:18:51, Info                  CSI    000001ae [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:51, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2020-03-22 20:18:58, Info                  CSI    000001b1 [SR] Verify complete
2020-03-22 20:18:59, Info                  CSI    000001b2 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:18:59, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:03, Info                  CSI    000001b5 [SR] Verify complete
2020-03-22 20:19:03, Info                  CSI    000001b6 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:03, Info                  CSI    000001b7 [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:10, Info                  CSI    000001ba [SR] Verify complete
2020-03-22 20:19:10, Info                  CSI    000001bb [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:10, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:17, Info                  CSI    000001bf [SR] Verify complete
2020-03-22 20:19:18, Info                  CSI    000001c0 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:18, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:25, Info                  CSI    000001c4 [SR] Verify complete
2020-03-22 20:19:25, Info                  CSI    000001c5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:25, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:32, Info                  CSI    000001c8 [SR] Verify complete
2020-03-22 20:19:32, Info                  CSI    000001c9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:32, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:39, Info                  CSI    000001cc [SR] Verify complete
2020-03-22 20:19:39, Info                  CSI    000001cd [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:39, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:44, Info                  CSI    000001d0 [SR] Verify complete
2020-03-22 20:19:45, Info                  CSI    000001d1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:45, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:49, Info                  CSI    000001d4 [SR] Verify complete
2020-03-22 20:19:49, Info                  CSI    000001d5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:49, Info                  CSI    000001d6 [SR] Beginning Verify and Repair transaction
2020-03-22 20:19:55, Info                  CSI    000001d8 [SR] Verify complete
2020-03-22 20:19:55, Info                  CSI    000001d9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:19:55, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2020-03-22 20:20:00, Info                  CSI    000001dc [SR] Verify complete
2020-03-22 20:20:01, Info                  CSI    000001dd [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:20:01, Info                  CSI    000001de [SR] Beginning Verify and Repair transaction
2020-03-22 20:20:07, Info                  CSI    000001e0 [SR] Verify complete
2020-03-22 20:20:07, Info                  CSI    000001e1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:20:07, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2020-03-22 20:20:11, Info                  CSI    000001e4 [SR] Verify complete
2020-03-22 20:20:12, Info                  CSI    000001e5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:20:12, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2020-03-22 20:20:22, Info                  CSI    000001e8 [SR] Verify complete
2020-03-22 20:20:22, Info                  CSI    000001e9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:20:22, Info                  CSI    000001ea [SR] Beginning Verify and Repair transaction
2020-03-22 20:20:59, Info                  CSI    000001ec [SR] Verify complete
2020-03-22 20:20:59, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:20:59, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:09, Info                  CSI    000001f0 [SR] Verify complete
2020-03-22 20:21:10, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:10, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:20, Info                  CSI    000001f4 [SR] Verify complete
2020-03-22 20:21:21, Info                  CSI    000001f5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:21, Info                  CSI    000001f6 [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:24, Info                  CSI    000001f8 [SR] Verify complete
2020-03-22 20:21:24, Info                  CSI    000001f9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:24, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:29, Info                  CSI    000001fc [SR] Verify complete
2020-03-22 20:21:30, Info                  CSI    000001fd [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:30, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:34, Info                  CSI    00000200 [SR] Verify complete
2020-03-22 20:21:35, Info                  CSI    00000201 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:35, Info                  CSI    00000202 [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:41, Info                  CSI    00000204 [SR] Verify complete
2020-03-22 20:21:41, Info                  CSI    00000205 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:41, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:42, Info                  CSI    00000208 [SR] Verify complete
2020-03-22 20:21:43, Info                  CSI    00000209 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:43, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:43, Info                  CSI    0000020c [SR] Verify complete
2020-03-22 20:21:44, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:44, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:51, Info                  CSI    00000216 [SR] Verify complete
2020-03-22 20:21:51, Info                  CSI    00000217 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:51, Info                  CSI    00000218 [SR] Beginning Verify and Repair transaction
2020-03-22 20:21:55, Info                  CSI    0000021a [SR] Verify complete
2020-03-22 20:21:57, Info                  CSI    0000021b [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:21:57, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:01, Info                  CSI    0000021e [SR] Verify complete
2020-03-22 20:22:01, Info                  CSI    0000021f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:01, Info                  CSI    00000220 [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:04, Info                  CSI    00000222 [SR] Verify complete
2020-03-22 20:22:05, Info                  CSI    00000223 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:05, Info                  CSI    00000224 [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:12, Info                  CSI    00000227 [SR] Verify complete
2020-03-22 20:22:12, Info                  CSI    00000228 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:12, Info                  CSI    00000229 [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:17, Info                  CSI    0000022b [SR] Verify complete
2020-03-22 20:22:17, Info                  CSI    0000022c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:17, Info                  CSI    0000022d [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:21, Info                  CSI    0000022f [SR] Verify complete
2020-03-22 20:22:22, Info                  CSI    00000230 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:22, Info                  CSI    00000231 [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:27, Info                  CSI    00000233 [SR] Verify complete
2020-03-22 20:22:28, Info                  CSI    00000234 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:28, Info                  CSI    00000235 [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:40, Info                  CSI    00000238 [SR] Verify complete
2020-03-22 20:22:40, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:40, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:46, Info                  CSI    0000023f [SR] Verify complete
2020-03-22 20:22:47, Info                  CSI    00000240 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:47, Info                  CSI    00000241 [SR] Beginning Verify and Repair transaction
2020-03-22 20:22:54, Info                  CSI    00000247 [SR] Verify complete
2020-03-22 20:22:55, Info                  CSI    00000248 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:22:55, Info                  CSI    00000249 [SR] Beginning Verify and Repair transaction
2020-03-22 20:23:03, Info                  CSI    00000252 [SR] Verify complete
2020-03-22 20:23:04, Info                  CSI    00000253 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:23:04, Info                  CSI    00000254 [SR] Beginning Verify and Repair transaction
2020-03-22 20:23:09, Info                  CSI    00000259 [SR] Verify complete
2020-03-22 20:23:09, Info                  CSI    0000025a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:23:09, Info                  CSI    0000025b [SR] Beginning Verify and Repair transaction
2020-03-22 20:23:14, Info                  CSI    0000025f [SR] Verify complete
2020-03-22 20:23:15, Info                  CSI    00000260 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:23:15, Info                  CSI    00000261 [SR] Beginning Verify and Repair transaction
2020-03-22 20:23:18, Info                  CSI    00000263 [SR] Verify complete
2020-03-22 20:23:19, Info                  CSI    00000264 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:23:19, Info                  CSI    00000265 [SR] Beginning Verify and Repair transaction
2020-03-22 20:23:25, Info                  CSI    0000028a [SR] Verify complete
2020-03-22 20:23:25, Info                  CSI    0000028b [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:23:25, Info                  CSI    0000028c [SR] Beginning Verify and Repair transaction
2020-03-22 20:41:21, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:41:21, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2020-03-22 20:41:25, Info                  CSI    0000000c [SR] Verify complete
2020-03-22 20:41:30, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:41:30, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2020-03-22 20:41:34, Info                  CSI    00000010 [SR] Verify complete
2020-03-22 20:41:37, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:41:37, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2020-03-22 20:41:39, Info                  CSI    00000014 [SR] Verify complete
2020-03-22 20:41:42, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:41:42, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-03-22 20:41:44, Info                  CSI    00000018 [SR] Verify complete
2020-03-22 20:41:48, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:41:48, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2020-03-22 20:41:50, Info                  CSI    0000001c [SR] Verify complete
2020-03-22 20:41:54, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:41:54, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2020-03-22 20:41:56, Info                  CSI    00000020 [SR] Verify complete
2020-03-22 20:41:59, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:41:59, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2020-03-22 20:42:03, Info                  CSI    00000024 [SR] Verify complete
2020-03-22 20:42:07, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:42:07, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-03-22 20:42:12, Info                  CSI    00000028 [SR] Verify complete
2020-03-22 20:42:18, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:42:18, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2020-03-22 20:42:22, Info                  CSI    0000002c [SR] Verify complete
2020-03-22 20:42:24, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:42:24, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2020-03-22 20:42:29, Info                  CSI    00000030 [SR] Verify complete
2020-03-22 20:42:31, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:42:31, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-03-22 20:42:34, Info                  CSI    00000034 [SR] Verify complete
2020-03-22 20:42:37, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:42:37, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2020-03-22 20:42:42, Info                  CSI    00000038 [SR] Verify complete
2020-03-22 20:42:52, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:42:52, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2020-03-22 20:43:04, Info                  CSI    0000003c [SR] Verify complete
2020-03-22 20:43:07, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:43:07, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2020-03-22 20:43:46, Info                  CSI    00000040 [SR] Verify complete
2020-03-22 20:43:48, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:43:48, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2020-03-22 20:44:07, Info                  CSI    00000044 [SR] Verify complete
2020-03-22 20:44:09, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:44:09, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2020-03-22 20:44:17, Info                  CSI    00000048 [SR] Verify complete
2020-03-22 20:44:19, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:44:19, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2020-03-22 20:44:33, Info                  CSI    0000004c [SR] Verify complete
2020-03-22 20:44:36, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:44:36, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2020-03-22 20:44:49, Info                  CSI    00000050 [SR] Verify complete
2020-03-22 20:44:51, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:44:51, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2020-03-22 20:44:58, Info                  CSI    00000054 [SR] Verify complete
2020-03-22 20:44:59, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:44:59, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2020-03-22 20:45:10, Info                  CSI    00000058 [SR] Verify complete
2020-03-22 20:45:12, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:45:12, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2020-03-22 20:45:23, Info                  CSI    0000005c [SR] Verify complete
2020-03-22 20:45:25, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:45:25, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2020-03-22 20:46:26, Info                  CSI    00000060 [SR] Verify complete
2020-03-22 20:46:27, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:46:27, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2020-03-22 20:47:08, Info                  CSI    00000064 [SR] Verify complete
2020-03-22 20:47:15, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:47:15, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2020-03-22 20:47:57, Info                  CSI    00000068 [SR] Verify complete
2020-03-22 20:48:02, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:48:02, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2020-03-22 20:49:01, Info                  CSI    0000006e [SR] Verify complete
2020-03-22 20:49:05, Info                  CSI    0000006f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:49:05, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2020-03-22 20:50:02, Info                  CSI    00000074 [SR] Verify complete
2020-03-22 20:50:03, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:50:03, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2020-03-22 20:50:21, Info                  CSI    00000079 [SR] Verify complete
2020-03-22 20:50:23, Info                  CSI    0000007a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:50:23, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2020-03-22 20:50:40, Info                  CSI    0000007e [SR] Verify complete
2020-03-22 20:50:41, Info                  CSI    0000007f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:50:41, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2020-03-22 20:51:11, Info                  CSI    00000082 [SR] Verify complete
2020-03-22 20:51:15, Info                  CSI    00000083 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:51:15, Info                  CSI    00000084 [SR] Beginning Verify and Repair transaction
2020-03-22 20:51:48, Info                  CSI    000000a9 [SR] Verify complete
2020-03-22 20:51:52, Info                  CSI    000000aa [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:51:52, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2020-03-22 20:52:29, Info                  CSI    000000ad [SR] Verify complete
2020-03-22 20:52:31, Info                  CSI    000000ae [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:52:31, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2020-03-22 20:53:03, Info                  CSI    000000b1 [SR] Verify complete
2020-03-22 20:53:06, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:53:06, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2020-03-22 20:53:41, Info                  CSI    000000b5 [SR] Verify complete
2020-03-22 20:53:45, Info                  CSI    000000b6 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:53:45, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2020-03-22 20:54:11, Info                  CSI    000000b9 [SR] Verify complete
2020-03-22 20:54:15, Info                  CSI    000000ba [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:54:15, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2020-03-22 20:54:35, Info                  CSI    000000bd [SR] Verify complete
2020-03-22 20:54:37, Info                  CSI    000000be [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:54:37, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2020-03-22 20:55:45, Info                  CSI    000000e2 [SR] Verify complete
2020-03-22 20:55:47, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:55:47, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
2020-03-22 20:56:36, Info                  CSI    000000e6 [SR] Verify complete
2020-03-22 20:56:38, Info                  CSI    000000e7 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:56:38, Info                  CSI    000000e8 [SR] Beginning Verify and Repair transaction
2020-03-22 20:57:43, Info                  CSI    000000ea [SR] Verify complete
2020-03-22 20:57:45, Info                  CSI    000000eb [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:57:45, Info                  CSI    000000ec [SR] Beginning Verify and Repair transaction
2020-03-22 20:58:27, Info                  CSI    000000ee [SR] Verify complete
2020-03-22 20:58:29, Info                  CSI    000000ef [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:58:29, Info                  CSI    000000f0 [SR] Beginning Verify and Repair transaction
2020-03-22 20:58:52, Info                  CSI    000000f2 [SR] Verify complete
2020-03-22 20:58:55, Info                  CSI    000000f3 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:58:55, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2020-03-22 20:59:03, Info                  CSI    000000f6 [SR] Verify complete
2020-03-22 20:59:05, Info                  CSI    000000f7 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:59:05, Info                  CSI    000000f8 [SR] Beginning Verify and Repair transaction
2020-03-22 20:59:29, Info                  CSI    000000fa [SR] Verify complete
2020-03-22 20:59:31, Info                  CSI    000000fb [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:59:31, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2020-03-22 20:59:50, Info                  CSI    0000010f [SR] Verify complete
2020-03-22 20:59:50, Info                  CSI    00000110 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 20:59:50, Info                  CSI    00000111 [SR] Beginning Verify and Repair transaction
2020-03-22 20:59:58, Info                  CSI    00000113 [SR] Verify complete
2020-03-22 21:00:01, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:00:01, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2020-03-22 21:00:17, Info                  CSI    00000117 [SR] Verify complete
2020-03-22 21:00:18, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:00:18, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2020-03-22 21:00:24, Info                  CSI    0000011b [SR] Verify complete
2020-03-22 21:00:25, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:00:25, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2020-03-22 21:00:28, Info                  CSI    0000011f [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:00:41, Info                  CSI    00000121 [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:00:41, Info                  CSI    00000122 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2020-03-22 21:00:42, Info                  CSI    00000125 [SR] Could not reproject corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\IME\IMETC10\DICTS"\[l:18{9}]"IMTCS.IMD"; source file in store is also corrupted
2020-03-22 21:00:42, Info                  CSI    00000128 [SR] Verify complete
2020-03-22 21:00:45, Info                  CSI    00000129 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:00:45, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2020-03-22 21:01:00, Info                  CSI    0000012c [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:01:17, Info                  CSI    0000012f [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:01:17, Info                  CSI    00000130 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2020-03-22 21:01:18, Info                  CSI    00000133 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"imageres.dll"; source file in store is also corrupted
2020-03-22 21:01:18, Info                  CSI    00000135 [SR] Verify complete
2020-03-22 21:01:19, Info                  CSI    00000136 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:01:19, Info                  CSI    00000137 [SR] Beginning Verify and Repair transaction
2020-03-22 21:01:26, Info                  CSI    00000139 [SR] Verify complete
2020-03-22 21:01:27, Info                  CSI    0000013a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:01:27, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2020-03-22 21:01:32, Info                  CSI    0000013d [SR] Verify complete
2020-03-22 21:01:33, Info                  CSI    0000013e [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:01:33, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2020-03-22 21:01:53, Info                  CSI    00000141 [SR] Verify complete
2020-03-22 21:01:53, Info                  CSI    00000142 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:01:53, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2020-03-22 21:02:10, Info                  CSI    00000145 [SR] Verify complete
2020-03-22 21:02:11, Info                  CSI    00000146 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:02:11, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2020-03-22 21:02:36, Info                  CSI    00000151 [SR] Verify complete
2020-03-22 21:02:37, Info                  CSI    00000152 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:02:37, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2020-03-22 21:02:50, Info                  CSI    00000163 [SR] Verify complete
2020-03-22 21:02:51, Info                  CSI    00000164 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:02:51, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2020-03-22 21:03:02, Info                  CSI    00000167 [SR] Verify complete
2020-03-22 21:03:02, Info                  CSI    00000168 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:03:02, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2020-03-22 21:04:15, Info                  CSI    0000016b [SR] Verify complete
2020-03-22 21:04:17, Info                  CSI    0000016c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:04:17, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2020-03-22 21:04:29, Info                  CSI    0000016f [SR] Verify complete
2020-03-22 21:04:30, Info                  CSI    00000170 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:04:30, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2020-03-22 21:04:45, Info                  CSI    00000173 [SR] Verify complete
2020-03-22 21:04:47, Info                  CSI    00000174 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:04:47, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2020-03-22 21:04:58, Info                  CSI    00000177 [SR] Verify complete
2020-03-22 21:04:59, Info                  CSI    00000178 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:04:59, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2020-03-22 21:05:15, Info                  CSI    0000017b [SR] Verify complete
2020-03-22 21:05:15, Info                  CSI    0000017c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:05:15, Info                  CSI    0000017d [SR] Beginning Verify and Repair transaction
2020-03-22 21:05:22, Info                  CSI    00000181 [SR] Verify complete
2020-03-22 21:05:23, Info                  CSI    00000182 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:05:23, Info                  CSI    00000183 [SR] Beginning Verify and Repair transaction
2020-03-22 21:05:31, Info                  CSI    00000185 [SR] Verify complete
2020-03-22 21:05:31, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:05:31, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2020-03-22 21:06:50, Info                  CSI    00000189 [SR] Verify complete
2020-03-22 21:06:52, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:06:52, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2020-03-22 21:07:31, Info                  CSI    0000018e [SR] Verify complete
2020-03-22 21:07:31, Info                  CSI    0000018f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:07:31, Info                  CSI    00000190 [SR] Beginning Verify and Repair transaction
2020-03-22 21:07:52, Info                  CSI    00000192 [SR] Verify complete
2020-03-22 21:07:53, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:07:53, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2020-03-22 21:08:11, Info                  CSI    00000197 [SR] Verify complete
2020-03-22 21:08:13, Info                  CSI    00000198 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:08:13, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2020-03-22 21:08:51, Info                  CSI    0000019c [SR] Verify complete
2020-03-22 21:08:51, Info                  CSI    0000019d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:08:51, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2020-03-22 21:09:11, Info                  CSI    000001a0 [SR] Verify complete
2020-03-22 21:09:11, Info                  CSI    000001a1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:09:11, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2020-03-22 21:09:25, Info                  CSI    000001a4 [SR] Verify complete
2020-03-22 21:09:26, Info                  CSI    000001a5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:09:26, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2020-03-22 21:09:38, Info                  CSI    000001a8 [SR] Verify complete
2020-03-22 21:09:39, Info                  CSI    000001a9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:09:39, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction
2020-03-22 21:09:53, Info                  CSI    000001ad [SR] Verify complete
2020-03-22 21:09:53, Info                  CSI    000001ae [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:09:53, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2020-03-22 21:10:10, Info                  CSI    000001b1 [SR] Verify complete
2020-03-22 21:10:11, Info                  CSI    000001b2 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:10:11, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
2020-03-22 21:10:19, Info                  CSI    000001b5 [SR] Verify complete
2020-03-22 21:10:20, Info                  CSI    000001b6 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:10:20, Info                  CSI    000001b7 [SR] Beginning Verify and Repair transaction
2020-03-22 21:10:34, Info                  CSI    000001ba [SR] Verify complete
2020-03-22 21:10:35, Info                  CSI    000001bb [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:10:35, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
2020-03-22 21:10:54, Info                  CSI    000001bf [SR] Verify complete
2020-03-22 21:10:55, Info                  CSI    000001c0 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:10:55, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2020-03-22 21:11:16, Info                  CSI    000001c4 [SR] Verify complete
2020-03-22 21:11:18, Info                  CSI    000001c5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:11:18, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2020-03-22 21:11:36, Info                  CSI    000001c8 [SR] Verify complete
2020-03-22 21:11:36, Info                  CSI    000001c9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:11:36, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2020-03-22 21:12:00, Info                  CSI    000001cc [SR] Verify complete
2020-03-22 21:12:00, Info                  CSI    000001cd [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:12:00, Info                  CSI    000001ce [SR] Beginning Verify and Repair transaction
2020-03-22 21:12:09, Info                  CSI    000001d0 [SR] Verify complete
2020-03-22 21:12:12, Info                  CSI    000001d1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:12:12, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2020-03-22 21:12:22, Info                  CSI    000001d4 [SR] Verify complete
2020-03-22 21:12:23, Info                  CSI    000001d5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:12:23, Info                  CSI    000001d6 [SR] Beginning Verify and Repair transaction
2020-03-22 21:12:37, Info                  CSI    000001d8 [SR] Verify complete
2020-03-22 21:12:38, Info                  CSI    000001d9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:12:38, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2020-03-22 21:12:56, Info                  CSI    000001dc [SR] Verify complete
2020-03-22 21:12:57, Info                  CSI    000001dd [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:12:57, Info                  CSI    000001de [SR] Beginning Verify and Repair transaction
2020-03-22 21:13:14, Info                  CSI    000001e0 [SR] Verify complete
2020-03-22 21:13:15, Info                  CSI    000001e1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:13:15, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2020-03-22 21:13:28, Info                  CSI    000001e4 [SR] Verify complete
2020-03-22 21:13:29, Info                  CSI    000001e5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:13:29, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2020-03-22 21:14:10, Info                  CSI    000001e8 [SR] Verify complete
2020-03-22 21:14:11, Info                  CSI    000001e9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:14:11, Info                  CSI    000001ea [SR] Beginning Verify and Repair transaction
2020-03-22 21:17:00, Info                  CSI    000001ec [SR] Verify complete
2020-03-22 21:17:01, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:17:01, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2020-03-22 21:17:28, Info                  CSI    000001f0 [SR] Verify complete
2020-03-22 21:17:28, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:17:28, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2020-03-22 21:17:57, Info                  CSI    000001f4 [SR] Verify complete
2020-03-22 21:17:58, Info                  CSI    000001f5 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:17:58, Info                  CSI    000001f6 [SR] Beginning Verify and Repair transaction
2020-03-22 21:18:07, Info                  CSI    000001f8 [SR] Verify complete
2020-03-22 21:18:08, Info                  CSI    000001f9 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:18:08, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2020-03-22 21:18:22, Info                  CSI    000001fc [SR] Verify complete
2020-03-22 21:18:23, Info                  CSI    000001fd [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:18:23, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
2020-03-22 21:18:36, Info                  CSI    00000200 [SR] Verify complete
2020-03-22 21:18:37, Info                  CSI    00000201 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:18:37, Info                  CSI    00000202 [SR] Beginning Verify and Repair transaction
2020-03-22 21:18:56, Info                  CSI    00000204 [SR] Verify complete
2020-03-22 21:18:57, Info                  CSI    00000205 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:18:57, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:00, Info                  CSI    00000208 [SR] Verify complete
2020-03-22 21:19:01, Info                  CSI    00000209 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:01, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:03, Info                  CSI    0000020c [SR] Verify complete
2020-03-22 21:19:04, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:04, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:20, Info                  CSI    00000216 [SR] Verify complete
2020-03-22 21:19:22, Info                  CSI    00000217 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:22, Info                  CSI    00000218 [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:34, Info                  CSI    0000021a [SR] Verify complete
2020-03-22 21:19:35, Info                  CSI    0000021b [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:35, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:39, Info                  CSI    0000021e [SR] Verify complete
2020-03-22 21:19:39, Info                  CSI    0000021f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:39, Info                  CSI    00000220 [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:45, Info                  CSI    00000222 [SR] Verify complete
2020-03-22 21:19:46, Info                  CSI    00000223 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:46, Info                  CSI    00000224 [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:52, Info                  CSI    00000227 [SR] Verify complete
2020-03-22 21:19:53, Info                  CSI    00000228 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:53, Info                  CSI    00000229 [SR] Beginning Verify and Repair transaction
2020-03-22 21:19:57, Info                  CSI    0000022b [SR] Verify complete
2020-03-22 21:19:58, Info                  CSI    0000022c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:19:58, Info                  CSI    0000022d [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:00, Info                  CSI    0000022f [SR] Verify complete
2020-03-22 21:20:01, Info                  CSI    00000230 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:01, Info                  CSI    00000231 [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:08, Info                  CSI    00000233 [SR] Verify complete
2020-03-22 21:20:08, Info                  CSI    00000234 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:08, Info                  CSI    00000235 [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:18, Info                  CSI    00000238 [SR] Verify complete
2020-03-22 21:20:19, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:19, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:26, Info                  CSI    0000023f [SR] Verify complete
2020-03-22 21:20:26, Info                  CSI    00000240 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:26, Info                  CSI    00000241 [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:34, Info                  CSI    00000247 [SR] Verify complete
2020-03-22 21:20:36, Info                  CSI    00000248 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:36, Info                  CSI    00000249 [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:45, Info                  CSI    00000252 [SR] Verify complete
2020-03-22 21:20:46, Info                  CSI    00000253 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:46, Info                  CSI    00000254 [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:51, Info                  CSI    00000259 [SR] Verify complete
2020-03-22 21:20:51, Info                  CSI    0000025a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:51, Info                  CSI    0000025b [SR] Beginning Verify and Repair transaction
2020-03-22 21:20:56, Info                  CSI    0000025f [SR] Verify complete
2020-03-22 21:20:57, Info                  CSI    00000260 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:20:57, Info                  CSI    00000261 [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:00, Info                  CSI    00000263 [SR] Verify complete
2020-03-22 21:21:01, Info                  CSI    00000264 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:01, Info                  CSI    00000265 [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:07, Info                  CSI    0000028a [SR] Verify complete
2020-03-22 21:21:08, Info                  CSI    0000028b [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:08, Info                  CSI    0000028c [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:17, Info                  CSI    0000028e [SR] Verify complete
2020-03-22 21:21:18, Info                  CSI    0000028f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:18, Info                  CSI    00000290 [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:24, Info                  CSI    00000292 [SR] Verify complete
2020-03-22 21:21:24, Info                  CSI    00000293 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:24, Info                  CSI    00000294 [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:30, Info                  CSI    00000296 [SR] Verify complete
2020-03-22 21:21:31, Info                  CSI    00000297 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:31, Info                  CSI    00000298 [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:37, Info                  CSI    000002a5 [SR] Verify complete
2020-03-22 21:21:38, Info                  CSI    000002a6 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:38, Info                  CSI    000002a7 [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:43, Info                  CSI    000002aa [SR] Verify complete
2020-03-22 21:21:44, Info                  CSI    000002ab [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:44, Info                  CSI    000002ac [SR] Beginning Verify and Repair transaction
2020-03-22 21:21:53, Info                  CSI    000002b0 [SR] Verify complete
2020-03-22 21:21:54, Info                  CSI    000002b1 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:21:54, Info                  CSI    000002b2 [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:00, Info                  CSI    000002be [SR] Verify complete
2020-03-22 21:22:01, Info                  CSI    000002bf [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:01, Info                  CSI    000002c0 [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:03, Info                  CSI    000002c2 [SR] Verify complete
2020-03-22 21:22:04, Info                  CSI    000002c3 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:04, Info                  CSI    000002c4 [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:10, Info                  CSI    000002c7 [SR] Verify complete
2020-03-22 21:22:10, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:10, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:12, Info                  CSI    000002cb [SR] Verify complete
2020-03-22 21:22:13, Info                  CSI    000002cc [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:13, Info                  CSI    000002cd [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:20, Info                  CSI    000002cf [SR] Verify complete
2020-03-22 21:22:20, Info                  CSI    000002d0 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:20, Info                  CSI    000002d1 [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:25, Info                  CSI    000002d3 [SR] Verify complete
2020-03-22 21:22:25, Info                  CSI    000002d4 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:25, Info                  CSI    000002d5 [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:32, Info                  CSI    000002d9 [SR] Verify complete
2020-03-22 21:22:32, Info                  CSI    000002da [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:32, Info                  CSI    000002db [SR] Beginning Verify and Repair transaction
2020-03-22 21:22:38, Info                  CSI    000002f3 [SR] Verify complete
2020-03-22 21:22:39, Info                  CSI    000002f4 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:22:39, Info                  CSI    000002f5 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:01, Info                  CSI    000002f7 [SR] Verify complete
2020-03-22 21:23:02, Info                  CSI    000002f8 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:02, Info                  CSI    000002f9 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:05, Info                  CSI    000002fb [SR] Verify complete
2020-03-22 21:23:06, Info                  CSI    000002fc [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:06, Info                  CSI    000002fd [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:09, Info                  CSI    000002ff [SR] Verify complete
2020-03-22 21:23:10, Info                  CSI    00000300 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:10, Info                  CSI    00000301 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:13, Info                  CSI    00000305 [SR] Verify complete
2020-03-22 21:23:13, Info                  CSI    00000306 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:13, Info                  CSI    00000307 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:18, Info                  CSI    00000309 [SR] Verify complete
2020-03-22 21:23:19, Info                  CSI    0000030a [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:19, Info                  CSI    0000030b [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:22, Info                  CSI    0000030d [SR] Verify complete
2020-03-22 21:23:23, Info                  CSI    0000030e [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:23, Info                  CSI    0000030f [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:27, Info                  CSI    00000311 [SR] Verify complete
2020-03-22 21:23:28, Info                  CSI    00000312 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:28, Info                  CSI    00000313 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:32, Info                  CSI    00000316 [SR] Verify complete
2020-03-22 21:23:32, Info                  CSI    00000317 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:32, Info                  CSI    00000318 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:36, Info                  CSI    0000031a [SR] Verify complete
2020-03-22 21:23:36, Info                  CSI    0000031b [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:36, Info                  CSI    0000031c [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:41, Info                  CSI    0000031e [SR] Verify complete
2020-03-22 21:23:41, Info                  CSI    0000031f [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:41, Info                  CSI    00000320 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:47, Info                  CSI    00000322 [SR] Verify complete
2020-03-22 21:23:48, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:48, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:52, Info                  CSI    00000327 [SR] Verify complete
2020-03-22 21:23:52, Info                  CSI    00000328 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:52, Info                  CSI    00000329 [SR] Beginning Verify and Repair transaction
2020-03-22 21:23:57, Info                  CSI    0000032b [SR] Verify complete
2020-03-22 21:23:58, Info                  CSI    0000032c [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:23:58, Info                  CSI    0000032d [SR] Beginning Verify and Repair transaction
2020-03-22 21:24:02, Info                  CSI    0000032f [SR] Verify complete
2020-03-22 21:24:03, Info                  CSI    00000330 [SR] Verifying 100 (0x0000000000000064) components
2020-03-22 21:24:03, Info                  CSI    00000331 [SR] Beginning Verify and Repair transaction
2020-03-22 21:24:10, Info                  CSI    00000333 [SR] Verify complete
2020-03-22 21:24:10, Info                  CSI    00000334 [SR] Verifying 55 (0x0000000000000037) components
2020-03-22 21:24:10, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2020-03-22 21:24:12, Info                  CSI    00000337 [SR] Verify complete
2020-03-22 21:24:12, Info                  CSI    00000338 [SR] Repairing 2 components
2020-03-22 21:24:12, Info                  CSI    00000339 [SR] Beginning Verify and Repair transaction
2020-03-22 21:24:13, Info                  CSI    0000033b [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:24:13, Info                  CSI    0000033d [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:24:13, Info                  CSI    0000033f [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:24:13, Info                  CSI    00000340 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2020-03-22 21:24:14, Info                  CSI    00000343 [SR] Could not reproject corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\IME\IMETC10\DICTS"\[l:18{9}]"IMTCS.IMD"; source file in store is also corrupted
2020-03-22 21:24:16, Info                  CSI    00000345 [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2020-03-22 21:24:16, Info                  CSI    00000346 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2020-03-22 21:24:16, Info                  CSI    00000349 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"imageres.dll"; source file in store is also corrupted
2020-03-22 21:24:16, Info                  CSI    0000034b [SR] Repair complete
2020-03-22 21:24:16, Info                  CSI    0000034c [SR] Committing transaction
2020-03-22 21:24:16, Info                  CSI    00000350 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========

  • 0

#27
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

First log FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2020
Ran by Mike (administrator) on MIKELAPTOPWIN7 (Hewlett-Packard HP ProBook 6560b) (22-03-2020 21:57:55)
Running from C:\Users\Mike\Downloads
Loaded Profiles: Mike (Available Profiles: Mike & postgres)
Platform: Windows 7 Ultimate N Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Broadcom Corporation) [File not signed] C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Broadcom Corporation) [File not signed] C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel® Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(SMSC) [File not signed] C:\Program Files\SGFX\sgfxmgr.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> The OpenVPN Project) C:\Program Files (x86)\NordVPN\Resources\Binaries\64bit\openvpn-nordvpn.exe
(Zemana D.O.O. Sarajevo -> Copyright 2018.) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
(Zemana D.O.O. Sarajevo -> Copyright 2018.) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [HoldemManager.Server] => C:\Users\Mike\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [1147 2020-03-21] () [File not signed]
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1815584 2020-02-28] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [913800 2020-01-15] (Nota Inc. -> Nota Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-21] (Google LLC -> Google LLC)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {10FA6A5C-796B-442D-8EC3-DE4033C4971A} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-01-15] (Nota Inc. -> Nota Inc.)
Task: {159BA05A-312B-4EDC-A8EB-1B26C67EBB98} - System32\Tasks\HPCeeScheduleForMike => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {15ED3066-F1BD-48EE-966B-8C5B2406AD74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {22289654-4EB4-4F1D-8EBE-27EA13053D7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1116024 2020-02-26] (HP Inc. -> HP Inc.)
Task: {7497891C-79A9-438A-905B-76967959E0FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1116024 2020-02-26] (HP Inc. -> HP Inc.)
Task: {8031B836-8B5C-457D-B10E-F916A5144AFF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8AEF26FA-6EAE-4E3A-80D1-66AF157A9F49} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [489272 2019-08-07] (Bitdefender SRL -> Bitdefender)
Task: {AAD10E4A-D32C-4CA1-B1DF-0169B8E6D027} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {C135738A-582D-4855-A96F-722D7E602386} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {C6D4E3F5-4C1F-4C6B-9B44-E6F92900907E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {CCED3A44-AE3F-473B-9491-B1951BB77BB7} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-01-15] (Nota Inc. -> Nota Inc.)
Task: {E1D5A690-932F-4697-9AA2-ECADEA506C71} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {ED02D60F-9B28-47FF-A7CC-D702658C73E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [308088 2020-02-12] (HP Inc. -> HP Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\HPCeeScheduleForMike.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{551BEBA7-DD54-4B4D-91C5-0D0379F13077}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{85A0EFE3-9BA8-4D69-8B7D-768D503F8FEE}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2018-09-07] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2018-09-07] (Logitech Inc -> Logitech, Inc.)
 
FireFox:
========
FF DefaultProfile: 2t3fi1vw.default
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2t3fi1vw.default [2019-11-18]
FF Extension: (Avast Online Security) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2t3fi1vw.default\Extensions\[email protected] [2019-11-18]
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\5xftgsj3.default-release [2020-03-21]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\5xftgsj3.default-release\Extensions\[email protected] [2019-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-12-29] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
 
Chrome: 
=======
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default [2020-03-22]
CHR NewTab: Default ->  Not-active:"chrome-extension://pifdldjocgdmmlpjpkafopdclpeceiif/index.html", Not-active:"chrome-extension://kgnmiidkjfoodibgboejadngnfblkmaj/index.html"
CHR DefaultSearchURL: Default -> hxxps://tinder.com/static/android-chrome-192x192.png
CHR Extension: (Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-23]
CHR Extension: (Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-23]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-23]
CHR Extension: (Honey) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-03-22]
CHR Extension: (Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-23]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-22]
CHR Extension: (Avast Online Security) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-29]
CHR Extension: (Tinder) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2019-10-07]
CHR Extension: (CouponViewer Add-On) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpabcakadbfmhiinljgodpkdeolfchlo [2020-01-16]
CHR Extension: (Grammarly for Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-03-22]
CHR Extension: (Satellite & Earth Maps) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgnmiidkjfoodibgboejadngnfblkmaj [2020-02-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Earth & Satellite Maps) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifdldjocgdmmlpjpkafopdclpeceiif [2020-02-27]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-22]
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-01]
CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel® Driver & Support Assistant -> Intel)
R2 HPDayStarterService; C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-03-23] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-01] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [234528 2020-02-28] (TEFINCOM S.A. -> )
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1296560 2019-08-07] (Bitdefender SRL -> Bitdefender)
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 SGFXMgr; C:\Program Files\SGFX\sgfxmgr.exe [8481280 2013-05-01] (SMSC) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2012-10-24] (IDT, Inc.) [File not signed]
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5862400 2018-10-23] (Broadcom Corporation) [File not signed]
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
S2 pgsql-8.3; "C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe" runservice -w -N "pgsql-8.3" -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"
S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1212416 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2020-02-28] (Disc Soft Ltd -> Disc Soft Ltd)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [57728 2020-03-07] (SurfRight B.V. -> )
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [161408 2017-09-12] (Zemana Ltd. -> Zemana Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-22] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-02-23] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R4 sgfxk; C:\Windows\System32\drivers\sgfxk64.sys [157432 2013-05-02] (SMSC -> SMSC)
R0 sgfxl; C:\Windows\System32\drivers\sgfxl64.sys [18168 2013-05-02] (SMSC -> SMSC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1864328 2012-10-03] (SONIX TECHNOLOGY CO. , LTD -> )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2020-02-28] (Disc Soft Ltd -> Duplex Secure Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [543744 2012-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2019-07-02] (Windows ® Win 7 DDK provider) [File not signed]
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2020-03-22] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2020-03-22] (Zemana Ltd. -> Zemana Ltd.)
U3 iswSvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-03-22 21:56 - 2020-03-22 21:56 - 000003416 _____ C:\Windows\system32\Tasks\GyazoUpdateTaskMachineDaily
2020-03-22 21:56 - 2020-03-22 21:56 - 000003290 _____ C:\Windows\system32\Tasks\GyazoUpdateTaskMachine
2020-03-22 21:55 - 2020-03-22 21:55 - 000000957 _____ C:\Users\Public\Desktop\Gyazo Replay.lnk
2020-03-22 21:55 - 2020-03-22 21:55 - 000000957 _____ C:\ProgramData\Desktop\Gyazo Replay.lnk
2020-03-22 21:55 - 2020-03-22 21:55 - 000000942 _____ C:\Users\Public\Desktop\Gyazo.lnk
2020-03-22 21:55 - 2020-03-22 21:55 - 000000942 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2020-03-22 21:55 - 2020-03-22 21:55 - 000000942 _____ C:\ProgramData\Desktop\Gyazo.lnk
2020-03-22 21:55 - 2020-03-22 21:55 - 000000942 _____ C:\ProgramData\Desktop\Gyazo GIF.lnk
2020-03-22 21:55 - 2020-03-22 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2020-03-22 21:55 - 2020-03-22 21:55 - 000000000 ____D C:\Program Files (x86)\Gyazo
2020-03-22 21:52 - 2020-03-22 21:52 - 010643160 _____ (Nota Inc. ) C:\Users\Mike\Downloads\Gyazo-4.1.1.exe
2020-03-22 21:35 - 2020-03-22 21:35 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-03-22 20:12 - 2020-03-22 21:25 - 000091509 _____ C:\Users\Mike\Downloads\Fixlog.txt
2020-03-22 20:12 - 2020-03-22 20:12 - 000000000 ____D C:\Users\Mike\Downloads\FRST-OlderVersion
2020-03-22 19:41 - 2020-03-22 19:41 - 000001578 _____ C:\Users\Mike\Downloads\fixlist (1).txt
2020-03-22 19:19 - 2020-03-22 21:40 - 000003648 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-03-22 04:20 - 2020-03-22 04:20 - 000192718 _____ C:\Users\Mike\Documents\SPEECY LOG FILE FOR GEEKS.txt
2020-03-22 04:19 - 2020-03-22 04:19 - 000192721 _____ C:\Users\Mike\Documents\MIKELAPTOPWIN7.txt
2020-03-22 04:15 - 2020-03-22 19:01 - 000000328 _____ C:\Windows\Tasks\HPCeeScheduleForMike.job
2020-03-22 04:15 - 2020-03-22 04:15 - 000003180 _____ C:\Windows\system32\Tasks\HPCeeScheduleForMike
2020-03-22 03:36 - 2020-03-22 03:41 - 000041235 _____ C:\Users\Mike\Downloads\Addition.txt
2020-03-22 03:33 - 2020-03-22 21:59 - 000027730 _____ C:\Users\Mike\Downloads\FRST.txt
2020-03-22 03:12 - 2020-03-22 21:58 - 000000000 ____D C:\FRST
2020-03-22 03:11 - 2020-03-22 20:12 - 002279936 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2020-03-22 02:03 - 2020-03-22 21:59 - 000251287 _____ C:\Windows\ZAM.krnl.trace
2020-03-22 02:03 - 2020-03-22 21:58 - 000036590 _____ C:\Windows\ZAM_Guard.krnl.trace
2020-03-22 02:03 - 2020-03-22 02:03 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2020-03-22 02:03 - 2020-03-22 02:03 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2020-03-22 02:02 - 2020-03-22 02:03 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2020-03-22 02:02 - 2020-03-22 02:02 - 000001113 _____ C:\Users\Public\Desktop\Zemana AntiLogger.lnk
2020-03-22 02:02 - 2020-03-22 02:02 - 000001113 _____ C:\ProgramData\Desktop\Zemana AntiLogger.lnk
2020-03-22 02:02 - 2020-03-22 02:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger
2020-03-22 02:02 - 2020-03-22 02:02 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK
2020-03-22 02:02 - 2017-09-12 16:53 - 000161408 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys
2020-03-22 02:00 - 2020-03-22 02:03 - 000000000 ____D C:\Users\Mike\AppData\Local\Zemana
2020-03-22 02:00 - 2020-03-22 02:00 - 012946608 _____ (Zemana Ltd. ) C:\Users\Mike\Downloads\Zemana.AntiLogger.Setup.exe
2020-03-22 00:16 - 2020-03-22 00:18 - 066778032 _____ C:\Users\Mike\Downloads\torbrowser-install-win64-9.0.6_en-US.exe
2020-03-21 20:09 - 2020-03-21 20:09 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-03-21 20:09 - 2020-03-21 20:09 - 000000796 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-03-21 20:09 - 2020-03-21 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-03-21 20:08 - 2020-03-21 20:09 - 000000000 ____D C:\Program Files\Speccy
2020-03-21 20:06 - 2020-03-21 20:07 - 006889184 _____ (Piriform Ltd) C:\Users\Mike\Downloads\spsetup132.exe
2020-03-03 19:02 - 2020-03-07 15:13 - 000057728 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2020-03-03 17:21 - 2020-03-03 17:21 - 000000000 ____D C:\SWSetup
2020-03-03 17:19 - 2020-03-03 17:20 - 012973760 _____ (HP Inc.) C:\Users\Mike\Downloads\sp85528.exe
2020-03-03 17:09 - 2020-03-03 17:07 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-03 17:09 - 2020-03-03 17:07 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-03 17:09 - 2020-03-03 17:06 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-01 08:06 - 2020-03-01 08:06 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill64.exe
2020-03-01 07:41 - 2020-03-21 20:19 - 000002180 _____ C:\Users\Mike\Desktop\Rkill.txt
2020-03-01 07:40 - 2020-03-01 07:40 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill.exe
2020-03-01 07:30 - 2020-03-01 07:37 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-03-01 07:30 - 2020-03-01 07:30 - 000103232 _____ C:\ProgramData\agent.1583062199.bdinstall.v2.bin
2020-03-01 07:30 - 2020-03-01 07:30 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-03-01 07:28 - 2020-03-01 07:29 - 010527368 _____ C:\Users\Mike\Downloads\bitdefender_online.exe
2020-03-01 07:22 - 2020-03-01 07:22 - 000000000 ____D C:\ProgramData\NortonInstaller
2020-03-01 07:21 - 2020-03-01 07:22 - 005613920 _____ (COMODO) C:\Users\Mike\Downloads\cav_installer_138430010_1a.exe
2020-03-01 07:20 - 2020-03-22 03:03 - 000000000 ____D C:\ProgramData\Norton
2020-03-01 07:04 - 2020-03-01 07:04 - 000000000 ____H C:\Users\Mike\Documents\Default.rdp
2020-03-01 07:03 - 2020-03-01 07:03 - 000000000 ____D C:\Program Files\HitmanPro
2020-03-01 06:51 - 2020-03-01 06:51 - 000000759 _____ C:\Users\Mike\Desktop\NATHAN - Shortcut.lnk
2020-03-01 06:09 - 2020-03-01 06:22 - 000302604 _____ C:\Windows\ntbtlog.txt
2020-03-01 05:50 - 2020-03-01 05:50 - 000279656 _____ C:\Windows\Minidump\030120-25287-01.dmp
2020-03-01 05:47 - 2020-03-01 05:47 - 011539456 _____ (SurfRight B.V.) C:\Users\Mike\Downloads\HitmanPro_x64 (1).exe
2020-03-01 05:30 - 2020-03-01 05:42 - 000000000 ____D C:\ProgramData\HitmanPro
2020-03-01 03:59 - 2020-03-01 03:59 - 000279600 _____ C:\Windows\Minidump\030120-24975-01.dmp
2020-03-01 03:43 - 2020-03-01 04:48 - 000000000 ___RD C:\Users\Mike\Documents\Notes
2020-03-01 02:49 - 2020-03-22 01:45 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Panda Security
2020-03-01 02:48 - 2020-03-22 01:46 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-03-01 02:47 - 2020-03-01 02:47 - 000021504 ___SH C:\Users\Mike\Desktop\Thumbs.db
2020-03-01 02:44 - 2020-03-22 01:46 - 000000000 ____D C:\ProgramData\Panda Security
2020-03-01 02:43 - 2020-03-01 02:43 - 002261616 _____ (Panda Security, S.L.) C:\Users\Mike\Downloads\PANDAFREEAV.exe
2020-03-01 02:28 - 2020-03-01 02:28 - 000000186 _____ C:\Users\Mike\Documents\cc_20200301_012822.reg
2020-03-01 01:21 - 2020-03-22 00:32 - 000000832 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-03-01 01:21 - 2020-03-22 00:32 - 000000784 _____ C:\Users\Mike\Desktop\Start Tor Browser.lnk
2020-03-01 01:18 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\Desktop\Tor Browser
2020-03-01 01:16 - 2020-03-01 01:18 - 066716472 _____ C:\Users\Mike\Downloads\torbrowser-install-win64-9.0.5_en-US.exe
2020-03-01 01:14 - 2020-03-01 01:14 - 000002626 _____ C:\Users\Mike\Documents\cc_20200301_001419.reg
2020-03-01 00:02 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-03-01 00:02 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-03-01 00:02 - 2020-03-01 00:02 - 000001970 _____ C:\Users\Public\Desktop\NordVPN.lnk
2020-03-01 00:02 - 2020-03-01 00:02 - 000001970 _____ C:\ProgramData\Desktop\NordVPN.lnk
2020-02-29 23:58 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\NordVPN
2020-02-29 23:58 - 2020-03-01 00:02 - 000000000 ____D C:\Users\Mike\AppData\Local\NordVPN
2020-02-29 23:57 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-02-29 23:54 - 2020-02-29 23:54 - 000000000 ____D C:\Users\Mike\AppData\Roaming\NordVPN
2020-02-29 23:51 - 2020-02-29 23:51 - 014091752 _____ (NordVPN) C:\Users\Mike\Downloads\NordVPNSetup.exe
2020-02-29 14:30 - 2020-03-21 23:58 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-29 14:30 - 2020-03-21 23:58 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-29 14:30 - 2020-03-21 23:58 - 000002143 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-29 14:27 - 2020-02-29 14:28 - 001288408 _____ (Google LLC) C:\Users\Mike\Downloads\ChromeSetup.exe
2020-02-29 03:56 - 2020-02-29 03:56 - 000004544 _____ C:\New Journal Document.jnt
2020-02-28 22:44 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Greenshot
2020-02-28 22:44 - 2020-02-28 22:44 - 000000000 ____D C:\Users\Mike\AppData\Local\Greenshot
2020-02-28 22:40 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2020-02-28 22:40 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\Greenshot
2020-02-28 22:40 - 2020-02-28 22:46 - 000000000 ____D C:\Users\Mike\Documents\PokerMavens.Documentation
2020-02-28 22:38 - 2020-02-28 22:39 - 001783200 _____ (Greenshot ) C:\Users\Mike\Downloads\Greenshot-INSTALLER-1.2.10.6-RELEASE.exe
2020-02-28 21:39 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\SecurityScans
2020-02-28 21:38 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\Microsoft Baseline Security Analyzer 2
2020-02-28 21:38 - 2020-02-28 21:38 - 000001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.2.lnk
2020-02-28 21:38 - 2020-02-28 21:38 - 000001081 _____ C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
2020-02-28 21:38 - 2020-02-28 21:38 - 000001081 _____ C:\ProgramData\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk
2020-02-28 21:33 - 2020-02-28 21:33 - 001777664 _____ C:\Users\Mike\Downloads\MBSASetup-x64-EN.msi
2020-02-28 21:15 - 2020-02-28 21:15 - 001728127 _____ C:\Users\Mike\Downloads\Autoruns.zip
2020-02-28 20:57 - 2020-02-28 21:04 - 117690800 _____ (Microsoft Corporation) C:\Users\Mike\Downloads\MSERT.exe
2020-02-28 20:52 - 2020-02-28 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2020-02-28 20:52 - 2020-02-28 20:52 - 000381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2020-02-28 20:52 - 2020-02-28 20:52 - 000030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2020-02-28 20:49 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2020-02-28 20:49 - 2020-02-28 20:49 - 000000000 ____D C:\Users\Mike\AppData\Roaming\DAEMON Tools Lite
2020-02-28 20:48 - 2020-02-28 20:49 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2020-02-28 20:47 - 2020-02-28 20:48 - 013223208 _____ (Disc Soft Ltd) C:\Users\Mike\Downloads\DTLite501-0406.exe
2020-02-28 20:39 - 2020-02-28 20:39 - 000000000 ____D C:\Users\Mike\Documents\Iso.Windows7Ultimate.x64
2020-02-28 18:43 - 2020-02-28 18:43 - 000000036 _____ C:\Users\Mike\AppData\Local\housecall.guid.cache
2020-02-28 18:42 - 2020-02-28 18:42 - 002660528 _____ (Trend Micro Inc.) C:\Users\Mike\Downloads\HousecallLauncher64.1582929602.exe
2020-02-28 17:52 - 2019-11-05 15:03 - 000066848 _____ (Check Point Software Technologies) C:\Windows\system32\Drivers\cpbak.sys
2020-02-28 17:47 - 2020-02-28 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2020-02-28 17:47 - 2020-02-28 17:47 - 000000000 ____D C:\Program Files (x86)\Magical Jelly Bean
2020-02-28 17:46 - 2020-02-28 17:46 - 000928232 _____ (Magical Jelly Bean ) C:\Users\Mike\Downloads\KeyFinderInstaller.exe
2020-02-28 17:22 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\TAP-Windows
2020-02-28 01:11 - 2020-02-28 01:11 - 000000000 _____ C:\Windows\system32\Drivers\etc\lmhosts
2020-02-28 00:12 - 2020-02-28 17:24 - 000000000 ____D C:\ProgramData\Hotspot Shield
2020-02-28 00:11 - 2020-02-28 00:12 - 000441016 _____ C:\Windows\system32\Drivers\vsconfig.xml
2020-02-28 00:08 - 2020-02-28 00:08 - 000000762 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2020-02-28 00:08 - 2020-02-28 00:08 - 000000762 _____ C:\ProgramData\Desktop\ZoneAlarm Security.lnk
2020-02-28 00:08 - 2020-02-28 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2020-02-27 23:58 - 2020-02-29 14:27 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2020-02-27 23:54 - 2020-03-01 00:15 - 000000000 ____D C:\ProgramData\CheckPoint
2020-02-27 23:53 - 2020-02-27 23:53 - 005950256 _____ (Check Point Software Technologies Ltd.) C:\Users\Mike\Downloads\Unconfirmed 79209.crdownload
2020-02-27 23:52 - 2020-02-27 23:53 - 005950256 _____ (Check Point Software Technologies Ltd.) C:\Users\Mike\Downloads\zafwSetupWeb_158_023_18219.exe
2020-02-27 23:40 - 2020-02-27 23:41 - 000002470 _____ C:\Users\Mike\Documents\CCleaner.RegistryBackup.2020.02.27.reg
2020-02-24 02:10 - 2020-03-01 03:54 - 000007594 _____ C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
2020-02-24 01:13 - 2020-02-24 01:13 - 000000000 ____D C:\Users\Mike\AppData\Local\cache
2020-02-24 01:12 - 2020-03-01 18:58 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-02-24 01:12 - 2020-03-01 18:58 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-02-24 01:12 - 2020-02-24 01:12 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\Users\Mike\AppData\Local\mbamtray
2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\Users\Mike\AppData\Local\mbam
2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-02-24 01:11 - 2020-03-22 05:51 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-02-24 01:09 - 2020-02-24 01:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-02-24 00:59 - 2020-02-24 00:59 - 000000000 ____D C:\Program Files\Malwarebytes
2020-02-24 00:49 - 2020-02-24 00:49 - 000000000 ____D C:\Users\Mike\Documents\PCProtect
2020-02-24 00:47 - 2020-02-24 00:47 - 000043256 _____ C:\Users\Mike\Documents\cc_20200223_234726.reg
2020-02-24 00:43 - 2020-02-24 00:43 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-02-24 00:42 - 2020-02-24 00:43 - 000000000 ____D C:\ProgramData\PCProtect
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-03-22 21:50 - 2009-07-14 00:50 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-22 21:50 - 2009-07-14 00:50 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-22 21:44 - 2018-10-21 06:02 - 000000000 ____D C:\Users\Mike
2020-03-22 21:32 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-22 19:02 - 2019-11-13 17:16 - 000000000 ____D C:\Users\postgres
2020-03-22 05:06 - 2019-11-02 22:25 - 000000000 ____D C:\Users\Mike\AppData\LocalLow\Mozilla
2020-03-22 03:06 - 2019-09-11 17:52 - 000000000 ____D C:\Windows\system32\MRT
2020-03-22 03:02 - 2019-09-11 17:50 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-22 02:46 - 2018-10-23 22:02 - 000098824 _____ C:\Users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT
2020-03-22 02:46 - 2009-07-14 01:12 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-22 02:46 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2020-03-22 02:41 - 2019-01-01 16:34 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2020-03-22 02:37 - 2009-07-14 00:50 - 000428320 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-22 02:30 - 2019-11-16 16:27 - 000000000 ____D C:\Table Tamer
2020-03-22 02:30 - 2018-11-28 22:22 - 000000000 ____D C:\Users\Mike\AppData\Local\Table Tamer
2020-03-22 01:40 - 2019-02-08 16:44 - 000000000 ____D C:\Users\Mike\AppData\Local\Run It Once Poker
2020-03-22 01:40 - 2019-02-08 16:41 - 000000000 ____D C:\Program Files (x86)\RunItOncePoker
2020-03-22 01:37 - 2018-10-23 22:16 - 000000000 ____D C:\Users\Mike\AppData\Local\Google
2020-03-22 01:15 - 2019-11-18 05:21 - 000000000 ____D C:\Users\Mike\AppData\Local\AVAST Software
2020-03-22 01:15 - 2019-11-15 22:22 - 000000000 ____D C:\Program Files (x86)\StackAndTile
2020-03-22 01:15 - 2018-11-05 14:32 - 000000000 ____D C:\ProgramData\AVAST Software
2020-03-21 20:43 - 2019-05-14 19:55 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2020-03-21 20:09 - 2018-11-13 17:41 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Poker Mavens 6
2020-03-21 20:01 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2020-03-03 17:07 - 2020-02-16 03:48 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-03 17:07 - 2020-02-16 03:48 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-03 17:05 - 2020-02-16 03:48 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-03 17:05 - 2020-02-16 03:48 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-03 17:05 - 2020-02-16 03:48 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-03-03 17:04 - 2020-02-16 03:48 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-03 17:04 - 2020-02-16 03:48 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-03 17:04 - 2020-02-16 03:48 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-01 06:52 - 2019-11-04 17:55 - 000000000 ____D C:\temp
2020-03-01 05:50 - 2019-01-23 16:11 - 000000000 ____D C:\Windows\Minidump
2020-03-01 04:48 - 2019-12-08 21:15 - 000000000 ____D C:\Users\Mike\AppData\Roaming\slobs-client
2020-03-01 04:47 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\registration
2020-03-01 03:56 - 2018-10-24 11:03 - 000000000 ____D C:\Users\Mike\AppData\Local\ElevatedDiagnostics
2020-03-01 03:47 - 2009-07-14 01:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-01 02:49 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-03-01 02:47 - 2019-11-10 23:35 - 000000915 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-03-01 02:47 - 2019-11-10 23:35 - 000000915 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-03-01 02:47 - 2019-11-03 21:55 - 000001047 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2020-03-01 02:47 - 2019-11-03 21:55 - 000001047 _____ C:\ProgramData\Desktop\OBS Studio.lnk
2020-02-29 20:33 - 2019-10-03 17:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-02-29 14:30 - 2018-10-23 22:16 - 000000000 ____D C:\Program Files (x86)\Google
2020-02-29 04:19 - 2019-01-14 21:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-28 23:48 - 2019-01-14 21:25 - 000000000 ____D C:\Users\Mike\AppData\Roaming\TeamViewer
2020-02-28 23:02 - 2009-07-14 00:50 - 000000000 ____D C:\Windows\ServiceProfiles
2020-02-28 17:31 - 2018-12-27 20:46 - 000000000 ____D C:\ProgramData\Package Cache
2020-02-27 23:53 - 2019-11-12 21:29 - 000000000 ____D C:\Windows\system32\appmgmt
2020-02-27 22:24 - 2009-07-13 23:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-02-27 19:55 - 2019-01-15 04:49 - 000000000 ____D C:\Users\Mike\AppData\Local\TeamViewer
2020-02-21 19:49 - 2019-06-01 15:22 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
 
==================== Files in the root of some directories ========
 
2020-02-28 18:43 - 2020-02-28 18:43 - 000000036 _____ () C:\Users\Mike\AppData\Local\housecall.guid.cache
2020-02-24 02:10 - 2020-03-01 03:54 - 000007594 _____ () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-02-29 16:07
==================== End of FRST.txt ========================

Edited by steveairway, 22 March 2020 - 08:04 PM.

  • 0

#28
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-03-2020
Ran by Mike (22-03-2020 21:59:51)
Running from C:\Users\Mike\Downloads
Windows 7 Ultimate N Service Pack 1 (X64) (2018-10-21 10:02:08)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3550179741-2894783952-792556322-500 - Administrator - Disabled)
Guest (S-1-5-21-3550179741-2894783952-792556322-501 - Limited - Disabled)
Mike (S-1-5-21-3550179741-2894783952-792556322-1000 - Administrator - Enabled) => C:\Users\Mike
postgres (S-1-5-21-3550179741-2894783952-792556322-1003 - Limited - Enabled) => C:\Users\postgres
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
Ace Poker Drills (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76A480D3}_is1) (Version: 1.1 - Ace Poker Solutions)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)
AMD Catalyst Install Manager (HKLM\...\{D0A76081-22E4-5B3F-5394-1229DDF73585}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
BlackChipPoker version 1.21.65 (HKLM-x32\...\{1B17EB4E-3E9C-4611-B8B5-31C0A00A1F70}_is1) (Version: 1.21.65 - Winning Poker Network, Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.143 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.143 - Broadcom Corporation)
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
Core Graphics Software (HKLM\...\{61768C93-76C2-4017-974F-9BE1D2BBD9A4}) (Version: 5.3.60.6579 - SMSC) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DriveHUD (HKLM-x32\...\{A385DB4B-3949-4BF7-97ED-8B4EA828F50C}) (Version: 1.6.2875 - Ace Poker Solutions) Hidden
DriveHUD (HKLM-x32\...\{bee462df-9abf-4c66-96b0-e1e362aa985c}) (Version: 1.6.2.2875 - Ace Poker Solutions)
Ericsson WWAN Module Firmware Update (HKLM-x32\...\{C7116457-0B69-4EF2-9B67-72BAD7A7D48F}) (Version: 1.00.0000 - Hewlett Packard)
Flopzilla (HKLM-x32\...\{C2A8E01F-B2D2-4D76-9350-2B088E87349F}) (Version: 1.8.6 - Flopzilla)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Gyazo 4.1.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
HP Client Automation Agent Preload  (HKLM-x32\...\{52B18ABC-AD5F-4C3C-B391-04F57B380449}) (Version: 7.5 - Hewlett-Packard)
HP DayStarter (HKLM\...\{74EC2285-AB57-4451-9292-4B4DE5934FC6}) (Version: 2.0.1.0 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP Mouse Suite (HKLM-x32\...\{213FF60A-9899-4145-8428-D144778BE117}) (Version: 1.1.2 - Hewlett-Packard)
HP Port Replicator Software Installer (HKLM-x32\...\{75BF632E-4761-4CF4-A368-E158B8A1BB1C}) (Version: 1.2.20 - HP)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{930B5F2B-8DB9-42F4-90E4-5D3DC30541C3}) (Version: 12.14.49.15 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{F4F3B985-9B21-4D67-B1B2-2829C5D392E8}) (Version: 2.4.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Ignition Casino Poker (HKLM-x32\...\{B63C2764-2878-40D2-A50E-B3BE6D5F122F}_is1) (Version: 4.0 - )
Intel® Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
LibreOffice 6.3.2.2 (HKLM\...\{6110D2CC-70B4-415E-AF5A-7BB496AB264B}) (Version: 6.3.2.2 - The Document Foundation)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.114 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{08C3441C-4FAF-48D3-A551-70DD6031734F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Node.js (HKLM-x32\...\{E5549415-58EA-4BBF-AE4A-C495F14D8088}) (Version: 10.16.0 - Node.js Foundation)
NordVPN (HKLM-x32\...\{83E5941F-5F93-4097-81F5-79FA38FFB875}) (Version: 6.27.11 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.27.11) (Version: 6.27.11 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Poker Mavens 6.06 (Pro) (HKLM-x32\...\Poker Mavens_is1) (Version:  - )
PokerTracker 3 (remove only) (HKLM-x32\...\PokerTracker3) (Version:  - )
PostgreSQL 8.3 (HKLM-x32\...\{B823632F-3B72-4514-8861-B961CE263224}) (Version: 8.3 - PostgreSQL Global Development Group)
PPPOKER (HKLM-x32\...\{91B423CD-8BD1-402B-8173-5069AAD89577}) (Version: 31.0 - LeinTech)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Skype version 8.56 (HKLM-x32\...\Skype_is1) (Version: 8.56 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
SMSC Core Graphics Software (HKLM-x32\...\Core Graphics Software) (Version: 5.3.60.6579 - SMSC)
SMSC LAN9500 Device Driver (HKLM\...\{B36E0195-2DD3-40EE-A924-7751ED5F15BB}) (Version: 13.05.14.0 - SMSC)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Streamlabs OBS 0.11.11 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.11 - General Workings, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1038 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
TN2 (HKLM-x32\...\{5EA9A919-61B4-42A0-B057-511DA81FC240}) (Version: 2.6.13 - PASG)
TN2 (HKLM-x32\...\{85E02B5C-DCDA-4BDE-AD98-1B5D5AA10E89}) (Version: 2.8.1 - PASG)
ViewSpan (HKLM\...\{33F3FCBA-4CC5-4A5B-A6DB-53478463D991}) (Version: 2.8.3.0 - SMSC)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinPcap for PM Catcher 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Ace Poker Solutions LLC)
XSplit Gamecaster (HKLM-x32\...\{7F0DC866-BE32-4AE8-8242-A1F5753176B8}) (Version: 3.4.1812.0304 - SplitmediaLabs)
Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.664 - Zemana Ltd.)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.023.18219 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{713DC4CA-80B3-4349-9257-7D99320848A2}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2020-03-22] (Zemana D.O.O. Sarajevo -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2020-03-22] (Zemana D.O.O. Sarajevo -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan
 
==================== Loaded Modules (Whitelisted) =============
 
2019-11-04 16:09 - 2019-11-04 16:09 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2012-02-10 14:26 - 2012-02-10 14:26 - 001083392 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2018-10-23 21:46 - 2011-08-08 17:12 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
2018-10-23 22:02 - 2018-10-23 22:02 - 000066560 _____ (Broadcom Corporation) [File not signed] C:\Windows\assembly\GAC_64\bcmwlrmt\5.100.82.0__6d6a20262490fcdc\bcmwlrmt.dll
2018-10-23 22:01 - 2018-10-23 22:00 - 001058816 _____ (Broadcom Corporation) [File not signed] C:\Windows\System32\BCMLogon.dll
2018-10-23 22:01 - 2018-10-23 22:00 - 007930368 _____ (Broadcom Corporation) [File not signed] C:\Windows\system32\BCMWLCPL.CPL
2018-10-23 22:01 - 2018-10-23 22:00 - 000073728 _____ (Broadcom Corporation) [File not signed] C:\Windows\system32\wltrynt.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2018-10-23 21:46 - 2011-08-08 17:08 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
2019-11-19 16:19 - 2019-11-19 16:19 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-11-10 12:38 - 2019-11-10 12:38 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2013-05-01 11:55 - 2013-05-01 11:55 - 000269312 _____ (SMSC) [File not signed] C:\Windows\system32\sgfxu64.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2019-01-04 04:22 - 000000829 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11;;c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-3550179741-2894783952-792556322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HPMonitor.exe.lnk => C:\Windows\pss\HPMonitor.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpwjd.exe.lnk => C:\Windows\pss\hpwjd.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpwmsd.exe.lnk => C:\Windows\pss\hpwmsd.exe.lnk.CommonStartup
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Discord => C:\Users\Mike\AppData\Local\Discord\app-0.0.305\Discord.exe
MSCONFIG\startupreg: DSATray => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: NordVPN => C:\Program Files (x86)\NordVPN\NordVPN.exe
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: Poker Mavens 5 Server => "C:\Program Files (x86)\Briggs Softworks\Poker Mavens 5\PMServer.exe" -autostart
MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
MSCONFIG\startupreg: SgfxConfig => "C:\Program Files\SGFX\sgfxconfig.exe"
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{34637B6B-BA89-45B4-82D4-BB7A188ED311}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{A2F07BB9-EBC8-42A7-B0B9-E3313B9965AD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [TCP Query User{E2790D9E-DDF7-4BA1-914D-17F55C47AA17}C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe (Briggs Softworks -> )
FirewallRules: [UDP Query User{F8BAF6CD-F705-4997-B5F4-44871BAA46DC}C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe (Briggs Softworks -> )
FirewallRules: [TCP Query User{B142A748-B65D-4284-9EC5-EE4D23AB9F2A}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [UDP Query User{DA14DAEA-4EE9-4788-B288-E2A9BA95F39C}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [{E1FBD2CB-ED5D-466A-8F1D-2586434340C7}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{94A9FD5B-F39C-44DE-B45D-A91328BB79B5}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{5585D7AE-268F-4025-B0BD-756818680E72}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{A5A53819-4A22-4576-946A-4D77CAB37ED0}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [TCP Query User{FF1F6A5A-5264-4C49-B7DC-7E4465D5ED71}C:\program files\streamlabs obs\streamlabs obs.exe] => (Block) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{6BAF4205-A6FE-4E20-A96D-4A2C5680BBC8}C:\program files\streamlabs obs\streamlabs obs.exe] => (Block) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [TCP Query User{3EEED019-B2BC-4F69-A3DC-04CC1AEDB15F}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{A8D67A9C-6902-4C5F-A546-71D2D7F4F436}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [TCP Query User{26FEEA3D-F187-4CB4-BB85-9B65C918FA03}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [UDP Query User{E2A39CC7-D3C1-4638-93D8-C3C972776260}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )
FirewallRules: [{DE639CB3-702F-48D6-A9AC-87C8488D268A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFD66CD5-9E58-4098-89DB-75A44ED91962}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04A3186F-E4A2-4A2F-AE27-A980A259C43B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09A7D703-191C-431A-A0BA-722A4B53DF74}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9BC25D34-9686-4AD3-9DDB-295BF9F53545}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{19C6EBEA-BEE4-4DA8-9CCE-6288FACDC4D7}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{ACF9850B-775F-4853-8B03-F9ABD7C57661}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{A7FE2610-4446-4DDD-89A0-5AAA2DA0DBEE}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F8D4B728-F995-4F16-B089-C1E3CFF30596}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
01-03-2020 04:41:06 Restore Operation
01-03-2020 05:41:57 Checkpoint by HitmanPro
22-03-2020 01:15:58 Removed Holdem Manager 3
22-03-2020 01:34:49 Removed Backup and Sync from Google
22-03-2020 03:00:14 Windows Update
 
==================== Faulty Device Manager Devices ============
 
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (03/22/2020 09:47:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 148c
 
Start Time: 01d600b3c68cf8cb
 
Termination Time: 15
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 31cc2a22-6ca8-11ea-aadc-009c028b65dd
 
Error: (03/22/2020 09:34:22 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2020-03-23 01:34:22 GMT FATAL:  bogus data in lock file "postmaster.pid": ""
 
 
System errors:
=============
Error: (03/22/2020 09:43:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (03/22/2020 09:34:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm ICM NET Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (03/22/2020 09:26:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.
 
 
CodeIntegrity:
===================================
 
Date: 2020-03-22 21:59:05.500
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 21:56:14.608
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 21:51:35.262
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 21:38:48.146
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 21:36:16.981
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2020-03-22 21:36:10.321
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
BIOS: Hewlett-Packard 68SCE Ver. F.67 02/13/2018
Motherboard: Hewlett-Packard 1619
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 65%
Total physical RAM: 8126.36 MB
Available physical RAM: 2763.62 MB
Total Virtual: 16250.86 MB
Available Virtual: 10287.08 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:292.13 GB) (Free:221.03 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:4.99 GB) (Free:4.99 GB) FAT32
 
\\?\Volume{734c8035-d530-11e8-bf1b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{734c8037-d530-11e8-bf1b-806e6f6e6963}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 59559CF9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=868 MB) - (Type=27)
 
==================== End of Addition.txt =======================

  • 0

#29
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

Speccy should be attatched 


  • 0

#30
steveairway

steveairway

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts

Man i can't seem to use Discord anymore

 

i've made like 15 accounts and i then i use them a little bit then i get this stuff happening

 

SOMETHING OUT OF ORDINARY IS going on message page....  Do u know why this is happening..?   I have Nord Vpn but its not even on..   When i hit connect my nord vpn does not seem to work anymore.. its says connecting but never connects ...

 

https://gyazo.com/f0...c9a3b4704b57917

 

ALSO I HAVE PICTURES OF MY DOCUMENTS THAT I BEEN SENDING TO UNEMPLOYMENT OFFICE LATELY

 

i never saved them ..i noticed them before.. and thought hacker was doing this

 

these pictures of the docs to Ojs.. have my name and social on them... hmm 

 

af829112e85a8a0f1ab56d35fcf9b23c.png
https://gyazo.com/af...ab56d35fcf9b23c


Edited by steveairway, 22 March 2020 - 08:27 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP