Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

HI got a big virus in system viles.. need help going over computers

Started by steveairway , Mar 18 2020 06:17 PM

Please log in to reply

#16
steveairway

Posted 19 March 2020 - 09:24 PM

Member

Topic Starter
Member
54 posts

This guy is in my router and set up 3 networks using same name that i use..

Router is 22000.. netgear.. i know how to reset it...

but when i make a new name and password how on earth do i do that when he is the admin or my comptuer and keylogging me without him knowing?

i download zeman anti logger earlier today and he changed that program.. Now on the desktop its called Gyazo Gif.. but says underneath its Zeman antilogger

I need to get him out of my network but dont know how..

I did this last week.. i called my ip they made my network private and changed password but when i punch this stuff in he gets the info thru keylogs or might even be listening to my phone calls.. he prob is.

#17
steveairway

Posted 20 March 2020 - 12:41 AM

Member

Topic Starter
Member
54 posts

STILL WORKING ON MBAR TOO SCAN AND BOOT SCAN WITH AVAST BUT

THIS IS WHAT R KILL SAYS WHEN I RUN IT BTW

Rkill 2.9.1 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

More Information about Rkill can be found at this link:

http://www.bleepingc...opic308364.html

Program started at: 03/20/2020 02:00:33 AM in x64 mode.

Windows Version: Windows 7 Ultimate N Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]

"DisableAntiSpyware" = dword:00000001

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 03/20/2020 02:02:39 AM

Execution time: 0 hours(s), 2 minute(s), and 6 seconds(s)

#18
steveairway

Posted 20 March 2020 - 12:45 AM

Member

Topic Starter
Member
54 posts

wANT TO maybe help me an hour on here for like 25 bucks or somethign using team viewer or something

Also something weird happ

I think my phone is routing thru my comptuer ip

Let me explain .. Whats my ip when i google it is diff ip than this computer when i look my ip up.

Thats weird right? My ip should be the same as my computer ip .

I think my computer stuff goes thru his proxy/ computer then being web filtered.. For example i literally saw on Sophos on my phone it told me i was being web filtered and he set up sophos to web filter me when on phone

Also think police are watching me.

LIke 4 years ago i got into trouble for calling somebody in Athens oh. misdemeanor stuff .. really . nothing major just a telephone argument i said some cusswords in realty but these [bleep]ers tried to get a felony on me over a telephone argument.. its nuts

anyways if i look up my ip i live in dayton ohio but my ip locatoin is in athens ohio? whats the odds of this?

super super slim.. maybe my ip goes thru police then to me thru the ip sever?

I also think for sure i got a hacker in my network. i mean somebody set up 2 new networks with same name yesterday after i wathed a youtube vid about it so.. there is 3 networks that have same name as mine now.. super weird..

Edited by steveairway, 20 March 2020 - 02:24 AM.

#19
RKinner

Posted 20 March 2020 - 04:05 AM

Malware Expert

Expert
23,327 posts

So far I see no evidence of a hacker. Let's look at PC #2. Run a FRST scan on PC#2 and Post the logs. Also get a Speccy log and post it for PC #2.

#20
steveairway

Posted 22 March 2020 - 01:38 AM

Member

Topic Starter
Member
54 posts

Hey I ordered a windows ten disk... should be better and more secure as u know.

I will load it on all 3 computters then talk to u ...

better than talking about current computers right now if i plan on reinstalling them all with a fresh version of windows ten right?

i'll send logs anyways if your curious.

THE REASON THIS ONE HAS TO BE HACKED IS BECAUSE I LITERALLY SAW THIS COMPUTER TURN ON AT 5 AM IN THE MORNING AND SOMEBODY WAS MOVING THE MOUSE AND STARTING TO LOAD IT UP..!!!!!!!!!!!!!!!!!!!!!!!!!!!!

THIS ALL STARTED WHEN I WAS ON DISCORD AND SOME GUY SAID TO ME HE COULD SEE MY WEBCAM AND ALSO TO HIT THE STICKY KEY MESSAGE THING ABOUT HITTING SHIFT KEY FIVE TIMES.

ALSO I RAN ZEMANA ONCE AND HIT SAID I HAD TROJAN. GEN 9... AL2180 OR WHATNOT.

IF YOU STUDY THE HTML STICKY KEY THING,, PANDA WROTE ARTICLE ABOUT THIS THAT I FOUND.... ITS NOT EXACTLY A VIRUS .. ITS A WAY TO ATTACK THOUGH AS U PROB KNOW..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2020

Ran by Mike (administrator) on MIKELAPTOPWIN7 (Hewlett-Packard HP ProBook 6560b) (22-03-2020 03:33:02)

Running from C:\Users\Mike\Downloads

Loaded Profiles: Mike & postgres (Available Profiles: Mike & postgres)

Platform: Windows 7 Ultimate N Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe

(Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe

(Broadcom Corporation) [File not signed] C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE

(Broadcom Corporation) [File not signed] C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE

(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe

(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe

(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe

(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe

(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe

(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe

(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

(Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe

(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe

(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Intel® Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe

(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Mozilla Corporation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\firefox.exe

(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe

(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe

(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe

(SMSC) [File not signed] C:\Program Files\SGFX\sgfxmgr.exe

(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe

(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe

(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [HoldemManager.Server] => C:\Users\Mike\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [1147 2020-03-21] () [File not signed]

HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)

HKU\S-1-5-21-3550179741-2894783952-792556322-1000\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1815584 2020-02-28] (TEFINCOM S.A. -> NordVPN)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-21] (Google LLC -> Google LLC)

AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)

AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15ED3066-F1BD-48EE-966B-8C5B2406AD74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Task: {22289654-4EB4-4F1D-8EBE-27EA13053D7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1116024 2020-02-26] (HP Inc. -> HP Inc.)

Task: {7241198A-CE73-491B-B6B0-F4EB98DE136D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Task: {7497891C-79A9-438A-905B-76967959E0FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1116024 2020-02-26] (HP Inc. -> HP Inc.)

Task: {8031B836-8B5C-457D-B10E-F916A5144AFF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)

Task: {AAD10E4A-D32C-4CA1-B1DF-0169B8E6D027} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)

Task: {C135738A-582D-4855-A96F-722D7E602386} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)

Task: {C6D4E3F5-4C1F-4C6B-9B44-E6F92900907E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Task: {E1D5A690-932F-4697-9AA2-ECADEA506C71} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)

Task: {ED02D60F-9B28-47FF-A7CC-D702658C73E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [308088 2020-02-12] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

Tcpip\..\Interfaces\{551BEBA7-DD54-4B4D-91C5-0D0379F13077}: [DhcpNameServer] 192.168.254.254

Tcpip\..\Interfaces\{85A0EFE3-9BA8-4D69-8B7D-768D503F8FEE}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2018-09-07] (Logitech Inc -> Logitech, Inc.)

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2018-09-07] (Logitech Inc -> Logitech, Inc.)

FireFox:

========

FF DefaultProfile: 2t3fi1vw.default

FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2t3fi1vw.default [2019-11-18]

FF Extension: (Avast Online Security) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\2t3fi1vw.default\Extensions\[email protected] [2019-11-18]

FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\5xftgsj3.default-release [2020-03-21]

FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\5xftgsj3.default-release\Extensions\[email protected] [2019-11-26]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-12-29] [not signed]

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

Chrome:

=======

CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default [2020-03-22]

CHR NewTab: Default -> Not-active:"chrome-extension://pifdldjocgdmmlpjpkafopdclpeceiif/index.html", Not-active:"chrome-extension://kgnmiidkjfoodibgboejadngnfblkmaj/index.html"

CHR DefaultSearchURL: Default -> hxxps://tinder.com/static/android-chrome-192x192.png

CHR Extension: (Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-23]

CHR Extension: (Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-23]

CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]

CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-23]

CHR Extension: (Honey) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-03-22]

CHR Extension: (Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-23]

CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-22]

CHR Extension: (Avast Online Security) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-29]

CHR Extension: (Tinder) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2019-10-07]

CHR Extension: (CouponViewer Add-On) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpabcakadbfmhiinljgodpkdeolfchlo [2020-01-16]

CHR Extension: (Grammarly for Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-03-22]

CHR Extension: (Satellite & Earth Maps) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgnmiidkjfoodibgboejadngnfblkmaj [2020-02-27]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]

CHR Extension: (Earth & Satellite Maps) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifdldjocgdmmlpjpkafopdclpeceiif [2020-02-27]

CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]

CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-22]

CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-01]

CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)

R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )

R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd -> Disc Soft Ltd)

R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel® Driver & Support Assistant -> Intel)

R2 HPDayStarterService; C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-03-23] (Hewlett-Packard Company -> Hewlett-Packard Company)

R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)

S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)

S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-01] (Malwarebytes Inc -> Malwarebytes)

R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [234528 2020-02-28] (TEFINCOM S.A. -> )

R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1296560 2019-08-07] (Bitdefender SRL -> Bitdefender)

R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

R2 SGFXMgr; C:\Program Files\SGFX\sgfxmgr.exe [8481280 2013-05-01] (SMSC) [File not signed]

R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [327680 2012-10-24] (IDT, Inc.) [File not signed]

R2 TeamViewer; C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [13206544 2020-02-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) <==== ATTENTION

R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5862400 2018-10-23] (Broadcom Corporation) [File not signed]

R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

R3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]

S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

R2 pgsql-8.3; "C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe" runservice -w -N "pgsql-8.3" -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"

S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1212416 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-03] (Avast Software s.r.o. -> AVAST Software)

R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)

R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2020-02-28] (Disc Soft Ltd -> Disc Soft Ltd)

R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)

R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [57728 2020-03-07] (SurfRight B.V. -> )

R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-18] (Hewlett-Packard Company -> Hewlett-Packard Company)

R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)

R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [161408 2017-09-12] (Zemana Ltd. -> Zemana Ltd.)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-24] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-22] (Malwarebytes Inc -> Malwarebytes)

R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2018-02-23] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R4 sgfxk; C:\Windows\System32\drivers\sgfxk64.sys [157432 2013-05-02] (SMSC -> SMSC)

R0 sgfxl; C:\Windows\System32\drivers\sgfxl64.sys [18168 2013-05-02] (SMSC -> SMSC)

R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1864328 2012-10-03] (SONIX TECHNOLOGY CO. , LTD -> )

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2020-02-28] (Disc Soft Ltd -> Duplex Secure Ltd.)

R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [543744 2012-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)

S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)

R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)

S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2019-07-02] (Windows ® Win 7 DDK provider) [File not signed]

R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2020-03-22] (Zemana Ltd. -> Zemana Ltd.)

R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2020-03-22] (Zemana Ltd. -> Zemana Ltd.)

U3 iswSvc; no ImagePath

R4 PsBoot; system32\Drivers\PsBoot.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-22 03:33 - 2020-03-22 03:35 - 000030917 _____ C:\Users\Mike\Downloads\FRST.txt

2020-03-22 03:12 - 2020-03-22 03:34 - 000000000 ____D C:\FRST

2020-03-22 03:11 - 2020-03-22 03:12 - 002279936 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe

2020-03-22 02:40 - 2020-03-22 02:40 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

2020-03-22 02:03 - 2020-03-22 03:35 - 000356921 _____ C:\Windows\ZAM.krnl.trace

2020-03-22 02:03 - 2020-03-22 03:35 - 000048959 _____ C:\Windows\ZAM_Guard.krnl.trace

2020-03-22 02:03 - 2020-03-22 02:03 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys

2020-03-22 02:03 - 2020-03-22 02:03 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys

2020-03-22 02:02 - 2020-03-22 02:03 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger

2020-03-22 02:02 - 2020-03-22 02:02 - 000001113 _____ C:\Users\Public\Desktop\Zemana AntiLogger.lnk

2020-03-22 02:02 - 2020-03-22 02:02 - 000001113 _____ C:\ProgramData\Desktop\Zemana AntiLogger.lnk

2020-03-22 02:02 - 2020-03-22 02:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger

2020-03-22 02:02 - 2020-03-22 02:02 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK

2020-03-22 02:02 - 2017-09-12 16:53 - 000161408 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys

2020-03-22 02:00 - 2020-03-22 02:03 - 000000000 ____D C:\Users\Mike\AppData\Local\Zemana

2020-03-22 02:00 - 2020-03-22 02:00 - 012946608 _____ (Zemana Ltd. ) C:\Users\Mike\Downloads\Zemana.AntiLogger.Setup.exe

2020-03-22 00:16 - 2020-03-22 00:18 - 066778032 _____ C:\Users\Mike\Downloads\torbrowser-install-win64-9.0.6_en-US.exe

2020-03-21 20:13 - 2020-03-21 20:13 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill64-29760.exe

2020-03-21 20:09 - 2020-03-21 20:09 - 000000796 _____ C:\Users\Public\Desktop\Speccy.lnk

2020-03-21 20:09 - 2020-03-21 20:09 - 000000796 _____ C:\ProgramData\Desktop\Speccy.lnk

2020-03-21 20:09 - 2020-03-21 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2020-03-21 20:08 - 2020-03-21 20:09 - 000000000 ____D C:\Program Files\Speccy

2020-03-21 20:06 - 2020-03-21 20:07 - 006889184 _____ (Piriform Ltd) C:\Users\Mike\Downloads\spsetup132.exe

2020-03-03 19:02 - 2020-03-07 15:13 - 000057728 _____ C:\Windows\system32\Drivers\hitmanpro37.sys

2020-03-03 17:21 - 2020-03-03 17:21 - 000000000 ____D C:\SWSetup

2020-03-03 17:19 - 2020-03-03 17:20 - 012973760 _____ (HP Inc.) C:\Users\Mike\Downloads\sp85528.exe

2020-03-03 17:09 - 2020-03-03 17:07 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2020-03-03 17:09 - 2020-03-03 17:07 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2020-03-03 17:09 - 2020-03-03 17:06 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2020-03-01 08:22 - 2020-03-01 08:22 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill64-14652.exe

2020-03-01 08:06 - 2020-03-01 08:06 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill64.exe

2020-03-01 07:41 - 2020-03-21 20:19 - 000002180 _____ C:\Users\Mike\Desktop\Rkill.txt

2020-03-01 07:40 - 2020-03-01 07:40 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Mike\Downloads\rkill.exe

2020-03-01 07:30 - 2020-03-01 07:37 - 000000000 ____D C:\Program Files\Bitdefender Agent

2020-03-01 07:30 - 2020-03-01 07:30 - 000103232 _____ C:\ProgramData\agent.1583062199.bdinstall.v2.bin

2020-03-01 07:30 - 2020-03-01 07:30 - 000000000 ____D C:\ProgramData\Bitdefender Agent

2020-03-01 07:28 - 2020-03-01 07:29 - 010527368 _____ C:\Users\Mike\Downloads\bitdefender_online.exe

2020-03-01 07:22 - 2020-03-22 03:11 - 000000000 ____D C:\Program Files (x86)\NortonInstaller

2020-03-01 07:22 - 2020-03-01 07:22 - 000000000 ____D C:\ProgramData\NortonInstaller

2020-03-01 07:21 - 2020-03-01 07:22 - 005613920 _____ (COMODO) C:\Users\Mike\Downloads\cav_installer_138430010_1a.exe

2020-03-01 07:20 - 2020-03-22 03:03 - 000000000 ____D C:\ProgramData\Norton

2020-03-01 07:04 - 2020-03-01 07:04 - 000000000 ____H C:\Users\Mike\Documents\Default.rdp

2020-03-01 07:03 - 2020-03-01 07:03 - 000000000 ____D C:\Program Files\HitmanPro

2020-03-01 06:51 - 2020-03-01 06:51 - 000000759 _____ C:\Users\Mike\Desktop\NATHAN - Shortcut.lnk

2020-03-01 06:09 - 2020-03-01 06:22 - 000302604 _____ C:\Windows\ntbtlog.txt

2020-03-01 05:50 - 2020-03-01 05:50 - 000279656 _____ C:\Windows\Minidump\030120-25287-01.dmp

2020-03-01 05:47 - 2020-03-01 05:47 - 011539456 _____ (SurfRight B.V.) C:\Users\Mike\Downloads\HitmanPro_x64 (1).exe

2020-03-01 05:30 - 2020-03-01 05:42 - 000000000 ____D C:\ProgramData\HitmanPro

2020-03-01 03:59 - 2020-03-01 03:59 - 000279600 _____ C:\Windows\Minidump\030120-24975-01.dmp

2020-03-01 03:43 - 2020-03-01 04:48 - 000000000 ___RD C:\Users\Mike\Documents\Notes

2020-03-01 02:49 - 2020-03-22 01:45 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Panda Security

2020-03-01 02:48 - 2020-03-22 01:46 - 000000000 ____D C:\Program Files (x86)\Panda Security

2020-03-01 02:47 - 2020-03-01 02:47 - 000021504 ___SH C:\Users\Mike\Desktop\Thumbs.db

2020-03-01 02:44 - 2020-03-22 01:46 - 000000000 ____D C:\ProgramData\Panda Security

2020-03-01 02:43 - 2020-03-01 02:43 - 002261616 _____ (Panda Security, S.L.) C:\Users\Mike\Downloads\PANDAFREEAV.exe

2020-03-01 02:28 - 2020-03-01 02:28 - 000000186 _____ C:\Users\Mike\Documents\cc_20200301_012822.reg

2020-03-01 01:21 - 2020-03-22 00:32 - 000000832 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

2020-03-01 01:21 - 2020-03-22 00:32 - 000000784 _____ C:\Users\Mike\Desktop\Start Tor Browser.lnk

2020-03-01 01:18 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\Desktop\Tor Browser

2020-03-01 01:16 - 2020-03-01 01:18 - 066716472 _____ C:\Users\Mike\Downloads\torbrowser-install-win64-9.0.5_en-US.exe

2020-03-01 01:14 - 2020-03-01 01:14 - 000002626 _____ C:\Users\Mike\Documents\cc_20200301_001419.reg

2020-03-01 00:02 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN

2020-03-01 00:02 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files (x86)\NordVPN

2020-03-01 00:02 - 2020-03-01 00:02 - 000001970 _____ C:\Users\Public\Desktop\NordVPN.lnk

2020-03-01 00:02 - 2020-03-01 00:02 - 000001970 _____ C:\ProgramData\Desktop\NordVPN.lnk

2020-02-29 23:58 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\NordVPN

2020-02-29 23:58 - 2020-03-01 00:02 - 000000000 ____D C:\Users\Mike\AppData\Local\NordVPN

2020-02-29 23:57 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP

2020-02-29 23:54 - 2020-02-29 23:54 - 000000000 ____D C:\Users\Mike\AppData\Roaming\NordVPN

2020-02-29 23:51 - 2020-02-29 23:51 - 014091752 _____ (NordVPN) C:\Users\Mike\Downloads\NordVPNSetup.exe

2020-02-29 14:30 - 2020-03-21 23:58 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2020-02-29 14:30 - 2020-03-21 23:58 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2020-02-29 14:30 - 2020-03-21 23:58 - 000002143 _____ C:\ProgramData\Desktop\Google Chrome.lnk

2020-02-29 14:27 - 2020-02-29 14:28 - 001288408 _____ (Google LLC) C:\Users\Mike\Downloads\ChromeSetup.exe

2020-02-29 03:56 - 2020-02-29 03:56 - 000004544 _____ C:\New Journal Document.jnt

2020-02-28 23:35 - 2020-02-28 23:36 - 026984384 _____ (TeamViewer Germany GmbH) C:\Users\Mike\Downloads\TeamViewer_Setup.exe

2020-02-28 22:44 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Greenshot

2020-02-28 22:44 - 2020-02-28 22:44 - 000000000 ____D C:\Users\Mike\AppData\Local\Greenshot

2020-02-28 22:40 - 2020-03-01 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot

2020-02-28 22:40 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\Greenshot

2020-02-28 22:40 - 2020-02-28 22:46 - 000000000 ____D C:\Users\Mike\Documents\PokerMavens.Documentation

2020-02-28 22:38 - 2020-02-28 22:39 - 001783200 _____ (Greenshot ) C:\Users\Mike\Downloads\Greenshot-INSTALLER-1.2.10.6-RELEASE.exe

2020-02-28 21:39 - 2020-03-01 04:48 - 000000000 ____D C:\Users\Mike\SecurityScans

2020-02-28 21:38 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\Microsoft Baseline Security Analyzer 2

2020-02-28 21:38 - 2020-02-28 21:38 - 000001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.2.lnk

2020-02-28 21:38 - 2020-02-28 21:38 - 000001081 _____ C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk

2020-02-28 21:38 - 2020-02-28 21:38 - 000001081 _____ C:\ProgramData\Desktop\Microsoft Baseline Security Analyzer 2.2.lnk

2020-02-28 21:33 - 2020-02-28 21:33 - 001777664 _____ C:\Users\Mike\Downloads\MBSASetup-x64-EN.msi

2020-02-28 21:16 - 2020-02-28 21:17 - 000065232 _____ (Malwarebytes) C:\Users\Mike\Downloads\regassassin-setup-1.03.exe

2020-02-28 21:15 - 2020-02-28 21:15 - 001728127 _____ C:\Users\Mike\Downloads\Autoruns.zip

2020-02-28 20:57 - 2020-02-28 21:04 - 117690800 _____ (Microsoft Corporation) C:\Users\Mike\Downloads\MSERT.exe

2020-02-28 20:52 - 2020-02-28 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

2020-02-28 20:52 - 2020-02-28 20:52 - 000381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys

2020-02-28 20:52 - 2020-02-28 20:52 - 000030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys

2020-02-28 20:49 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\DAEMON Tools Lite

2020-02-28 20:49 - 2020-02-28 20:49 - 000000000 ____D C:\Users\Mike\AppData\Roaming\DAEMON Tools Lite

2020-02-28 20:48 - 2020-02-28 20:49 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite

2020-02-28 20:47 - 2020-02-28 20:48 - 013223208 _____ (Disc Soft Ltd) C:\Users\Mike\Downloads\DTLite501-0406.exe

2020-02-28 20:39 - 2020-02-28 20:39 - 000000000 ____D C:\Users\Mike\Documents\Iso.Windows7Ultimate.x64

2020-02-28 18:43 - 2020-02-28 18:43 - 000000036 _____ C:\Users\Mike\AppData\Local\housecall.guid.cache

2020-02-28 18:42 - 2020-02-28 18:42 - 002660528 _____ (Trend Micro Inc.) C:\Users\Mike\Downloads\HousecallLauncher64.1582929602.exe

2020-02-28 17:52 - 2019-11-05 15:03 - 000066848 _____ (Check Point Software Technologies) C:\Windows\system32\Drivers\cpbak.sys

2020-02-28 17:47 - 2020-02-28 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder

2020-02-28 17:47 - 2020-02-28 17:47 - 000000000 ____D C:\Program Files (x86)\Magical Jelly Bean

2020-02-28 17:46 - 2020-02-28 17:46 - 000928232 _____ (Magical Jelly Bean ) C:\Users\Mike\Downloads\KeyFinderInstaller.exe

2020-02-28 17:22 - 2020-03-01 04:48 - 000000000 ____D C:\Program Files\TAP-Windows

2020-02-28 01:11 - 2020-02-28 01:11 - 000000000 _____ C:\Windows\system32\Drivers\etc\lmhosts

2020-02-28 00:12 - 2020-02-28 17:24 - 000000000 ____D C:\ProgramData\Hotspot Shield

2020-02-28 00:11 - 2020-02-28 00:12 - 000441016 _____ C:\Windows\system32\Drivers\vsconfig.xml

2020-02-28 00:08 - 2020-02-28 00:08 - 000000762 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk

2020-02-28 00:08 - 2020-02-28 00:08 - 000000762 _____ C:\ProgramData\Desktop\ZoneAlarm Security.lnk

2020-02-28 00:08 - 2020-02-28 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point

2020-02-27 23:58 - 2020-02-29 14:27 - 000000000 ____D C:\Program Files (x86)\CheckPoint

2020-02-27 23:54 - 2020-03-01 00:15 - 000000000 ____D C:\ProgramData\CheckPoint

2020-02-27 23:53 - 2020-02-27 23:53 - 005950256 _____ (Check Point Software Technologies Ltd.) C:\Users\Mike\Downloads\Unconfirmed 79209.crdownload

2020-02-27 23:52 - 2020-02-27 23:53 - 005950256 _____ (Check Point Software Technologies Ltd.) C:\Users\Mike\Downloads\zafwSetupWeb_158_023_18219.exe

2020-02-27 23:40 - 2020-02-27 23:41 - 000002470 _____ C:\Users\Mike\Documents\CCleaner.RegistryBackup.2020.02.27.reg

2020-02-24 02:10 - 2020-03-01 03:54 - 000007594 _____ C:\Users\Mike\AppData\Local\Resmon.ResmonCfg

2020-02-24 01:13 - 2020-02-24 01:13 - 000000000 ____D C:\Users\Mike\AppData\Local\cache

2020-02-24 01:12 - 2020-03-01 18:58 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2020-02-24 01:12 - 2020-03-01 18:58 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk

2020-02-24 01:12 - 2020-02-24 01:12 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys

2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\Users\Mike\AppData\Local\mbamtray

2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\Users\Mike\AppData\Local\mbam

2020-02-24 01:12 - 2020-02-24 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2020-02-24 01:11 - 2020-03-01 18:45 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

2020-02-24 01:09 - 2020-02-24 01:09 - 000000000 ____D C:\ProgramData\Malwarebytes

2020-02-24 00:59 - 2020-02-24 00:59 - 000000000 ____D C:\Program Files\Malwarebytes

2020-02-24 00:49 - 2020-02-24 00:49 - 000000000 ____D C:\Users\Mike\Documents\PCProtect

2020-02-24 00:47 - 2020-02-24 00:47 - 000043256 _____ C:\Users\Mike\Documents\cc_20200223_234726.reg

2020-02-24 00:43 - 2020-02-24 00:43 - 000000000 ____D C:\ProgramData\SecuritySuite

2020-02-24 00:42 - 2020-02-24 00:43 - 000000000 ____D C:\ProgramData\PCProtect

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-22 03:30 - 2009-07-14 00:50 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2020-03-22 03:30 - 2009-07-14 00:50 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2020-03-22 03:06 - 2019-09-11 17:52 - 000000000 ____D C:\Windows\system32\MRT

2020-03-22 03:02 - 2019-11-02 22:25 - 000000000 ____D C:\Users\Mike\AppData\LocalLow\Mozilla

2020-03-22 03:02 - 2019-09-11 17:50 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2020-03-22 02:51 - 2018-10-21 06:02 - 000000000 ____D C:\Users\Mike

2020-03-22 02:46 - 2018-10-23 22:02 - 000098824 _____ C:\Users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT

2020-03-22 02:46 - 2009-07-14 01:12 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI

2020-03-22 02:46 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf

2020-03-22 02:41 - 2019-01-01 16:34 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant

2020-03-22 02:39 - 2019-11-13 17:16 - 000000000 ____D C:\Users\postgres

2020-03-22 02:38 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2020-03-22 02:37 - 2009-07-14 00:50 - 000428320 _____ C:\Windows\system32\FNTCACHE.DAT

2020-03-22 02:30 - 2019-11-16 16:27 - 000000000 ____D C:\Table Tamer

2020-03-22 02:30 - 2018-11-28 22:22 - 000000000 ____D C:\Users\Mike\AppData\Local\Table Tamer

2020-03-22 01:40 - 2019-02-08 16:44 - 000000000 ____D C:\Users\Mike\AppData\Local\Run It Once Poker

2020-03-22 01:40 - 2019-02-08 16:41 - 000000000 ____D C:\Program Files (x86)\RunItOncePoker

2020-03-22 01:37 - 2018-10-23 22:16 - 000000000 ____D C:\Users\Mike\AppData\Local\Google

2020-03-22 01:15 - 2019-11-18 05:21 - 000000000 ____D C:\Users\Mike\AppData\Local\AVAST Software

2020-03-22 01:15 - 2019-11-15 22:22 - 000000000 ____D C:\Program Files (x86)\StackAndTile

2020-03-22 01:15 - 2018-11-05 14:32 - 000000000 ____D C:\ProgramData\AVAST Software

2020-03-21 20:43 - 2019-05-14 19:55 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys

2020-03-21 20:09 - 2018-11-13 17:41 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Poker Mavens 6

2020-03-21 20:01 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF

2020-03-03 17:07 - 2020-02-16 03:48 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2020-03-03 17:07 - 2020-02-16 03:48 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys

2020-03-03 17:07 - 2020-02-16 03:48 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys

2020-03-03 17:07 - 2020-02-16 03:48 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2020-03-03 17:07 - 2020-02-16 03:48 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys

2020-03-03 17:07 - 2020-02-16 03:48 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

2020-03-03 17:05 - 2020-02-16 03:48 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2020-03-03 17:05 - 2020-02-16 03:48 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys

2020-03-03 17:05 - 2020-02-16 03:48 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys

2020-03-03 17:04 - 2020-02-16 03:48 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys

2020-03-03 17:04 - 2020-02-16 03:48 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys

2020-03-03 17:04 - 2020-02-16 03:48 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys

2020-03-01 06:52 - 2019-11-04 17:55 - 000000000 ____D C:\temp

2020-03-01 05:50 - 2019-01-23 16:11 - 000000000 ____D C:\Windows\Minidump

2020-03-01 04:48 - 2019-12-08 21:15 - 000000000 ____D C:\Users\Mike\AppData\Roaming\slobs-client

2020-03-01 04:47 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\registration

2020-03-01 03:56 - 2018-10-24 11:03 - 000000000 ____D C:\Users\Mike\AppData\Local\ElevatedDiagnostics

2020-03-01 03:47 - 2009-07-14 01:08 - 000032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2020-03-01 02:49 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy

2020-03-01 02:47 - 2019-11-10 23:35 - 000000915 _____ C:\Users\Public\Desktop\VLC media player.lnk

2020-03-01 02:47 - 2019-11-10 23:35 - 000000915 _____ C:\ProgramData\Desktop\VLC media player.lnk

2020-03-01 02:47 - 2019-11-03 21:55 - 000001047 _____ C:\Users\Public\Desktop\OBS Studio.lnk

2020-03-01 02:47 - 2019-11-03 21:55 - 000001047 _____ C:\ProgramData\Desktop\OBS Studio.lnk

2020-02-29 20:33 - 2019-10-03 17:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed

2020-02-29 14:30 - 2018-10-23 22:16 - 000000000 ____D C:\Program Files (x86)\Google

2020-02-29 04:19 - 2019-01-14 21:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2020-02-28 23:48 - 2019-01-14 21:25 - 000000000 ____D C:\Users\Mike\AppData\Roaming\TeamViewer

2020-02-28 23:02 - 2009-07-14 00:50 - 000000000 ____D C:\Windows\ServiceProfiles

2020-02-28 17:31 - 2018-12-27 20:46 - 000000000 ____D C:\ProgramData\Package Cache

2020-02-27 23:53 - 2019-11-12 21:29 - 000000000 ____D C:\Windows\system32\appmgmt

2020-02-27 22:24 - 2009-07-13 23:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy

2020-02-27 19:55 - 2019-01-15 04:49 - 000000000 ____D C:\Users\Mike\AppData\Local\TeamViewer

2020-02-21 19:49 - 2019-06-01 15:22 - 000000000 ____D C:\Program Files\SUPERAntiSpyware

==================== Files in the root of some directories ========

2020-02-28 18:43 - 2020-02-28 18:43 - 000000036 _____ () C:\Users\Mike\AppData\Local\housecall.guid.cache

2020-02-24 02:10 - 2020-03-01 03:54 - 000007594 _____ () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-02-29 16:07

==================== End of FRST.txt ========================

ADDITION ADDITON

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2020

Ran by Mike (22-03-2020 03:36:08)

Running from C:\Users\Mike\Downloads

Windows 7 Ultimate N Service Pack 1 (X64) (2018-10-21 10:02:08)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3550179741-2894783952-792556322-500 - Administrator - Disabled)

Guest (S-1-5-21-3550179741-2894783952-792556322-501 - Limited - Disabled)

Mike (S-1-5-21-3550179741-2894783952-792556322-1000 - Administrator - Enabled) => C:\Users\Mike

postgres (S-1-5-21-3550179741-2894783952-792556322-1003 - Limited - Enabled) => C:\Users\postgres

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden

. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden

Ace Poker Drills (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76A480D3}_is1) (Version: 1.1 - Ace Poker Solutions)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)

AMD Catalyst Install Manager (HKLM\...\{D0A76081-22E4-5B3F-5394-1229DDF73585}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)

Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)

BlackChipPoker version 1.21.65 (HKLM-x32\...\{1B17EB4E-3E9C-4611-B8B5-31C0A00A1F70}_is1) (Version: 1.21.65 - Winning Poker Network, Inc.)

Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.143 - Broadcom Corporation)

Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.143 - Broadcom Corporation)

Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden

Core Graphics Software (HKLM\...\{61768C93-76C2-4017-974F-9BE1D2BBD9A4}) (Version: 5.3.60.6579 - SMSC) Hidden

DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)

DriveHUD (HKLM-x32\...\{A385DB4B-3949-4BF7-97ED-8B4EA828F50C}) (Version: 1.6.2875 - Ace Poker Solutions) Hidden

DriveHUD (HKLM-x32\...\{bee462df-9abf-4c66-96b0-e1e362aa985c}) (Version: 1.6.2.2875 - Ace Poker Solutions)

Ericsson WWAN Module Firmware Update (HKLM-x32\...\{C7116457-0B69-4EF2-9B67-72BAD7A7D48F}) (Version: 1.00.0000 - Hewlett Packard)

Flopzilla (HKLM-x32\...\{C2A8E01F-B2D2-4D76-9350-2B088E87349F}) (Version: 1.8.6 - Flopzilla)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden

Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)

HP Client Automation Agent Preload (HKLM-x32\...\{52B18ABC-AD5F-4C3C-B391-04F57B380449}) (Version: 7.5 - Hewlett-Packard)

HP DayStarter (HKLM\...\{74EC2285-AB57-4451-9292-4B4DE5934FC6}) (Version: 2.0.1.0 - Hewlett-Packard Company)

HP HD Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix)

HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)

HP Mouse Suite (HKLM-x32\...\{213FF60A-9899-4145-8428-D144778BE117}) (Version: 1.1.2 - Hewlett-Packard)

HP Port Replicator Software Installer (HKLM-x32\...\{75BF632E-4761-4CF4-A368-E158B8A1BB1C}) (Version: 1.2.20 - HP)

HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.8.24.33 - HP Inc.)

HP Support Solutions Framework (HKLM-x32\...\{930B5F2B-8DB9-42F4-90E4-5D3DC30541C3}) (Version: 12.14.49.15 - HP Inc.)

HP System Default Settings (HKLM-x32\...\{F4F3B985-9B21-4D67-B1B2-2829C5D392E8}) (Version: 2.4.2.1 - Hewlett-Packard Company)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)

Ignition Casino Poker (HKLM-x32\...\{B63C2764-2878-40D2-A50E-B3BE6D5F122F}_is1) (Version: 4.0 - )

Intel® Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)

JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)

JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)

LibreOffice 6.3.2.2 (HKLM\...\{6110D2CC-70B4-415E-AF5A-7BB496AB264B}) (Version: 6.3.2.2 - The Document Foundation)

Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.114 - Logitech)

Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)

LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)

Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean)

Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)

Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)

Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{08C3441C-4FAF-48D3-A551-70DD6031734F}) (Version: 2.2.2170 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)

Node.js (HKLM-x32\...\{E5549415-58EA-4BBF-AE4A-C495F14D8088}) (Version: 10.16.0 - Node.js Foundation)

NordVPN (HKLM-x32\...\{83E5941F-5F93-4097-81F5-79FA38FFB875}) (Version: 6.27.11 - NordVPN) Hidden

NordVPN (HKLM-x32\...\NordVPN 6.27.11) (Version: 6.27.11 - NordVPN)

NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)

Poker Mavens 6.06 (Pro) (HKLM-x32\...\Poker Mavens_is1) (Version: - )

PokerTracker 3 (remove only) (HKLM-x32\...\PokerTracker3) (Version: - )

PostgreSQL 8.3 (HKLM-x32\...\{B823632F-3B72-4514-8861-B961CE263224}) (Version: 8.3 - PostgreSQL Global Development Group)

PPPOKER (HKLM-x32\...\{91B423CD-8BD1-402B-8173-5069AAD89577}) (Version: 31.0 - LeinTech)

SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.30.042 - Portrait Displays, Inc.) Hidden

Skype version 8.56 (HKLM-x32\...\Skype_is1) (Version: 8.56 - Skype Technologies S.A.)

SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)

SMSC Core Graphics Software (HKLM-x32\...\Core Graphics Software) (Version: 5.3.60.6579 - SMSC)

SMSC LAN9500 Device Driver (HKLM\...\{B36E0195-2DD3-40EE-A924-7751ED5F15BB}) (Version: 13.05.14.0 - SMSC)

Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)

Streamlabs OBS 0.11.11 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.11 - General Workings, Inc.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1038 - SUPERAntiSpyware.com)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)

TN2 (HKLM-x32\...\{5EA9A919-61B4-42A0-B057-511DA81FC240}) (Version: 2.6.13 - PASG)

TN2 (HKLM-x32\...\{85E02B5C-DCDA-4BDE-AD98-1B5D5AA10E89}) (Version: 2.8.1 - PASG)

ViewSpan (HKLM\...\{33F3FCBA-4CC5-4A5B-A6DB-53478463D991}) (Version: 2.8.3.0 - SMSC)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)

WinPcap for PM Catcher 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Ace Poker Solutions LLC)

XSplit Gamecaster (HKLM-x32\...\{7F0DC866-BE32-4AE8-8242-A1F5753176B8}) (Version: 3.4.1812.0304 - SplitmediaLabs)

Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.664 - Zemana Ltd.)

ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden

ZoneAlarm Firewall (HKLM-x32\...\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden

ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.023.18219 - Check Point)

ZoneAlarm Security (HKLM-x32\...\{713DC4CA-80B3-4349-9257-7D99320848A2}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2020-03-22] (Zemana D.O.O. Sarajevo -> )

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll [2020-03-22] (Zemana D.O.O. Sarajevo -> )

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::

WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]

ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan

==================== Loaded Modules (Whitelisted) =============

2019-11-04 16:09 - 2019-11-04 16:09 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll

2009-12-10 04:39 - 2009-12-10 04:39 - 000167936 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\LIBPQ.dll

2009-02-12 20:01 - 2009-02-12 20:01 - 000976384 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\libxml2.dll

2005-07-20 06:48 - 2005-07-20 06:48 - 000059904 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\zlib1.dll

2008-02-04 22:43 - 2008-02-04 22:43 - 000027136 _____ () [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll

2012-02-10 14:26 - 2012-02-10 14:26 - 001083392 _____ () [File not signed] C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000996020 _____ () [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-1-6.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000320645 _____ () [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000109568 _____ () [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll

2018-10-23 21:46 - 2011-08-08 17:12 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll

2018-10-23 22:02 - 2018-10-23 22:02 - 000066560 _____ (Broadcom Corporation) [File not signed] C:\Windows\assembly\GAC_64\bcmwlrmt\5.100.82.0__6d6a20262490fcdc\bcmwlrmt.dll

2018-10-23 22:01 - 2018-10-23 22:00 - 001058816 _____ (Broadcom Corporation) [File not signed] C:\Windows\System32\BCMLogon.dll

2018-10-23 22:01 - 2018-10-23 22:00 - 000073728 _____ (Broadcom Corporation) [File not signed] C:\Windows\system32\wltrynt.dll

2019-11-27 12:15 - 2019-11-27 12:15 - 000055296 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt32.dll

2019-11-27 12:18 - 2019-11-27 12:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll

2019-11-27 12:15 - 2019-11-27 12:15 - 000020480 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr32.dll

2019-11-27 12:18 - 2019-11-27 12:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll

2006-05-03 16:57 - 2006-05-03 16:57 - 000888832 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\iconv.dll

2009-01-06 15:51 - 2009-01-06 15:51 - 000968886 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\libiconv-2.dll

2009-01-06 15:51 - 2009-01-06 15:51 - 000083906 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\libintl-8.dll

2018-10-23 21:46 - 2011-08-08 17:08 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll

2009-04-13 13:23 - 2009-04-13 13:23 - 000012288 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\comerr32.dll

2009-04-13 13:23 - 2009-04-13 13:23 - 000135168 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\gssapi32.dll

2009-04-13 13:23 - 2009-04-13 13:23 - 000019968 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\k5sprt32.dll

2009-04-13 13:23 - 2009-04-13 13:23 - 000634880 _____ (Massachusetts Institute of Technology.) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\krb5_32.dll

2019-11-19 16:19 - 2019-11-19 16:19 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll

2007-10-16 12:40 - 2007-10-16 12:40 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\MSVCR71.dll

2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000502272 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\freebl3.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000046592 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\lgpllibs.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 002184704 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\mozavcodec.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000236032 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\mozavutil.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000965632 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\mozglue.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 002620416 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\nss3.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000440320 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\nssckbi.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000253952 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\softokn3.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 110771200 _____ (Mozilla Foundation) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\xul.dll

2019-11-27 06:27 - 2019-11-27 06:27 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll

2019-11-10 12:38 - 2019-11-10 12:38 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll

2013-05-01 11:55 - 2013-05-01 11:55 - 000269312 _____ (SMSC) [File not signed] C:\Windows\system32\sgfxu64.dll

2009-04-13 15:09 - 2009-04-13 15:09 - 001032192 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\LIBEAY32.dll

2009-04-13 15:09 - 2009-04-13 15:09 - 000212992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PostgreSQL\8.3\bin\SSLEAY32.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 003525189 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libcrypto-1_1-x64.dll

1999-12-31 20:00 - 1999-12-31 20:00 - 000985364 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Mike\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssl-1_1-x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2019-01-04 04:22 - 000000829 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11;;c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\nodejs\

HKU\S-1-5-21-3550179741-2894783952-792556322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.254.254

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HPMonitor.exe.lnk => C:\Windows\pss\HPMonitor.exe.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpwjd.exe.lnk => C:\Windows\pss\hpwjd.exe.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpwmsd.exe.lnk => C:\Windows\pss\hpwmsd.exe.lnk.CommonStartup

MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe

MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: Discord => C:\Users\Mike\AppData\Local\Discord\app-0.0.305\Discord.exe

MSCONFIG\startupreg: DSATray => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe

MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe

MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"

MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden

MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"

MSCONFIG\startupreg: NordVPN => C:\Program Files (x86)\NordVPN\NordVPN.exe

MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"

MSCONFIG\startupreg: Poker Mavens 5 Server => "C:\Program Files (x86)\Briggs Softworks\Poker Mavens 5\PMServer.exe" -autostart

MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start

MSCONFIG\startupreg: SgfxConfig => "C:\Program Files\SGFX\sgfxconfig.exe"

MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{34637B6B-BA89-45B4-82D4-BB7A188ED311}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File

FirewallRules: [{A2F07BB9-EBC8-42A7-B0B9-E3313B9965AD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File

FirewallRules: [TCP Query User{E2790D9E-DDF7-4BA1-914D-17F55C47AA17}C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe (Briggs Softworks -> )

FirewallRules: [UDP Query User{F8BAF6CD-F705-4997-B5F4-44871BAA46DC}C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 5\pmserver.exe (Briggs Softworks -> )

FirewallRules: [TCP Query User{B142A748-B65D-4284-9EC5-EE4D23AB9F2A}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )

FirewallRules: [UDP Query User{DA14DAEA-4EE9-4788-B288-E2A9BA95F39C}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )

FirewallRules: [{E1FBD2CB-ED5D-466A-8F1D-2586434340C7}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)

FirewallRules: [{94A9FD5B-F39C-44DE-B45D-A91328BB79B5}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)

FirewallRules: [{5585D7AE-268F-4025-B0BD-756818680E72}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)

FirewallRules: [{A5A53819-4A22-4576-946A-4D77CAB37ED0}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)

FirewallRules: [TCP Query User{FF1F6A5A-5264-4C49-B7DC-7E4465D5ED71}C:\program files\streamlabs obs\streamlabs obs.exe] => (Block) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)

FirewallRules: [UDP Query User{6BAF4205-A6FE-4E20-A96D-4A2C5680BBC8}C:\program files\streamlabs obs\streamlabs obs.exe] => (Block) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)

FirewallRules: [TCP Query User{3EEED019-B2BC-4F69-A3DC-04CC1AEDB15F}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)

FirewallRules: [UDP Query User{A8D67A9C-6902-4C5F-A546-71D2D7F4F436}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)

FirewallRules: [TCP Query User{26FEEA3D-F187-4CB4-BB85-9B65C918FA03}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )

FirewallRules: [UDP Query User{E2A39CC7-D3C1-4638-93D8-C3C972776260}C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe] => (Allow) C:\program files (x86)\briggs softworks\poker mavens 6\pmserver.exe (Briggs Softworks -> )

FirewallRules: [{DE639CB3-702F-48D6-A9AC-87C8488D268A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{AFD66CD5-9E58-4098-89DB-75A44ED91962}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{04A3186F-E4A2-4A2F-AE27-A980A259C43B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{09A7D703-191C-431A-A0BA-722A4B53DF74}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{9BC25D34-9686-4AD3-9DDB-295BF9F53545}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

FirewallRules: [{19C6EBEA-BEE4-4DA8-9CCE-6288FACDC4D7}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

FirewallRules: [{ACF9850B-775F-4853-8B03-F9ABD7C57661}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

FirewallRules: [{A7FE2610-4446-4DDD-89A0-5AAA2DA0DBEE}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

FirewallRules: [{F8D4B728-F995-4F16-B089-C1E3CFF30596}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-03-2020 04:41:06 Restore Operation

01-03-2020 05:41:57 Checkpoint by HitmanPro

22-03-2020 01:15:58 Removed Holdem Manager 3

22-03-2020 01:34:49 Removed Backup and Sync from Google

22-03-2020 03:00:14 Windows Update

==================== Faulty Device Manager Devices ============

Name: TAP-Windows Adapter V9

Description: TAP-Windows Adapter V9

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: TAP-Windows Provider V9

Service: tap0901

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Unknown Device

Description: Unknown Device

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Standard USB Host Controller)

Service:

Problem: : Windows has stopped this device because it has reported problems. (Code 43)

Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Microsoft Virtual WiFi Miniport Adapter

Description: Microsoft Virtual WiFi Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:

==================

Error: (03/22/2020 01:42:33 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program uninstall.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 43cc

Start Time: 01d6000c5060ee66

Termination Time: 2

Application Path: C:\Program Files (x86)\RunItOncePoker\uninstall.exe

Report Id: afd1f76f-6bff-11ea-a8dd-009c028b65dd

Error: (03/21/2020 07:49:46 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/10/2020 08:34:24 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8ec

Start Time: 01d5f73b22f17a7d

Termination Time: 0

Application Path: C:\Windows\Explorer.EXE

Report Id: e7d8aa24-632f-11ea-9258-be3bc797cadf

Error: (03/10/2020 07:21:58 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/07/2020 03:03:43 PM) (Source: PerfNet) (EventID: 2002) (User: )

Description: Unable to open the Redirector service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/07/2020 03:03:43 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/03/2020 04:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144

Faulting module name: ntdll.dll, version: 6.1.7601.24545, time stamp: 0x5e0eb67f

Exception code: 0xc0000005

Fault offset: 0x0000000000032ad4

Faulting process id: 0x56c

Faulting application start time: 0x01d5f19d3ba19fed

Faulting application path: C:\Windows\Explorer.EXE

Faulting module path: C:\Windows\SYSTEM32\ntdll.dll

Report Id: 38df4a72-5d91-11ea-8906-bdfb6b050eb4

Error: (03/03/2020 04:52:46 PM) (Source: PerfNet) (EventID: 2005) (User: )

Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

System errors:

=============

Error: (03/22/2020 02:47:01 AM) (Source: sptd) (EventID: 4) (User: )

Description: Driver detected an internal error in its data structures for .

Error: (03/22/2020 02:47:01 AM) (Source: sptd) (EventID: 4) (User: )

Description: Driver detected an internal error in its data structures for .

Error: (03/22/2020 02:46:59 AM) (Source: sptd) (EventID: 4) (User: )

Description: Driver detected an internal error in its data structures for .

Error: (03/22/2020 02:46:40 AM) (Source: sptd) (EventID: 4) (User: )

Description: Driver detected an internal error in its data structures for .

Error: (03/22/2020 02:42:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Avast Browser Update Service (avast) service failed to start due to the following error:

The system cannot find the file specified.

Error: (03/22/2020 02:39:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The ZoneAlarm ICM NET Service service failed to start due to the following error:

The system cannot find the file specified.

Error: (03/22/2020 02:31:31 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

Error: (03/22/2020 01:29:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

Windows Defender:

===================================

Date: 2020-02-28 16:50:45.732

Description:

Windows Defender scan has been stopped before completion.

Scan ID:{912F72FD-0E05-4F05-ACD1-CDD82B6FDDC4}

Scan Type:AntiSpyware

Scan Parameters:Quick Scan

Date: 2020-02-28 00:07:24.558

Description:

Windows Defender scan has been stopped before completion.

Scan ID:{427C242A-0A02-4FAA-B71A-1F00F582E428}

Scan Type:AntiSpyware

Scan Parameters:Full Scan

Date: 2020-02-27 22:37:24.178

Description:

Windows Defender scan has been stopped before completion.

Scan ID:{6AE37A02-D63E-4719-A04F-6316712C8945}

Scan Type:AntiSpyware

Scan Parameters:Quick Scan

CodeIntegrity:

===================================

Date: 2020-03-22 03:11:40.006

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-22 03:04:14.283

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-22 02:46:12.543

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-22 02:38:11.765

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-22 02:38:05.576

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-22 02:30:31.850

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-22 02:17:55.697

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-22 02:17:32.138

Description:

Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SCE Ver. F.67 02/13/2018

Motherboard: Hewlett-Packard 1619

Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz

Percentage of memory in use: 87%

Total physical RAM: 8126.36 MB

Available physical RAM: 1019.66 MB

Total Virtual: 16250.86 MB

Available Virtual: 7894.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.13 GB) (Free:222.02 GB) NTFS

Drive e: (HP_TOOLS) (Fixed) (Total:4.99 GB) (Free:4.99 GB) FAT32

\\?\Volume{734c8035-d530-11e8-bf1b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

\\?\Volume{734c8037-d530-11e8-bf1b-806e6f6e6963}\ () (Fixed) (Total:0.85 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 59559CF9)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=292.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=5 GB) - (Type=0C)

Partition 4: (Not Active) - (Size=868 MB) - (Type=27)

==================== End of Addition.txt =======================

ANY THOUGHTS ? ANYWAYS HERE'S SCANS IF BORED AND WANT TO SEE MAYBE

Edited by steveairway, 22 March 2020 - 01:46 AM.

#21
RKinner

Posted 22 March 2020 - 09:47 AM

Malware Expert

Expert
23,327 posts

This PC has a suspicious TeamViewer program running on it. TeamViewer does not show up in the Installed Programs list and it is running from a Temp folder. This would definitely allow a hacker to control the PC. Following fixlist will remove TeamViewer:

Download the attached fixlist.txt to the same location as FRST

fixlist.txt 1.54KB 89 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.

Remember when you ran MBAR and it complained about AppInit_DLLs? This computer has an example of legitimate AppInit_DLLs:

AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)

AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)

As you can see Zemana is using the entries for some KeyCrypt dll purpose.

This PC has a problem with the driver installed by Daemon Tools. Perhaps an uninstall and reinstall would help.

If you are going to reload the first PC you should replace the hard drive first. I would like to see a Speccy log of PC #2 & PC #3 before you load them with Win 10 to make sure that the harddrives are OK.

Get the free version of Speccy:

http://www.filehippo...download_speccy

(Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.

#22
steveairway

Posted 22 March 2020 - 05:33 PM

Member

Topic Starter
Member
54 posts

When i hit fix list it only sends this into my downloads.. TO USE FIXLIST SHOULD I PUT EACH OF THOSE COMMANDS INTO THE CMD THING???

will it work properly ?

I dont know how to put it into same folder as Frst

thanks alot

btw can hacker control computer while i'm using it without me noticing?

Btw ii think i had same problem on other computers but i noticed this odd teamviewr file and delted them.. the Teamviewer Germany thing ma nually when i saw this stuff in my files

Does this post really have 1200 views? if so i guess maybge alot of people google this stuff then see these type of posts..

So anyways i hit fixlist which dowloaded it ... to downloads folder.. same place that FRST went so i guess now u mean to run FRST which i did and hit fix button and waiting for results and posting above stuff like u said.

Edited by steveairway, 22 March 2020 - 06:51 PM.

#23
RKinner

Posted 22 March 2020 - 07:16 PM

Malware Expert

Expert
23,327 posts

FRST says it is:

Running from C:\Users\Mike\Downloads

so downloading the fixlist to your Download folder should work.

#24
steveairway

Posted 22 March 2020 - 07:19 PM

Member

Topic Starter
Member
54 posts

yes i'm running the fix button now on FRST.. seems to take awhile

how can u see that i'm running it .. just curious...

i was thinking about taking the course on here to help people with malware etc

is there good money in this fixing computers locally usually?

Edited by steveairway, 22 March 2020 - 07:20 PM.

#25
RKinner

Posted 22 March 2020 - 07:23 PM

Malware Expert

Expert
23,327 posts

I can't see that you are running it but just know there is no reason it shouldn't work. Will take about 10 minutes to complete as I also let it do a sfc /scannow to check the system files are good.

Most of the views are from bots that scour the net looking for stuff for the search engines like google and yahoo.

Don't know anything about the money side. I just do this for free.

#26
steveairway

Posted 22 March 2020 - 07:54 PM

Member

Topic Starter
Member
54 posts

Well i'm far from rich but was hoping to send u a small donation your way after all this.

something reasonable ...

i realy appreciate your help on all this .

FIXLOG

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-03-2020

Ran by Mike (22-03-2020 20:40:37) Run:2

Running from C:\Users\Mike\Downloads

Loaded Profiles: Mike (Available Profiles: Mike & postgres)

Boot Mode: Normal

==============================================

fixlist content:

*****************

R2 TeamViewer; C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [13206544 2020-02-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) <==== ATTENTION

C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe

WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]

S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]

S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

CMD: SFC /scannow

CMD: findstr /c:"[SR]" \windows\logs\cbs\cbs.log

CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"

Reboot:

*****************

TeamViewer => service not found.

"C:\Users\Mike\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe" => not found

"BVTFilter" => not found

avast => service not found.

avastm => service not found.

========= SFC /scannow =========

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 0% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 4% complete.Verification 5% complete.Verification 5% complete.Verification 6% complete.Verification 7% complete.Verification 7% complete.Verification 8% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 12% complete.Verification 12% complete.Verification 13% complete.Verification 14% complete.Verification 15% complete.Verification 15% complete.Verification 16% complete.Verification 17% complete.Verification 17% complete.Verification 18% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 24% complete.Verification 25% complete.Verification 25% complete.Verification 26% complete.Verification 27% complete.Verification 27% complete.Verification 28% complete.Verification 29% complete.Verification 30% complete.Verification 30% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 34% complete.Verification 35% complete.Verification 35% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 39% complete.Verification 40% complete.Verification 40% complete.Verification 41% complete.Verification 42% complete.Verification 42% complete.Verification 43% complete.Verification 44% complete.Verification 45% complete.Verification 45% complete.Verification 46% complete.Verification 47% complete.Verification 48% complete.Verification 48% complete.Verification 49% complete.Verification 50% complete.Verification 50% complete.Verification 51% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 57% complete.Verification 58% complete.Verification 58% complete.Verification 59% complete.Verification 60% complete.Verification 60% complete.Verification 61% complete.Verification 62% complete.Verification 63% complete.Verification 63% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 67% complete.Verification 68% complete.Verification 68% complete.Verification 69% complete.Verification 70% complete.Verification 70% complete.Verification 71% complete.Verification 72% complete.Verification 73% complete.Verification 73% complete.Verification 74% complete.Verification 75% complete.Verification 75% complete.Verification 76% complete.Verification 77% complete.Verification 78% complete.Verification 78% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 82% complete.Verification 83% complete.Verification 83% complete.Verification 84% complete.Verification 85% complete.Verification 85% complete.Verification 86% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 90% complete.Verification 91% complete.Verification 91% complete.Verification 92% complete.Verification 93% complete.Verification 93% complete.Verification 94% complete.Verification 95% complete.Verification 96% complete.Verification 96% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 100% complete.

Windows Resource Protection found corrupt files but was unable to fix some of them.

Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example

C:\Windows\Logs\CBS\CBS.log

========= End of CMD: =========

========= findstr /c:"[SR]" \windows\logs\cbs\cbs.log =========

2020-03-22 20:12:51, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:12:51, Info CSI 0000000a [SR] Beginning Verify and Repair transaction

2020-03-22 20:12:52, Info CSI 0000000c [SR] Verify complete

2020-03-22 20:12:53, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:12:53, Info CSI 0000000e [SR] Beginning Verify and Repair transaction

2020-03-22 20:12:55, Info CSI 00000010 [SR] Verify complete

2020-03-22 20:12:56, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:12:56, Info CSI 00000012 [SR] Beginning Verify and Repair transaction

2020-03-22 20:12:57, Info CSI 00000014 [SR] Verify complete

2020-03-22 20:12:58, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:12:58, Info CSI 00000016 [SR] Beginning Verify and Repair transaction

2020-03-22 20:12:59, Info CSI 00000018 [SR] Verify complete

2020-03-22 20:13:00, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:00, Info CSI 0000001a [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:01, Info CSI 0000001c [SR] Verify complete

2020-03-22 20:13:02, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:02, Info CSI 0000001e [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:03, Info CSI 00000020 [SR] Verify complete

2020-03-22 20:13:04, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:04, Info CSI 00000022 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:05, Info CSI 00000024 [SR] Verify complete

2020-03-22 20:13:06, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:06, Info CSI 00000026 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:07, Info CSI 00000028 [SR] Verify complete

2020-03-22 20:13:08, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:08, Info CSI 0000002a [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:09, Info CSI 0000002c [SR] Verify complete

2020-03-22 20:13:10, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:10, Info CSI 0000002e [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:11, Info CSI 00000030 [SR] Verify complete

2020-03-22 20:13:12, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:12, Info CSI 00000032 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:13, Info CSI 00000034 [SR] Verify complete

2020-03-22 20:13:14, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:14, Info CSI 00000036 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:16, Info CSI 00000038 [SR] Verify complete

2020-03-22 20:13:16, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:16, Info CSI 0000003a [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:18, Info CSI 0000003c [SR] Verify complete

2020-03-22 20:13:19, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:19, Info CSI 0000003e [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:22, Info CSI 00000040 [SR] Verify complete

2020-03-22 20:13:22, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:22, Info CSI 00000042 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:25, Info CSI 00000044 [SR] Verify complete

2020-03-22 20:13:26, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:26, Info CSI 00000046 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:27, Info CSI 00000048 [SR] Verify complete

2020-03-22 20:13:27, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:27, Info CSI 0000004a [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:29, Info CSI 0000004c [SR] Verify complete

2020-03-22 20:13:30, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:30, Info CSI 0000004e [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:32, Info CSI 00000050 [SR] Verify complete

2020-03-22 20:13:32, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:32, Info CSI 00000052 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:33, Info CSI 00000054 [SR] Verify complete

2020-03-22 20:13:34, Info CSI 00000055 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:34, Info CSI 00000056 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:36, Info CSI 00000058 [SR] Verify complete

2020-03-22 20:13:36, Info CSI 00000059 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:36, Info CSI 0000005a [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:38, Info CSI 0000005c [SR] Verify complete

2020-03-22 20:13:39, Info CSI 0000005d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:39, Info CSI 0000005e [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:46, Info CSI 00000060 [SR] Verify complete

2020-03-22 20:13:47, Info CSI 00000061 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:47, Info CSI 00000062 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:49, Info CSI 00000064 [SR] Verify complete

2020-03-22 20:13:50, Info CSI 00000065 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:50, Info CSI 00000066 [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:52, Info CSI 00000068 [SR] Verify complete

2020-03-22 20:13:52, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:52, Info CSI 0000006a [SR] Beginning Verify and Repair transaction

2020-03-22 20:13:58, Info CSI 0000006e [SR] Verify complete

2020-03-22 20:13:59, Info CSI 0000006f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:13:59, Info CSI 00000070 [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:05, Info CSI 00000074 [SR] Verify complete

2020-03-22 20:14:05, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:05, Info CSI 00000076 [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:08, Info CSI 00000079 [SR] Verify complete

2020-03-22 20:14:08, Info CSI 0000007a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:08, Info CSI 0000007b [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:12, Info CSI 0000007e [SR] Verify complete

2020-03-22 20:14:13, Info CSI 0000007f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:13, Info CSI 00000080 [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:17, Info CSI 00000082 [SR] Verify complete

2020-03-22 20:14:18, Info CSI 00000083 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:18, Info CSI 00000084 [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:25, Info CSI 000000a9 [SR] Verify complete

2020-03-22 20:14:25, Info CSI 000000aa [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:25, Info CSI 000000ab [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:32, Info CSI 000000ad [SR] Verify complete

2020-03-22 20:14:32, Info CSI 000000ae [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:32, Info CSI 000000af [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:37, Info CSI 000000b1 [SR] Verify complete

2020-03-22 20:14:37, Info CSI 000000b2 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:37, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:41, Info CSI 000000b5 [SR] Verify complete

2020-03-22 20:14:41, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:41, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:46, Info CSI 000000b9 [SR] Verify complete

2020-03-22 20:14:46, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:46, Info CSI 000000bb [SR] Beginning Verify and Repair transaction

2020-03-22 20:14:50, Info CSI 000000bd [SR] Verify complete

2020-03-22 20:14:51, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:14:51, Info CSI 000000bf [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:07, Info CSI 000000e2 [SR] Verify complete

2020-03-22 20:15:07, Info CSI 000000e3 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:07, Info CSI 000000e4 [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:16, Info CSI 000000e6 [SR] Verify complete

2020-03-22 20:15:16, Info CSI 000000e7 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:16, Info CSI 000000e8 [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:27, Info CSI 000000ea [SR] Verify complete

2020-03-22 20:15:27, Info CSI 000000eb [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:27, Info CSI 000000ec [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:36, Info CSI 000000ee [SR] Verify complete

2020-03-22 20:15:36, Info CSI 000000ef [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:36, Info CSI 000000f0 [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:38, Info CSI 000000f2 [SR] Verify complete

2020-03-22 20:15:38, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:38, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:39, Info CSI 000000f6 [SR] Verify complete

2020-03-22 20:15:40, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:40, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:45, Info CSI 000000fa [SR] Verify complete

2020-03-22 20:15:45, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:45, Info CSI 000000fc [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:52, Info CSI 0000010f [SR] Verify complete

2020-03-22 20:15:52, Info CSI 00000110 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:52, Info CSI 00000111 [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:54, Info CSI 00000113 [SR] Verify complete

2020-03-22 20:15:54, Info CSI 00000114 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:54, Info CSI 00000115 [SR] Beginning Verify and Repair transaction

2020-03-22 20:15:57, Info CSI 00000117 [SR] Verify complete

2020-03-22 20:15:58, Info CSI 00000118 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:15:58, Info CSI 00000119 [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:01, Info CSI 0000011b [SR] Verify complete

2020-03-22 20:16:01, Info CSI 0000011c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:01, Info CSI 0000011d [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:02, Info CSI 0000011f [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 20:16:06, Info CSI 00000121 [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 20:16:06, Info CSI 00000122 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2020-03-22 20:16:06, Info CSI 00000125 [SR] Could not reproject corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\IME\IMETC10\DICTS"\[l:18{9}]"IMTCS.IMD"; source file in store is also corrupted

2020-03-22 20:16:07, Info CSI 00000128 [SR] Verify complete

2020-03-22 20:16:08, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:08, Info CSI 0000012a [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:11, Info CSI 0000012c [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 20:16:15, Info CSI 0000012f [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 20:16:15, Info CSI 00000130 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2020-03-22 20:16:16, Info CSI 00000133 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"imageres.dll"; source file in store is also corrupted

2020-03-22 20:16:16, Info CSI 00000135 [SR] Verify complete

2020-03-22 20:16:16, Info CSI 00000136 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:16, Info CSI 00000137 [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:19, Info CSI 00000139 [SR] Verify complete

2020-03-22 20:16:19, Info CSI 0000013a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:19, Info CSI 0000013b [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:21, Info CSI 0000013d [SR] Verify complete

2020-03-22 20:16:22, Info CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:22, Info CSI 0000013f [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:28, Info CSI 00000141 [SR] Verify complete

2020-03-22 20:16:29, Info CSI 00000142 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:29, Info CSI 00000143 [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:33, Info CSI 00000145 [SR] Verify complete

2020-03-22 20:16:34, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:34, Info CSI 00000147 [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:42, Info CSI 00000151 [SR] Verify complete

2020-03-22 20:16:42, Info CSI 00000152 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:42, Info CSI 00000153 [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:48, Info CSI 00000163 [SR] Verify complete

2020-03-22 20:16:48, Info CSI 00000164 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:48, Info CSI 00000165 [SR] Beginning Verify and Repair transaction

2020-03-22 20:16:52, Info CSI 00000167 [SR] Verify complete

2020-03-22 20:16:53, Info CSI 00000168 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:16:53, Info CSI 00000169 [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:08, Info CSI 0000016b [SR] Verify complete

2020-03-22 20:17:09, Info CSI 0000016c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:09, Info CSI 0000016d [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:12, Info CSI 0000016f [SR] Verify complete

2020-03-22 20:17:13, Info CSI 00000170 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:13, Info CSI 00000171 [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:18, Info CSI 00000173 [SR] Verify complete

2020-03-22 20:17:19, Info CSI 00000174 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:19, Info CSI 00000175 [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:23, Info CSI 00000177 [SR] Verify complete

2020-03-22 20:17:24, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:24, Info CSI 00000179 [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:30, Info CSI 0000017b [SR] Verify complete

2020-03-22 20:17:31, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:31, Info CSI 0000017d [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:35, Info CSI 00000181 [SR] Verify complete

2020-03-22 20:17:35, Info CSI 00000182 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:35, Info CSI 00000183 [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:38, Info CSI 00000185 [SR] Verify complete

2020-03-22 20:17:39, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:39, Info CSI 00000187 [SR] Beginning Verify and Repair transaction

2020-03-22 20:17:53, Info CSI 00000189 [SR] Verify complete

2020-03-22 20:17:53, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:17:53, Info CSI 0000018b [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:02, Info CSI 0000018e [SR] Verify complete

2020-03-22 20:18:02, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:02, Info CSI 00000190 [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:08, Info CSI 00000192 [SR] Verify complete

2020-03-22 20:18:09, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:09, Info CSI 00000194 [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:16, Info CSI 00000197 [SR] Verify complete

2020-03-22 20:18:16, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:16, Info CSI 00000199 [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:26, Info CSI 0000019c [SR] Verify complete

2020-03-22 20:18:27, Info CSI 0000019d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:27, Info CSI 0000019e [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:34, Info CSI 000001a0 [SR] Verify complete

2020-03-22 20:18:34, Info CSI 000001a1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:34, Info CSI 000001a2 [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:39, Info CSI 000001a4 [SR] Verify complete

2020-03-22 20:18:40, Info CSI 000001a5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:40, Info CSI 000001a6 [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:44, Info CSI 000001a8 [SR] Verify complete

2020-03-22 20:18:46, Info CSI 000001a9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:46, Info CSI 000001aa [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:51, Info CSI 000001ad [SR] Verify complete

2020-03-22 20:18:51, Info CSI 000001ae [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:51, Info CSI 000001af [SR] Beginning Verify and Repair transaction

2020-03-22 20:18:58, Info CSI 000001b1 [SR] Verify complete

2020-03-22 20:18:59, Info CSI 000001b2 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:18:59, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:03, Info CSI 000001b5 [SR] Verify complete

2020-03-22 20:19:03, Info CSI 000001b6 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:03, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:10, Info CSI 000001ba [SR] Verify complete

2020-03-22 20:19:10, Info CSI 000001bb [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:10, Info CSI 000001bc [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:17, Info CSI 000001bf [SR] Verify complete

2020-03-22 20:19:18, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:18, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:25, Info CSI 000001c4 [SR] Verify complete

2020-03-22 20:19:25, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:25, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:32, Info CSI 000001c8 [SR] Verify complete

2020-03-22 20:19:32, Info CSI 000001c9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:32, Info CSI 000001ca [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:39, Info CSI 000001cc [SR] Verify complete

2020-03-22 20:19:39, Info CSI 000001cd [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:39, Info CSI 000001ce [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:44, Info CSI 000001d0 [SR] Verify complete

2020-03-22 20:19:45, Info CSI 000001d1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:45, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:49, Info CSI 000001d4 [SR] Verify complete

2020-03-22 20:19:49, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:49, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction

2020-03-22 20:19:55, Info CSI 000001d8 [SR] Verify complete

2020-03-22 20:19:55, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:19:55, Info CSI 000001da [SR] Beginning Verify and Repair transaction

2020-03-22 20:20:00, Info CSI 000001dc [SR] Verify complete

2020-03-22 20:20:01, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:20:01, Info CSI 000001de [SR] Beginning Verify and Repair transaction

2020-03-22 20:20:07, Info CSI 000001e0 [SR] Verify complete

2020-03-22 20:20:07, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:20:07, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction

2020-03-22 20:20:11, Info CSI 000001e4 [SR] Verify complete

2020-03-22 20:20:12, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:20:12, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction

2020-03-22 20:20:22, Info CSI 000001e8 [SR] Verify complete

2020-03-22 20:20:22, Info CSI 000001e9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:20:22, Info CSI 000001ea [SR] Beginning Verify and Repair transaction

2020-03-22 20:20:59, Info CSI 000001ec [SR] Verify complete

2020-03-22 20:20:59, Info CSI 000001ed [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:20:59, Info CSI 000001ee [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:09, Info CSI 000001f0 [SR] Verify complete

2020-03-22 20:21:10, Info CSI 000001f1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:10, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:20, Info CSI 000001f4 [SR] Verify complete

2020-03-22 20:21:21, Info CSI 000001f5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:21, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:24, Info CSI 000001f8 [SR] Verify complete

2020-03-22 20:21:24, Info CSI 000001f9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:24, Info CSI 000001fa [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:29, Info CSI 000001fc [SR] Verify complete

2020-03-22 20:21:30, Info CSI 000001fd [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:30, Info CSI 000001fe [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:34, Info CSI 00000200 [SR] Verify complete

2020-03-22 20:21:35, Info CSI 00000201 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:35, Info CSI 00000202 [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:41, Info CSI 00000204 [SR] Verify complete

2020-03-22 20:21:41, Info CSI 00000205 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:41, Info CSI 00000206 [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:42, Info CSI 00000208 [SR] Verify complete

2020-03-22 20:21:43, Info CSI 00000209 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:43, Info CSI 0000020a [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:43, Info CSI 0000020c [SR] Verify complete

2020-03-22 20:21:44, Info CSI 0000020d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:44, Info CSI 0000020e [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:51, Info CSI 00000216 [SR] Verify complete

2020-03-22 20:21:51, Info CSI 00000217 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:51, Info CSI 00000218 [SR] Beginning Verify and Repair transaction

2020-03-22 20:21:55, Info CSI 0000021a [SR] Verify complete

2020-03-22 20:21:57, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:21:57, Info CSI 0000021c [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:01, Info CSI 0000021e [SR] Verify complete

2020-03-22 20:22:01, Info CSI 0000021f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:01, Info CSI 00000220 [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:04, Info CSI 00000222 [SR] Verify complete

2020-03-22 20:22:05, Info CSI 00000223 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:05, Info CSI 00000224 [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:12, Info CSI 00000227 [SR] Verify complete

2020-03-22 20:22:12, Info CSI 00000228 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:12, Info CSI 00000229 [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:17, Info CSI 0000022b [SR] Verify complete

2020-03-22 20:22:17, Info CSI 0000022c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:17, Info CSI 0000022d [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:21, Info CSI 0000022f [SR] Verify complete

2020-03-22 20:22:22, Info CSI 00000230 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:22, Info CSI 00000231 [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:27, Info CSI 00000233 [SR] Verify complete

2020-03-22 20:22:28, Info CSI 00000234 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:28, Info CSI 00000235 [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:40, Info CSI 00000238 [SR] Verify complete

2020-03-22 20:22:40, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:40, Info CSI 0000023a [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:46, Info CSI 0000023f [SR] Verify complete

2020-03-22 20:22:47, Info CSI 00000240 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:47, Info CSI 00000241 [SR] Beginning Verify and Repair transaction

2020-03-22 20:22:54, Info CSI 00000247 [SR] Verify complete

2020-03-22 20:22:55, Info CSI 00000248 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:22:55, Info CSI 00000249 [SR] Beginning Verify and Repair transaction

2020-03-22 20:23:03, Info CSI 00000252 [SR] Verify complete

2020-03-22 20:23:04, Info CSI 00000253 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:23:04, Info CSI 00000254 [SR] Beginning Verify and Repair transaction

2020-03-22 20:23:09, Info CSI 00000259 [SR] Verify complete

2020-03-22 20:23:09, Info CSI 0000025a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:23:09, Info CSI 0000025b [SR] Beginning Verify and Repair transaction

2020-03-22 20:23:14, Info CSI 0000025f [SR] Verify complete

2020-03-22 20:23:15, Info CSI 00000260 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:23:15, Info CSI 00000261 [SR] Beginning Verify and Repair transaction

2020-03-22 20:23:18, Info CSI 00000263 [SR] Verify complete

2020-03-22 20:23:19, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:23:19, Info CSI 00000265 [SR] Beginning Verify and Repair transaction

2020-03-22 20:23:25, Info CSI 0000028a [SR] Verify complete

2020-03-22 20:23:25, Info CSI 0000028b [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:23:25, Info CSI 0000028c [SR] Beginning Verify and Repair transaction

2020-03-22 20:41:21, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:41:21, Info CSI 0000000a [SR] Beginning Verify and Repair transaction

2020-03-22 20:41:25, Info CSI 0000000c [SR] Verify complete

2020-03-22 20:41:30, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:41:30, Info CSI 0000000e [SR] Beginning Verify and Repair transaction

2020-03-22 20:41:34, Info CSI 00000010 [SR] Verify complete

2020-03-22 20:41:37, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:41:37, Info CSI 00000012 [SR] Beginning Verify and Repair transaction

2020-03-22 20:41:39, Info CSI 00000014 [SR] Verify complete

2020-03-22 20:41:42, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:41:42, Info CSI 00000016 [SR] Beginning Verify and Repair transaction

2020-03-22 20:41:44, Info CSI 00000018 [SR] Verify complete

2020-03-22 20:41:48, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:41:48, Info CSI 0000001a [SR] Beginning Verify and Repair transaction

2020-03-22 20:41:50, Info CSI 0000001c [SR] Verify complete

2020-03-22 20:41:54, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:41:54, Info CSI 0000001e [SR] Beginning Verify and Repair transaction

2020-03-22 20:41:56, Info CSI 00000020 [SR] Verify complete

2020-03-22 20:41:59, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:41:59, Info CSI 00000022 [SR] Beginning Verify and Repair transaction

2020-03-22 20:42:03, Info CSI 00000024 [SR] Verify complete

2020-03-22 20:42:07, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:42:07, Info CSI 00000026 [SR] Beginning Verify and Repair transaction

2020-03-22 20:42:12, Info CSI 00000028 [SR] Verify complete

2020-03-22 20:42:18, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:42:18, Info CSI 0000002a [SR] Beginning Verify and Repair transaction

2020-03-22 20:42:22, Info CSI 0000002c [SR] Verify complete

2020-03-22 20:42:24, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:42:24, Info CSI 0000002e [SR] Beginning Verify and Repair transaction

2020-03-22 20:42:29, Info CSI 00000030 [SR] Verify complete

2020-03-22 20:42:31, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:42:31, Info CSI 00000032 [SR] Beginning Verify and Repair transaction

2020-03-22 20:42:34, Info CSI 00000034 [SR] Verify complete

2020-03-22 20:42:37, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:42:37, Info CSI 00000036 [SR] Beginning Verify and Repair transaction

2020-03-22 20:42:42, Info CSI 00000038 [SR] Verify complete

2020-03-22 20:42:52, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:42:52, Info CSI 0000003a [SR] Beginning Verify and Repair transaction

2020-03-22 20:43:04, Info CSI 0000003c [SR] Verify complete

2020-03-22 20:43:07, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:43:07, Info CSI 0000003e [SR] Beginning Verify and Repair transaction

2020-03-22 20:43:46, Info CSI 00000040 [SR] Verify complete

2020-03-22 20:43:48, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:43:48, Info CSI 00000042 [SR] Beginning Verify and Repair transaction

2020-03-22 20:44:07, Info CSI 00000044 [SR] Verify complete

2020-03-22 20:44:09, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:44:09, Info CSI 00000046 [SR] Beginning Verify and Repair transaction

2020-03-22 20:44:17, Info CSI 00000048 [SR] Verify complete

2020-03-22 20:44:19, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:44:19, Info CSI 0000004a [SR] Beginning Verify and Repair transaction

2020-03-22 20:44:33, Info CSI 0000004c [SR] Verify complete

2020-03-22 20:44:36, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:44:36, Info CSI 0000004e [SR] Beginning Verify and Repair transaction

2020-03-22 20:44:49, Info CSI 00000050 [SR] Verify complete

2020-03-22 20:44:51, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:44:51, Info CSI 00000052 [SR] Beginning Verify and Repair transaction

2020-03-22 20:44:58, Info CSI 00000054 [SR] Verify complete

2020-03-22 20:44:59, Info CSI 00000055 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:44:59, Info CSI 00000056 [SR] Beginning Verify and Repair transaction

2020-03-22 20:45:10, Info CSI 00000058 [SR] Verify complete

2020-03-22 20:45:12, Info CSI 00000059 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:45:12, Info CSI 0000005a [SR] Beginning Verify and Repair transaction

2020-03-22 20:45:23, Info CSI 0000005c [SR] Verify complete

2020-03-22 20:45:25, Info CSI 0000005d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:45:25, Info CSI 0000005e [SR] Beginning Verify and Repair transaction

2020-03-22 20:46:26, Info CSI 00000060 [SR] Verify complete

2020-03-22 20:46:27, Info CSI 00000061 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:46:27, Info CSI 00000062 [SR] Beginning Verify and Repair transaction

2020-03-22 20:47:08, Info CSI 00000064 [SR] Verify complete

2020-03-22 20:47:15, Info CSI 00000065 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:47:15, Info CSI 00000066 [SR] Beginning Verify and Repair transaction

2020-03-22 20:47:57, Info CSI 00000068 [SR] Verify complete

2020-03-22 20:48:02, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:48:02, Info CSI 0000006a [SR] Beginning Verify and Repair transaction

2020-03-22 20:49:01, Info CSI 0000006e [SR] Verify complete

2020-03-22 20:49:05, Info CSI 0000006f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:49:05, Info CSI 00000070 [SR] Beginning Verify and Repair transaction

2020-03-22 20:50:02, Info CSI 00000074 [SR] Verify complete

2020-03-22 20:50:03, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:50:03, Info CSI 00000076 [SR] Beginning Verify and Repair transaction

2020-03-22 20:50:21, Info CSI 00000079 [SR] Verify complete

2020-03-22 20:50:23, Info CSI 0000007a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:50:23, Info CSI 0000007b [SR] Beginning Verify and Repair transaction

2020-03-22 20:50:40, Info CSI 0000007e [SR] Verify complete

2020-03-22 20:50:41, Info CSI 0000007f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:50:41, Info CSI 00000080 [SR] Beginning Verify and Repair transaction

2020-03-22 20:51:11, Info CSI 00000082 [SR] Verify complete

2020-03-22 20:51:15, Info CSI 00000083 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:51:15, Info CSI 00000084 [SR] Beginning Verify and Repair transaction

2020-03-22 20:51:48, Info CSI 000000a9 [SR] Verify complete

2020-03-22 20:51:52, Info CSI 000000aa [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:51:52, Info CSI 000000ab [SR] Beginning Verify and Repair transaction

2020-03-22 20:52:29, Info CSI 000000ad [SR] Verify complete

2020-03-22 20:52:31, Info CSI 000000ae [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:52:31, Info CSI 000000af [SR] Beginning Verify and Repair transaction

2020-03-22 20:53:03, Info CSI 000000b1 [SR] Verify complete

2020-03-22 20:53:06, Info CSI 000000b2 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:53:06, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction

2020-03-22 20:53:41, Info CSI 000000b5 [SR] Verify complete

2020-03-22 20:53:45, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:53:45, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction

2020-03-22 20:54:11, Info CSI 000000b9 [SR] Verify complete

2020-03-22 20:54:15, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:54:15, Info CSI 000000bb [SR] Beginning Verify and Repair transaction

2020-03-22 20:54:35, Info CSI 000000bd [SR] Verify complete

2020-03-22 20:54:37, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:54:37, Info CSI 000000bf [SR] Beginning Verify and Repair transaction

2020-03-22 20:55:45, Info CSI 000000e2 [SR] Verify complete

2020-03-22 20:55:47, Info CSI 000000e3 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:55:47, Info CSI 000000e4 [SR] Beginning Verify and Repair transaction

2020-03-22 20:56:36, Info CSI 000000e6 [SR] Verify complete

2020-03-22 20:56:38, Info CSI 000000e7 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:56:38, Info CSI 000000e8 [SR] Beginning Verify and Repair transaction

2020-03-22 20:57:43, Info CSI 000000ea [SR] Verify complete

2020-03-22 20:57:45, Info CSI 000000eb [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:57:45, Info CSI 000000ec [SR] Beginning Verify and Repair transaction

2020-03-22 20:58:27, Info CSI 000000ee [SR] Verify complete

2020-03-22 20:58:29, Info CSI 000000ef [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:58:29, Info CSI 000000f0 [SR] Beginning Verify and Repair transaction

2020-03-22 20:58:52, Info CSI 000000f2 [SR] Verify complete

2020-03-22 20:58:55, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:58:55, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction

2020-03-22 20:59:03, Info CSI 000000f6 [SR] Verify complete

2020-03-22 20:59:05, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:59:05, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction

2020-03-22 20:59:29, Info CSI 000000fa [SR] Verify complete

2020-03-22 20:59:31, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:59:31, Info CSI 000000fc [SR] Beginning Verify and Repair transaction

2020-03-22 20:59:50, Info CSI 0000010f [SR] Verify complete

2020-03-22 20:59:50, Info CSI 00000110 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 20:59:50, Info CSI 00000111 [SR] Beginning Verify and Repair transaction

2020-03-22 20:59:58, Info CSI 00000113 [SR] Verify complete

2020-03-22 21:00:01, Info CSI 00000114 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:00:01, Info CSI 00000115 [SR] Beginning Verify and Repair transaction

2020-03-22 21:00:17, Info CSI 00000117 [SR] Verify complete

2020-03-22 21:00:18, Info CSI 00000118 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:00:18, Info CSI 00000119 [SR] Beginning Verify and Repair transaction

2020-03-22 21:00:24, Info CSI 0000011b [SR] Verify complete

2020-03-22 21:00:25, Info CSI 0000011c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:00:25, Info CSI 0000011d [SR] Beginning Verify and Repair transaction

2020-03-22 21:00:28, Info CSI 0000011f [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:00:41, Info CSI 00000121 [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:00:41, Info CSI 00000122 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2020-03-22 21:00:42, Info CSI 00000125 [SR] Could not reproject corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\IME\IMETC10\DICTS"\[l:18{9}]"IMTCS.IMD"; source file in store is also corrupted

2020-03-22 21:00:42, Info CSI 00000128 [SR] Verify complete

2020-03-22 21:00:45, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:00:45, Info CSI 0000012a [SR] Beginning Verify and Repair transaction

2020-03-22 21:01:00, Info CSI 0000012c [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:01:17, Info CSI 0000012f [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:01:17, Info CSI 00000130 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2020-03-22 21:01:18, Info CSI 00000133 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"imageres.dll"; source file in store is also corrupted

2020-03-22 21:01:18, Info CSI 00000135 [SR] Verify complete

2020-03-22 21:01:19, Info CSI 00000136 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:01:19, Info CSI 00000137 [SR] Beginning Verify and Repair transaction

2020-03-22 21:01:26, Info CSI 00000139 [SR] Verify complete

2020-03-22 21:01:27, Info CSI 0000013a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:01:27, Info CSI 0000013b [SR] Beginning Verify and Repair transaction

2020-03-22 21:01:32, Info CSI 0000013d [SR] Verify complete

2020-03-22 21:01:33, Info CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:01:33, Info CSI 0000013f [SR] Beginning Verify and Repair transaction

2020-03-22 21:01:53, Info CSI 00000141 [SR] Verify complete

2020-03-22 21:01:53, Info CSI 00000142 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:01:53, Info CSI 00000143 [SR] Beginning Verify and Repair transaction

2020-03-22 21:02:10, Info CSI 00000145 [SR] Verify complete

2020-03-22 21:02:11, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:02:11, Info CSI 00000147 [SR] Beginning Verify and Repair transaction

2020-03-22 21:02:36, Info CSI 00000151 [SR] Verify complete

2020-03-22 21:02:37, Info CSI 00000152 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:02:37, Info CSI 00000153 [SR] Beginning Verify and Repair transaction

2020-03-22 21:02:50, Info CSI 00000163 [SR] Verify complete

2020-03-22 21:02:51, Info CSI 00000164 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:02:51, Info CSI 00000165 [SR] Beginning Verify and Repair transaction

2020-03-22 21:03:02, Info CSI 00000167 [SR] Verify complete

2020-03-22 21:03:02, Info CSI 00000168 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:03:02, Info CSI 00000169 [SR] Beginning Verify and Repair transaction

2020-03-22 21:04:15, Info CSI 0000016b [SR] Verify complete

2020-03-22 21:04:17, Info CSI 0000016c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:04:17, Info CSI 0000016d [SR] Beginning Verify and Repair transaction

2020-03-22 21:04:29, Info CSI 0000016f [SR] Verify complete

2020-03-22 21:04:30, Info CSI 00000170 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:04:30, Info CSI 00000171 [SR] Beginning Verify and Repair transaction

2020-03-22 21:04:45, Info CSI 00000173 [SR] Verify complete

2020-03-22 21:04:47, Info CSI 00000174 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:04:47, Info CSI 00000175 [SR] Beginning Verify and Repair transaction

2020-03-22 21:04:58, Info CSI 00000177 [SR] Verify complete

2020-03-22 21:04:59, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:04:59, Info CSI 00000179 [SR] Beginning Verify and Repair transaction

2020-03-22 21:05:15, Info CSI 0000017b [SR] Verify complete

2020-03-22 21:05:15, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:05:15, Info CSI 0000017d [SR] Beginning Verify and Repair transaction

2020-03-22 21:05:22, Info CSI 00000181 [SR] Verify complete

2020-03-22 21:05:23, Info CSI 00000182 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:05:23, Info CSI 00000183 [SR] Beginning Verify and Repair transaction

2020-03-22 21:05:31, Info CSI 00000185 [SR] Verify complete

2020-03-22 21:05:31, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:05:31, Info CSI 00000187 [SR] Beginning Verify and Repair transaction

2020-03-22 21:06:50, Info CSI 00000189 [SR] Verify complete

2020-03-22 21:06:52, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:06:52, Info CSI 0000018b [SR] Beginning Verify and Repair transaction

2020-03-22 21:07:31, Info CSI 0000018e [SR] Verify complete

2020-03-22 21:07:31, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:07:31, Info CSI 00000190 [SR] Beginning Verify and Repair transaction

2020-03-22 21:07:52, Info CSI 00000192 [SR] Verify complete

2020-03-22 21:07:53, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:07:53, Info CSI 00000194 [SR] Beginning Verify and Repair transaction

2020-03-22 21:08:11, Info CSI 00000197 [SR] Verify complete

2020-03-22 21:08:13, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:08:13, Info CSI 00000199 [SR] Beginning Verify and Repair transaction

2020-03-22 21:08:51, Info CSI 0000019c [SR] Verify complete

2020-03-22 21:08:51, Info CSI 0000019d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:08:51, Info CSI 0000019e [SR] Beginning Verify and Repair transaction

2020-03-22 21:09:11, Info CSI 000001a0 [SR] Verify complete

2020-03-22 21:09:11, Info CSI 000001a1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:09:11, Info CSI 000001a2 [SR] Beginning Verify and Repair transaction

2020-03-22 21:09:25, Info CSI 000001a4 [SR] Verify complete

2020-03-22 21:09:26, Info CSI 000001a5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:09:26, Info CSI 000001a6 [SR] Beginning Verify and Repair transaction

2020-03-22 21:09:38, Info CSI 000001a8 [SR] Verify complete

2020-03-22 21:09:39, Info CSI 000001a9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:09:39, Info CSI 000001aa [SR] Beginning Verify and Repair transaction

2020-03-22 21:09:53, Info CSI 000001ad [SR] Verify complete

2020-03-22 21:09:53, Info CSI 000001ae [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:09:53, Info CSI 000001af [SR] Beginning Verify and Repair transaction

2020-03-22 21:10:10, Info CSI 000001b1 [SR] Verify complete

2020-03-22 21:10:11, Info CSI 000001b2 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:10:11, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction

2020-03-22 21:10:19, Info CSI 000001b5 [SR] Verify complete

2020-03-22 21:10:20, Info CSI 000001b6 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:10:20, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction

2020-03-22 21:10:34, Info CSI 000001ba [SR] Verify complete

2020-03-22 21:10:35, Info CSI 000001bb [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:10:35, Info CSI 000001bc [SR] Beginning Verify and Repair transaction

2020-03-22 21:10:54, Info CSI 000001bf [SR] Verify complete

2020-03-22 21:10:55, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:10:55, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction

2020-03-22 21:11:16, Info CSI 000001c4 [SR] Verify complete

2020-03-22 21:11:18, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:11:18, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction

2020-03-22 21:11:36, Info CSI 000001c8 [SR] Verify complete

2020-03-22 21:11:36, Info CSI 000001c9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:11:36, Info CSI 000001ca [SR] Beginning Verify and Repair transaction

2020-03-22 21:12:00, Info CSI 000001cc [SR] Verify complete

2020-03-22 21:12:00, Info CSI 000001cd [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:12:00, Info CSI 000001ce [SR] Beginning Verify and Repair transaction

2020-03-22 21:12:09, Info CSI 000001d0 [SR] Verify complete

2020-03-22 21:12:12, Info CSI 000001d1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:12:12, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction

2020-03-22 21:12:22, Info CSI 000001d4 [SR] Verify complete

2020-03-22 21:12:23, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:12:23, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction

2020-03-22 21:12:37, Info CSI 000001d8 [SR] Verify complete

2020-03-22 21:12:38, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:12:38, Info CSI 000001da [SR] Beginning Verify and Repair transaction

2020-03-22 21:12:56, Info CSI 000001dc [SR] Verify complete

2020-03-22 21:12:57, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:12:57, Info CSI 000001de [SR] Beginning Verify and Repair transaction

2020-03-22 21:13:14, Info CSI 000001e0 [SR] Verify complete

2020-03-22 21:13:15, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:13:15, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction

2020-03-22 21:13:28, Info CSI 000001e4 [SR] Verify complete

2020-03-22 21:13:29, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:13:29, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction

2020-03-22 21:14:10, Info CSI 000001e8 [SR] Verify complete

2020-03-22 21:14:11, Info CSI 000001e9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:14:11, Info CSI 000001ea [SR] Beginning Verify and Repair transaction

2020-03-22 21:17:00, Info CSI 000001ec [SR] Verify complete

2020-03-22 21:17:01, Info CSI 000001ed [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:17:01, Info CSI 000001ee [SR] Beginning Verify and Repair transaction

2020-03-22 21:17:28, Info CSI 000001f0 [SR] Verify complete

2020-03-22 21:17:28, Info CSI 000001f1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:17:28, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction

2020-03-22 21:17:57, Info CSI 000001f4 [SR] Verify complete

2020-03-22 21:17:58, Info CSI 000001f5 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:17:58, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction

2020-03-22 21:18:07, Info CSI 000001f8 [SR] Verify complete

2020-03-22 21:18:08, Info CSI 000001f9 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:18:08, Info CSI 000001fa [SR] Beginning Verify and Repair transaction

2020-03-22 21:18:22, Info CSI 000001fc [SR] Verify complete

2020-03-22 21:18:23, Info CSI 000001fd [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:18:23, Info CSI 000001fe [SR] Beginning Verify and Repair transaction

2020-03-22 21:18:36, Info CSI 00000200 [SR] Verify complete

2020-03-22 21:18:37, Info CSI 00000201 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:18:37, Info CSI 00000202 [SR] Beginning Verify and Repair transaction

2020-03-22 21:18:56, Info CSI 00000204 [SR] Verify complete

2020-03-22 21:18:57, Info CSI 00000205 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:18:57, Info CSI 00000206 [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:00, Info CSI 00000208 [SR] Verify complete

2020-03-22 21:19:01, Info CSI 00000209 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:01, Info CSI 0000020a [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:03, Info CSI 0000020c [SR] Verify complete

2020-03-22 21:19:04, Info CSI 0000020d [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:04, Info CSI 0000020e [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:20, Info CSI 00000216 [SR] Verify complete

2020-03-22 21:19:22, Info CSI 00000217 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:22, Info CSI 00000218 [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:34, Info CSI 0000021a [SR] Verify complete

2020-03-22 21:19:35, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:35, Info CSI 0000021c [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:39, Info CSI 0000021e [SR] Verify complete

2020-03-22 21:19:39, Info CSI 0000021f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:39, Info CSI 00000220 [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:45, Info CSI 00000222 [SR] Verify complete

2020-03-22 21:19:46, Info CSI 00000223 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:46, Info CSI 00000224 [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:52, Info CSI 00000227 [SR] Verify complete

2020-03-22 21:19:53, Info CSI 00000228 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:53, Info CSI 00000229 [SR] Beginning Verify and Repair transaction

2020-03-22 21:19:57, Info CSI 0000022b [SR] Verify complete

2020-03-22 21:19:58, Info CSI 0000022c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:19:58, Info CSI 0000022d [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:00, Info CSI 0000022f [SR] Verify complete

2020-03-22 21:20:01, Info CSI 00000230 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:01, Info CSI 00000231 [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:08, Info CSI 00000233 [SR] Verify complete

2020-03-22 21:20:08, Info CSI 00000234 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:08, Info CSI 00000235 [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:18, Info CSI 00000238 [SR] Verify complete

2020-03-22 21:20:19, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:19, Info CSI 0000023a [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:26, Info CSI 0000023f [SR] Verify complete

2020-03-22 21:20:26, Info CSI 00000240 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:26, Info CSI 00000241 [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:34, Info CSI 00000247 [SR] Verify complete

2020-03-22 21:20:36, Info CSI 00000248 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:36, Info CSI 00000249 [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:45, Info CSI 00000252 [SR] Verify complete

2020-03-22 21:20:46, Info CSI 00000253 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:46, Info CSI 00000254 [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:51, Info CSI 00000259 [SR] Verify complete

2020-03-22 21:20:51, Info CSI 0000025a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:51, Info CSI 0000025b [SR] Beginning Verify and Repair transaction

2020-03-22 21:20:56, Info CSI 0000025f [SR] Verify complete

2020-03-22 21:20:57, Info CSI 00000260 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:20:57, Info CSI 00000261 [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:00, Info CSI 00000263 [SR] Verify complete

2020-03-22 21:21:01, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:01, Info CSI 00000265 [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:07, Info CSI 0000028a [SR] Verify complete

2020-03-22 21:21:08, Info CSI 0000028b [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:08, Info CSI 0000028c [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:17, Info CSI 0000028e [SR] Verify complete

2020-03-22 21:21:18, Info CSI 0000028f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:18, Info CSI 00000290 [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:24, Info CSI 00000292 [SR] Verify complete

2020-03-22 21:21:24, Info CSI 00000293 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:24, Info CSI 00000294 [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:30, Info CSI 00000296 [SR] Verify complete

2020-03-22 21:21:31, Info CSI 00000297 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:31, Info CSI 00000298 [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:37, Info CSI 000002a5 [SR] Verify complete

2020-03-22 21:21:38, Info CSI 000002a6 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:38, Info CSI 000002a7 [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:43, Info CSI 000002aa [SR] Verify complete

2020-03-22 21:21:44, Info CSI 000002ab [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:44, Info CSI 000002ac [SR] Beginning Verify and Repair transaction

2020-03-22 21:21:53, Info CSI 000002b0 [SR] Verify complete

2020-03-22 21:21:54, Info CSI 000002b1 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:21:54, Info CSI 000002b2 [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:00, Info CSI 000002be [SR] Verify complete

2020-03-22 21:22:01, Info CSI 000002bf [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:01, Info CSI 000002c0 [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:03, Info CSI 000002c2 [SR] Verify complete

2020-03-22 21:22:04, Info CSI 000002c3 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:04, Info CSI 000002c4 [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:10, Info CSI 000002c7 [SR] Verify complete

2020-03-22 21:22:10, Info CSI 000002c8 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:10, Info CSI 000002c9 [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:12, Info CSI 000002cb [SR] Verify complete

2020-03-22 21:22:13, Info CSI 000002cc [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:13, Info CSI 000002cd [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:20, Info CSI 000002cf [SR] Verify complete

2020-03-22 21:22:20, Info CSI 000002d0 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:20, Info CSI 000002d1 [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:25, Info CSI 000002d3 [SR] Verify complete

2020-03-22 21:22:25, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:25, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:32, Info CSI 000002d9 [SR] Verify complete

2020-03-22 21:22:32, Info CSI 000002da [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:32, Info CSI 000002db [SR] Beginning Verify and Repair transaction

2020-03-22 21:22:38, Info CSI 000002f3 [SR] Verify complete

2020-03-22 21:22:39, Info CSI 000002f4 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:22:39, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:01, Info CSI 000002f7 [SR] Verify complete

2020-03-22 21:23:02, Info CSI 000002f8 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:02, Info CSI 000002f9 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:05, Info CSI 000002fb [SR] Verify complete

2020-03-22 21:23:06, Info CSI 000002fc [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:06, Info CSI 000002fd [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:09, Info CSI 000002ff [SR] Verify complete

2020-03-22 21:23:10, Info CSI 00000300 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:10, Info CSI 00000301 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:13, Info CSI 00000305 [SR] Verify complete

2020-03-22 21:23:13, Info CSI 00000306 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:13, Info CSI 00000307 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:18, Info CSI 00000309 [SR] Verify complete

2020-03-22 21:23:19, Info CSI 0000030a [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:19, Info CSI 0000030b [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:22, Info CSI 0000030d [SR] Verify complete

2020-03-22 21:23:23, Info CSI 0000030e [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:23, Info CSI 0000030f [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:27, Info CSI 00000311 [SR] Verify complete

2020-03-22 21:23:28, Info CSI 00000312 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:28, Info CSI 00000313 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:32, Info CSI 00000316 [SR] Verify complete

2020-03-22 21:23:32, Info CSI 00000317 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:32, Info CSI 00000318 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:36, Info CSI 0000031a [SR] Verify complete

2020-03-22 21:23:36, Info CSI 0000031b [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:36, Info CSI 0000031c [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:41, Info CSI 0000031e [SR] Verify complete

2020-03-22 21:23:41, Info CSI 0000031f [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:41, Info CSI 00000320 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:47, Info CSI 00000322 [SR] Verify complete

2020-03-22 21:23:48, Info CSI 00000323 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:48, Info CSI 00000324 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:52, Info CSI 00000327 [SR] Verify complete

2020-03-22 21:23:52, Info CSI 00000328 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:52, Info CSI 00000329 [SR] Beginning Verify and Repair transaction

2020-03-22 21:23:57, Info CSI 0000032b [SR] Verify complete

2020-03-22 21:23:58, Info CSI 0000032c [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:23:58, Info CSI 0000032d [SR] Beginning Verify and Repair transaction

2020-03-22 21:24:02, Info CSI 0000032f [SR] Verify complete

2020-03-22 21:24:03, Info CSI 00000330 [SR] Verifying 100 (0x0000000000000064) components

2020-03-22 21:24:03, Info CSI 00000331 [SR] Beginning Verify and Repair transaction

2020-03-22 21:24:10, Info CSI 00000333 [SR] Verify complete

2020-03-22 21:24:10, Info CSI 00000334 [SR] Verifying 55 (0x0000000000000037) components

2020-03-22 21:24:10, Info CSI 00000335 [SR] Beginning Verify and Repair transaction

2020-03-22 21:24:12, Info CSI 00000337 [SR] Verify complete

2020-03-22 21:24:12, Info CSI 00000338 [SR] Repairing 2 components

2020-03-22 21:24:12, Info CSI 00000339 [SR] Beginning Verify and Repair transaction

2020-03-22 21:24:13, Info CSI 0000033b [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:24:13, Info CSI 0000033d [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:24:13, Info CSI 0000033f [SR] Cannot repair member file [l:18{9}]"IMTCS.IMD" of Microsoft-Windows-IME-Traditional-Chinese-BigramDictionary, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:24:13, Info CSI 00000340 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2020-03-22 21:24:14, Info CSI 00000343 [SR] Could not reproject corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\IME\IMETC10\DICTS"\[l:18{9}]"IMTCS.IMD"; source file in store is also corrupted

2020-03-22 21:24:16, Info CSI 00000345 [SR] Cannot repair member file [l:24{12}]"imageres.dll" of Microsoft-Windows-imageres, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2020-03-22 21:24:16, Info CSI 00000346 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2020-03-22 21:24:16, Info CSI 00000349 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"imageres.dll"; source file in store is also corrupted

2020-03-22 21:24:16, Info CSI 0000034b [SR] Repair complete

2020-03-22 21:24:16, Info CSI 0000034c [SR] Committing transaction

2020-03-22 21:24:16, Info CSI 00000350 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

========= End of CMD: =========

========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

========= End of CMD: =========

#27
steveairway

Posted 22 March 2020 - 07:54 PM

Member

Topic Starter
Member
54 posts

First log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2020

Ran by Mike (administrator) on MIKELAPTOPWIN7 (Hewlett-Packard HP ProBook 6560b) (22-03-2020 21:57:55)