Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware

trojan.banker

  • Please log in to reply

#1
northwalian1

northwalian1

    Member

  • Member
  • PipPip
  • 55 posts

Hello,

 

Earlier today Kaspersky detected a trojan.banker, then deleted all the objects but could someone check the FRST logs to see if everything was removed. Also did Malwarebytes scan but nothing was detected. Thanks in advance.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2021
Ran by Dyfan (administrator) on SINBAD (13-05-2021 14:33:53)
Running from C:\Users\Dyfan\Desktop
Loaded Profiles: Dyfan
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsAPHider\AsAPHider.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
(Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(Code Sector -> Code Sector Inc.) C:\Program Files (x86)\Direct Folders\df64.exe
(Code Sector -> Code Sector) C:\Program Files (x86)\Direct Folders\df.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <19>
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(JackettConsole) [File not signed] C:\ProgramData\Jackett\JackettConsole.exe
(JackettService) [File not signed] C:\ProgramData\Jackett\JackettService.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2020-09-26] (Open-Shell) [File not signed]
HKLM\...\Run: [AsioReg] => REGSVR32.EXE /S CTASIO.DLL*
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => C:\Windows\SysWOW64\CTHELPER.EXE* [19456 2007-04-09] () [File not signed]
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE* [19968 2007-04-09] () [File not signed]
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PrivateFolder] => C:\Program Files (x86)\PrivateFolder\PF_Pass.exe [253504 2012-12-31] (eMing Software Inc. -> eMing Software Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-03-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\MountPoints2: {2b13ba87-5fe2-11eb-825c-50465db36e87} - "G:\Setup.exe"
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DevconDefaultDB] => C:\WINDOWS\system32\READREG /SILENT /FAIL=1
HKLM\...\Windows x64\Print Processors\Canon MP560 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA0.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP560 series: C:\WINDOWS\system32\CNMLMA0.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-10] (Google LLC -> Google LLC)
BootExecute: PDBoot.exeautocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {395C37E6-F737-42E3-87CC-6995B0CE846C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {5807951C-9665-4994-B992-DFE8BB56DB33} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {589EE948-D775-4ECF-9841-5C5C4484EE31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {96105BC3-AFEE-47A7-8891-D5695DCAFAA5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-04-29] (Garmin International, Inc. -> )
Task: {B3DDBA0C-2045-433C-82BA-A3D7B3E29004} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C38DB12F-6996-49D9-A354-E58EA55CD46E} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {CD8993E1-0076-4DC4-9D2D-731B3BD5EAE8} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2012-03-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CF79DC15-CE26-488D-99B8-BDBF722552B4} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {FE988C55-483B-4B7F-B571-8251A053352D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-05-11] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{FB23B534-7674-410D-9BF6-24D3C4A67BF6}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.2,1]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default [2021-05-13]
CHR DownloadDir: H:\FRD
CHR Notifications: Default -> hxxps://loadsite.online; hxxps://mail.protonmail.com; hxxps://mail.yandex.com; hxxps://www.enjoythemusic.net
CHR Extension: (uBlock Origin) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-09]
CHR Extension: (Strong Password Generator) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\emehklffcaphknhhfhadkjhpfapcbpco [2021-01-25]
CHR Extension: (I don't care about cookies) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-04-17]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2021-01-25]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2021-01-26]
CHR Extension: (Protect My Choices) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2021-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-15]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2021-01-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [324608 2021-01-25] (ASUSTeK Computer Inc.) [File not signed] [File is in use]
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2021-01-26] (GuinpinSoft inc) [File not signed]
R2 Jackett; C:\ProgramData\Jackett\JackettService.exe [405504 2021-05-12] (JackettService) [File not signed]
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-09] (Malwarebytes Inc -> Malwarebytes)
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [151296 2007-04-12] (Creative -> Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd.)
R3 ctgame; C:\WINDOWS\system32\DRIVERS\ctgame.sys [28544 2015-07-01] (Creative Technology Ltd -> Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\system32\DRIVERS\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245752 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [283144 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [108576 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [216576 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-26] (Malwarebytes Inc -> Malwarebytes)
R1 PFolder; C:\WINDOWS\System32\Drivers\PFolder64.sys [57832 2012-12-31] (eMing Software Inc. -> eMing Software Inc.)
S3 rtdrm; C:\WINDOWS\System32\drivers\rtdrm64.sys [19656 2021-01-23] (TenAsys Corporation -> TenAsys Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 14:33 - 2021-05-13 14:34 - 000019621 _____ C:\Users\Dyfan\Desktop\FRST.txt
2021-05-13 14:32 - 2021-05-13 14:34 - 000000000 ____D C:\FRST
2021-05-13 14:30 - 2021-05-13 14:30 - 002299392 _____ (Farbar) C:\Users\Dyfan\Desktop\FRST64.exe
2021-05-13 13:35 - 2021-05-13 13:35 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-13 11:31 - 2021-05-13 11:31 - 000235730 _____ C:\TDSSKiller.3.1.0.28_13.05.2021_11.31.01_log.txt
2021-05-13 11:26 - 2021-05-13 11:26 - 000283144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000245752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000216576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000108576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-05-13 11:20 - 2021-05-13 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2021-05-13 11:19 - 2021-05-13 11:20 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-05-13 11:19 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2021-05-13 11:19 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-05-13 11:19 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-05-13 11:04 - 2021-05-13 11:09 - 000000013 _____ C:\ProgramData\krosqm.txt
2021-05-12 16:12 - 2021-05-12 16:12 - 024514956 _____ C:\Users\Dyfan\Documents\E8021_F2A85-V_PRO.pdf
2021-05-12 15:17 - 2021-05-12 15:38 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Direct Folders
2021-05-12 15:17 - 2021-05-12 15:17 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Direct Folders.lnk
2021-05-12 15:17 - 2021-05-12 15:17 - 000000000 ____D C:\Program Files (x86)\Direct Folders
2021-05-12 14:37 - 2021-05-12 14:37 - 000000000 ____D C:\Users\Dyfan\AppData\Local\calibre-ebook.com
2021-05-12 14:37 - 2021-05-12 14:37 - 000000000 ____D C:\Users\Dyfan\AppData\Local\cache
2021-05-12 13:59 - 2021-05-12 13:59 - 000637646 _____ C:\Users\Dyfan\Documents\Jennifer's Body (2009).XtoDVD
2021-05-12 12:36 - 2021-05-12 12:36 - 000234816 _____ C:\TDSSKiller.3.1.0.28_12.05.2021_12.36.07_log.txt
2021-05-12 10:09 - 2021-04-06 07:51 - 001678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-11 15:01 - 2021-05-11 15:01 - 000000958 _____ C:\Users\Dyfan\Documents\jennifer's body unrated.txt
2021-05-10 11:20 - 2021-05-10 11:20 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Fredrik_Blomqvist
2021-05-09 20:20 - 2021-05-09 20:20 - 000000000 ____D C:\Users\Dyfan\Desktop\mkvtoolnix-64-bit-56.1.0
2021-05-08 10:26 - 2021-05-13 13:42 - 000000000 ____D C:\Users\Dyfan\AppData\LocalLow\IGDump
2021-05-08 10:23 - 2021-05-08 10:23 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.9
2021-05-08 10:23 - 2021-05-08 10:23 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Package Cache
2021-05-07 23:38 - 2021-05-07 23:38 - 000000000 ____D C:\Users\Dyfan\Documents\Audacity
2021-05-07 18:11 - 2021-05-12 11:39 - 000000000 ____D C:\ProgramData\Jackett
2021-05-07 18:11 - 2021-05-07 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jackett
2021-05-05 11:22 - 2021-05-05 11:22 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Kaspersky Lab
2021-05-04 12:47 - 2021-05-04 12:47 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2021-05-03 17:35 - 2021-05-03 17:35 - 000924336 _____ (Python Software Foundation) C:\WINDOWS\pyw.exe
2021-05-03 17:35 - 2021-05-03 17:35 - 000924336 _____ (Python Software Foundation) C:\WINDOWS\py.exe
2021-05-03 17:35 - 2021-05-03 17:35 - 000058032 _____ (Python Software Foundation) C:\WINDOWS\pyshellext.amd64.dll
2021-05-03 13:13 - 2021-05-03 13:13 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Digiarty
2021-05-03 13:13 - 2021-05-03 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2021-05-03 13:13 - 2021-05-03 13:13 - 000000000 ____D C:\Program Files (x86)\Digiarty
2021-05-03 10:16 - 2021-05-03 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-05-03 10:16 - 2021-05-03 10:16 - 000000000 ____D C:\Program Files\qBittorrent
2021-05-02 11:48 - 2021-05-02 11:48 - 000000086 _____ C:\Users\Dyfan\Documents\This Is The Zodiak Speaking.txt
2021-05-02 10:20 - 2021-05-02 10:27 - 000000000 ____D C:\Users\Dyfan\AppData\Local\EZ CD Audio Converter
2021-05-02 10:20 - 2021-05-02 10:21 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2021-05-02 10:20 - 2021-05-02 10:20 - 000000899 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2021-05-02 10:20 - 2021-05-02 10:20 - 000000000 ____D C:\ProgramData\EZ CD Audio Converter
2021-05-01 14:06 - 2021-05-12 13:53 - 000000000 ____D C:\Users\Dyfan\Documents\ConvertXtoDVD_Resources
2021-05-01 14:04 - 2021-05-12 23:35 - 000000000 ____D C:\ProgramData\VSO
2021-05-01 14:04 - 2021-05-12 13:58 - 000000000 ____D C:\Users\Dyfan\Documents\ConvertXToDVD
2021-05-01 14:04 - 2021-05-01 14:06 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\VSO
2021-05-01 14:04 - 2021-05-01 14:04 - 000099384 _____ C:\Users\Dyfan\AppData\Roaming\inst.exe
2021-05-01 14:04 - 2021-05-01 14:04 - 000082816 _____ (VSO Software) C:\Users\Dyfan\AppData\Roaming\pcouffin.sys
2021-05-01 14:04 - 2021-05-01 14:04 - 000007859 _____ C:\Users\Dyfan\AppData\Roaming\pcouffin.cat
2021-05-01 14:04 - 2021-05-01 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2021-05-01 14:04 - 2021-05-01 14:04 - 000000000 ____D C:\Program Files (x86)\VSO
2021-04-30 09:35 - 2021-04-30 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-04-29 11:35 - 2021-05-13 14:30 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\TeraCopy
2021-04-29 11:35 - 2021-04-29 11:35 - 000000919 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy.lnk
2021-04-29 11:35 - 2021-04-29 11:35 - 000000000 ____D C:\ProgramData\Code Sector
2021-04-29 11:35 - 2021-04-29 11:35 - 000000000 ____D C:\ProgramData\Caphyon
2021-04-29 11:35 - 2021-04-29 11:35 - 000000000 ____D C:\Program Files\TeraCopy
2021-04-28 21:42 - 2021-05-06 22:41 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\dvdcss
2021-04-26 08:53 - 2021-04-26 08:57 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\XMedia Recode
2021-04-26 08:44 - 2021-04-26 08:44 - 000000000 ____D C:\Users\Dyfan\AppData\Local\RadeonInstaller
2021-04-26 08:44 - 2021-04-26 08:44 - 000000000 ____D C:\ProgramData\AMD
2021-04-26 08:44 - 2021-04-26 08:44 - 000000000 ____D C:\AMD
2021-04-25 17:32 - 2021-04-25 17:32 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Hard Disk Sentinel
2021-04-25 17:31 - 2021-04-26 07:53 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2021-04-25 17:31 - 2021-04-25 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2021-04-25 12:09 - 2021-04-25 12:09 - 018869868 _____ C:\Users\Dyfan\Desktop\mkvtoolnix-64-bit-56.1.0.7z
2021-04-25 11:58 - 2021-04-25 11:58 - 000000000 ____D C:\Users\Dyfan\ultracopier
2021-04-24 16:21 - 2021-04-25 10:50 - 000000000 ____D C:\Program Files (x86)\KillSoft
2021-04-21 21:11 - 2021-04-21 21:11 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\TagScanner
2021-04-21 21:11 - 2021-04-21 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner
2021-04-21 21:11 - 2021-04-21 21:11 - 000000000 ____D C:\Program Files\TagScanner
2021-04-21 21:10 - 2021-04-21 21:10 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\TagScanner_old
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\MAAT
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAAT
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\Program Files\MAAT
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\Program Files\Common Files\MAAT
2021-04-18 14:40 - 2021-04-18 14:40 - 000000630 _____ C:\Users\Dyfan\Desktop\Temp - Shortcut.lnk
2021-04-17 22:06 - 2021-04-17 22:06 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\r128gain
2021-04-17 13:01 - 2021-04-17 13:01 - 000000000 ____D C:\ProgramData\ASUS OC Profiles
2021-04-14 13:41 - 2021-04-14 13:41 - 000000000 ____D C:\Users\Dyfan\AppData\Local\IsolatedStorage

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 14:29 - 2021-01-25 17:11 - 000000000 ____D C:\Users\Dyfan\AppData\Local\OpenShell
2021-05-13 14:22 - 2021-01-25 22:37 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\qBittorrent
2021-05-13 13:46 - 2021-01-25 20:26 - 000000000 ____D C:\ProgramData\FanXpert2
2021-05-13 12:46 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2021-05-13 12:40 - 2021-01-25 17:06 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1704149506-1908064861-659173645-1001
2021-05-13 11:39 - 2021-01-25 21:27 - 000000000 ____D C:\Program Files\CCleaner
2021-05-13 11:35 - 2021-01-25 16:56 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-05-13 11:35 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 11:20 - 2021-01-25 21:07 - 000003032 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-05-13 11:20 - 2021-01-25 21:07 - 000000000 ____D C:\Program Files\Common Files\AV
2021-05-13 11:20 - 2021-01-25 21:06 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-05-13 11:20 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2021-05-13 11:19 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-13 11:19 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2021-05-13 11:12 - 2021-01-25 17:09 - 000003918 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{29C36ED8-C146-4CB0-97F8-C03FE50B218A}
2021-05-13 11:06 - 2021-01-26 11:14 - 000000000 ____D C:\Users\Dyfan\AppData\LocalLow\Mozilla
2021-05-13 11:06 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2021-05-13 10:10 - 2021-01-28 19:30 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\MPC-HC
2021-05-12 23:35 - 2021-01-26 00:36 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Everything
2021-05-12 23:35 - 2021-01-25 21:16 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Everything
2021-05-12 22:45 - 2021-01-25 21:56 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\foobar2000
2021-05-12 22:23 - 2021-02-01 14:06 - 000000000 ____D C:\Users\Dyfan\Documents\ShareX
2021-05-12 19:43 - 2021-02-02 13:37 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\vlc
2021-05-12 14:45 - 2021-02-01 14:01 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\calibre
2021-05-12 14:44 - 2021-02-01 14:03 - 000000000 ____D C:\Users\Dyfan\AppData\Local\calibre-cache
2021-05-12 10:37 - 2013-08-22 15:44 - 000337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 10:36 - 2014-03-18 15:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-05-12 10:20 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 10:19 - 2021-01-25 18:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 10:15 - 2021-01-25 18:08 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 20:50 - 2021-03-29 21:13 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\HandBrake
2021-05-11 15:20 - 2021-01-26 15:16 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Mp3tag
2021-05-11 14:27 - 2021-01-25 23:15 - 000000697 _____ C:\Users\Dyfan\Desktop\rush reissues.txt
2021-05-10 21:20 - 2021-01-25 17:38 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-10 11:04 - 2021-01-26 14:15 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\audacity
2021-05-09 10:52 - 2021-01-26 13:03 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-09 10:51 - 2021-01-26 13:03 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-08 10:23 - 2021-01-26 00:49 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-07 22:54 - 2021-01-26 14:12 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-05-06 22:00 - 2021-03-31 19:48 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\FFBatch
2021-05-05 15:18 - 2021-01-25 22:45 - 000000000 ____D C:\ProgramData\TEMP
2021-05-05 15:18 - 2021-01-25 22:45 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2021-05-04 23:32 - 2021-02-06 00:33 - 000000000 ____D C:\Users\Dyfan\AppData\Local\CrashDumps
2021-05-03 18:17 - 2021-03-16 12:42 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\ImgBurn
2021-05-02 12:25 - 2021-02-06 22:51 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\XRECODE3
2021-05-02 11:41 - 2021-01-26 13:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-05-02 11:41 - 2021-01-26 13:06 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-04-30 09:35 - 2021-01-26 00:54 - 000000000 ____D C:\ProgramData\Garmin
2021-04-30 09:35 - 2021-01-26 00:49 - 000003554 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2021-04-30 09:35 - 2021-01-26 00:49 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-04-30 09:29 - 2021-01-25 21:27 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-28 22:50 - 2021-01-28 20:07 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\CUE Tools
2021-04-26 08:44 - 2021-01-28 16:27 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Mozilla
2021-04-26 08:44 - 2021-01-25 16:54 - 000000000 ____D C:\Program Files\AMD
2021-04-25 16:33 - 2021-01-25 17:01 - 000000000 ____D C:\Users\Dyfan
2021-04-24 15:04 - 2021-04-03 22:55 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\BatchEncoder
2021-04-24 12:55 - 2021-01-27 12:24 - 000034240 _____ C:\WINDOWS\system32\BMXStateBkp-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-04-24 12:55 - 2021-01-27 12:24 - 000034240 _____ C:\WINDOWS\system32\BMXState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-04-24 12:55 - 2021-01-27 12:24 - 000030528 _____ C:\WINDOWS\system32\BMXCtrlState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-04-24 12:55 - 2021-01-27 12:24 - 000030528 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-04-24 12:55 - 2021-01-27 12:24 - 000011564 _____ C:\WINDOWS\system32\DVCState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-04-20 22:33 - 2021-01-26 14:12 - 000001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-04-20 21:13 - 2021-01-25 17:33 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 21:13 - 2021-01-25 17:33 - 000003204 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-17 23:46 - 2021-01-26 22:47 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\dBpoweramp
2021-04-17 13:13 - 2021-01-25 18:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-17 13:07 - 2021-01-25 18:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2021-04-17 13:07 - 2021-01-25 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-04-16 10:08 - 2021-03-31 18:18 - 000000000 ____D C:\Users\Dyfan\AppData\Local\clever_FFmpeg_GUI
2021-04-13 22:24 - 2014-03-18 16:26 - 000865068 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-13 10:41 - 2021-01-25 22:00 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-13 10:41 - 2021-01-25 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-13 10:40 - 2021-01-25 22:00 - 000000000 ____D C:\Program Files\WinRAR

==================== Files in the root of some directories ========

2021-05-01 14:04 - 2021-05-01 14:04 - 000099384 _____ () C:\Users\Dyfan\AppData\Roaming\inst.exe
2021-05-01 14:04 - 2021-05-01 14:04 - 000007859 _____ () C:\Users\Dyfan\AppData\Roaming\pcouffin.cat
2021-05-01 14:04 - 2021-05-01 14:04 - 000001167 _____ () C:\Users\Dyfan\AppData\Roaming\pcouffin.inf
2021-05-01 14:04 - 2021-05-01 14:04 - 000000055 _____ () C:\Users\Dyfan\AppData\Roaming\pcouffin.log
2021-05-01 14:04 - 2021-05-01 14:04 - 000082816 _____ (VSO Software) C:\Users\Dyfan\AppData\Roaming\pcouffin.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-05-08 11:22
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by Dyfan (13-05-2021 14:34:40)
Running from C:\Users\Dyfan\Desktop
Windows 8.1 (Update) (X64) (2021-01-25 16:01:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1704149506-1908064861-659173645-500 - Administrator - Disabled)
Dyfan (S-1-5-21-1704149506-1908064861-659173645-1001 - Administrator - Enabled) => C:\Users\Dyfan
Guest (S-1-5-21-1704149506-1908064861-659173645-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1704149506-1908064861-659173645-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Security Cloud (Enabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{19BDF435-8F4A-4AFC-80AE-AF007BD67A8E}) (Version: 4.15.1.4190 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{86b588ff-78bb-4251-85d5-56f2450b123a}) (Version: 4.14.2.4070 - Open Media LLC)
ANT Drivers Installer x64 (HKLM\...\{1BC0225E-AF99-4434-92CC-615111CE698F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Ant Video downloader (Native messaging host) (HKLM-x32\...\{41A57734-2ED5-449A-BAF0-F0B356417716}) (Version: 4.7 - Ant.com)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
AudioMuxer 0.9.6.4 (HKLM-x32\...\{E62BDA87-5FD3-4A47-9CF1-F3B04C542713}_is1) (Version: 0.9.6.4 - Pl4yit)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
calibre (HKLM-x32\...\{46FD03C7-BCA4-4075-A384-AE21E2155424}) (Version: 5.17.0 - Kovid Goyal)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
CrystalDiskInfo 8.12.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.0 - Crystal Dew World)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 17.3 - Illustrate)
Direct Folders (HKLM-x32\...\DirectFoldersAppID_is1) (Version: 3.8 - Code Sector)
Elevated Installer (HKLM-x32\...\{C3D3E0B3-6B8D-4AF4-B49A-3583E512ECE8}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Everything 1.4.1.1005 (x64) (HKLM\...\Everything) (Version: 1.4.1.1005 - voidtools)
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 9.1.6 - Poikosoft)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FFmpeg Batch AV Converter (HKLM\...\FFBATCH_cv_is1) (Version: 2.3.7 - Eibolsoft)
File Renamer - Basic (HKLM-x32\...\File Renamer - Basic) (Version: 6.3 - Sherrod Computers)
foobar2000 v1.6.5 (HKLM-x32\...\foobar2000) (Version: 1.6.5 - Peter Pawlowski)
Garmin Express (HKLM-x32\...\{034F279C-D74E-42F2-8CEC-216E91969B29}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{afe06296-a3d5-48cf-88a2-77629aeb124b}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries)
get_iplayer 3.27.1 (x64) (HKLM\...\get_iplayer_is1) (Version: 3.27.1 - The get_iplayer Contributors)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.61 - Janos Mathe)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Jackett (HKLM-x32\...\{C2A9FC00-AA48-4F17-9A72-62FBCEE2785B}_is1) (Version: 0.17.1032.0 - Jackett)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.9 - Oracle Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
K-Lite Codec Pack 16.1.6 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.1.6 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
MAAT DROffline MkII (HKLM\...\DROffline MkII_is1) (Version: 2.1.3 - MAAT)
MakeMKV v1.16.3 (HKLM-x32\...\MakeMKV) (Version: v1.16.3 - GuinpinSoft inc)
Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mp3tag v3.06a (HKLM-x32\...\Mp3tag) (Version: 3.06a - Florian Heidenreich)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
Open-Shell (HKLM\...\{F4B6EE58-F183-4B0D-930B-4480673C0F5B}) (Version: 4.4.160 - The Open-Shell Team)
PerfectDisk Professional Business (HKLM\...\{C4E01CDC-0063-493C-B383-9C4FCF7A89F7}) (Version: 14.0.893 - Raxco Software Inc.)
Python 3.9.5 (64-bit) (HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\{f3d4ed4c-f434-41ef-8469-ffadd80c4ccf}) (Version: 3.9.5150.0 - Python Software Foundation)
Python 3.9.5 Core Interpreter (64-bit) (HKLM\...\{FBB6299D-CB58-4177-B6A0-63BFB1C8C3AE}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Development Libraries (64-bit) (HKLM\...\{AEE58901-97A1-422A-B964-4FD9BF3327B8}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Documentation (64-bit) (HKLM\...\{4EFE695B-F377-4CB0-90E3-6AEEE22DEFEB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Executables (64-bit) (HKLM\...\{843C07B6-040E-4E83-B244-5383247D70AB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 pip Bootstrap (64-bit) (HKLM\...\{7559EB6B-36F9-4AE8-8970-532E4DC0ECA3}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Standard Library (64-bit) (HKLM\...\{F4DC18F4-6323-4BE8-A322-38268831BC24}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Tcl/Tk Support (64-bit) (HKLM\...\{351016A7-AED4-4824-8D2E-2F9ED497CF77}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Test Suite (64-bit) (HKLM\...\{605117B9-EE12-4498-A089-A63219191799}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Utility Scripts (64-bit) (HKLM\...\{420E50F6-A8E8-4098-A321-7DF6B3C3BA82}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B6EF11B6-0882-43B1-AA75-4D3BD32A144A}) (Version: 3.9.7427.0 - Python Software Foundation)
qBittorrent 4.3.5 (HKLM-x32\...\qBittorrent) (Version: 4.3.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 - ShareX Team)
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
TagScanner 6.1.8 (64-bit) (HKLM\...\TagScanner_is1) (Version:  - Sergey Serkov)
TeraCopy (HKLM\...\{952ED35A-74C3-4204-8F01-986D8711B41D}) (Version: 3.8.5 - Code Sector)
Trader's Little Helper 2.8.4 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.8.4 - Robert Hoffmann)
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.69 - VSO Software)
Weiss Engineering Saracon (HKLM-x32\...\Saracon) (Version: 01.61-27 - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.5 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)

Packages:
=========
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2021-01-25] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> )
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2020-09-08] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2020-09-08] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers5: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} =>  -> No File
ContextMenuHandlers6: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-05-07 18:11 - 2021-05-12 11:39 - 000205824 _____ () [File not signed] [File is in use] C:\ProgramData\Jackett\YamlDotNet.dll
2021-01-25 18:46 - 2010-08-23 11:17 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2021-01-25 18:47 - 2011-07-12 19:14 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2021-01-25 18:48 - 2012-10-08 17:07 - 000972288 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2021-01-25 18:47 - 2010-10-05 08:22 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2021-01-25 18:47 - 2010-10-05 08:22 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2021-01-25 18:47 - 2012-05-28 21:27 - 001622528 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2021-01-25 18:47 - 2009-08-12 20:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2021-01-25 18:48 - 2012-05-25 10:33 - 000883712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2021-01-25 18:48 - 2011-09-19 20:18 - 001243136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2021-01-25 18:47 - 2011-07-21 09:06 - 000846848 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2021-01-25 18:47 - 2012-08-29 18:09 - 000875520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2021-01-25 18:39 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2021-01-25 18:39 - 2021-05-13 11:35 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2021-05-12 15:17 - 2012-07-29 10:23 - 000073728 _____ () [File not signed] C:\Program Files (x86)\Direct Folders\dfh32.dll
2021-05-12 15:17 - 2012-07-29 10:22 - 000072192 _____ () [File not signed] C:\Program Files (x86)\Direct Folders\dfh64.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000829440 _____ (AngleSharp) [File not signed] [File is in use] C:\ProgramData\Jackett\AngleSharp.dll
2021-01-25 18:46 - 2010-08-09 22:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2021-01-25 18:47 - 2010-08-09 21:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2021-01-25 18:48 - 2010-11-30 14:13 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\asacpi.dll
2021-01-25 18:48 - 2021-01-25 18:46 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsAcpi.dll
2021-01-25 18:46 - 2010-08-12 08:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2021-01-25 18:47 - 2010-08-12 07:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2021-01-25 18:47 - 2010-10-05 08:22 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2021-01-25 18:48 - 2010-09-08 21:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2021-01-25 18:48 - 2012-06-15 00:03 - 001016320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2021-01-25 18:48 - 2012-03-21 19:41 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\asacpiEx.dll
2021-01-25 18:48 - 2010-06-03 20:04 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\AsMultiLang.dll
2021-01-25 18:48 - 2012-05-23 15:28 - 001545728 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\FanXpert2.dll
2021-01-25 18:48 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2021-01-25 18:47 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2021-01-25 18:47 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2021-01-25 18:48 - 2021-01-25 18:46 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\asacpiEx.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000251904 _____ (Autofac) [File not signed] [File is in use] C:\ProgramData\Jackett\Autofac.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000015872 _____ (Autofac) [File not signed] [File is in use] C:\ProgramData\Jackett\Autofac.Extensions.DependencyInjection.dll
2021-01-26 12:08 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2021-05-07 18:11 - 2021-05-12 11:39 - 000018432 _____ (Diego Heras (ngosang)) [File not signed] [File is in use] C:\ProgramData\Jackett\FlareSolverrSharp.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000217088 _____ (gsscoder;nemec;ericnewton76;moh-hassan) [File not signed] [File is in use] C:\ProgramData\Jackett\CommandLine.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 001252352 _____ (Jackett.Common) [File not signed] [File is in use] C:\ProgramData\Jackett\Jackett.Common.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000393216 _____ (JackettConsole) [File not signed] [File is in use] C:\ProgramData\Jackett\JackettConsole.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000312832 _____ (JackettService) [File not signed] [File is in use] C:\ProgramData\Jackett\JackettService.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000297472 _____ (Jimmy Bogard) [File not signed] [File is in use] C:\ProgramData\Jackett\AutoMapper.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000010752 _____ (Landon Key) [File not signed] [File is in use] C:\ProgramData\Jackett\SocksWebProxy.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000817152 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000046080 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.Extensions.Logging.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000046592 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.Web.AspNetCore.dll
2020-09-26 14:47 - 2020-09-26 14:47 - 000975872 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2020-09-26 14:47 - 2020-09-26 14:47 - 002659328 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2020-09-26 14:48 - 2020-09-26 14:48 - 000562688 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2021-05-07 18:11 - 2021-05-12 11:39 - 000028672 _____ (Org.Mentalis) [File not signed] [File is in use] C:\ProgramData\Jackett\Org.Mentalis.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [274]
AlternateDataStreams: C:\ProgramData\TEMP:D735933A [138]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80753807.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80753807.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\FFmpeg\bin;C:\FFmpeg\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\get_iplayer
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: kpm_launch_service => 3
HKLM\...\StartupApproved\Run: => "Open-Shell Start Menu"
HKLM\...\StartupApproved\Run: => "AsioReg"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "CTHelper"
HKLM\...\StartupApproved\Run32: => "CTxfiHlp"
HKLM\...\StartupApproved\Run32: => "AsioThk32Reg"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IJNetworkScanUtility"
HKLM\...\StartupApproved\Run32: => "PrivateFolder"
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "ultracopier"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A003020E-8BAC-4330-82F1-F03E00203013}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{CF7468BC-9F59-4C8E-86BA-3D871F5DD53D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{8316E5D8-B835-4D16-9E38-C7AF2CED5C45}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{91320F9D-2E42-4A2E-8579-6F1E7C408A23}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{84304862-91A3-42CD-B4D7-340314FBE947}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CFD4F7E8-995E-40BF-8E70-31F2DF31DC26}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [UDP Query User{E494B49E-5D0E-4FA9-8903-6AB0907EEBB2}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{AB327029-4A72-40CA-A83A-0C4DA4701735}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{BAB32843-1F0B-4697-92F7-69794BA2F8C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{39C3E5B7-4183-44C6-B740-E6E044917A87}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A715F1E7-C432-4286-9AD1-C7AE39E22061}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{3B02CCCE-05E3-497A-8E02-9AB5AAB2E0CE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-05-2021 13:42:31 Removed Kaspersky Password Manager

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/13/2021 11:34:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:34:56Z. Error Code: 0x80070005.

Error: (05/13/2021 11:34:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:34:26Z. Error Code: 0x80070005.

Error: (05/13/2021 11:33:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:33:56Z. Error Code: 0x80070005.

Error: (05/13/2021 11:33:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2121-04-19T10:33:26Z. Error Code: 0x80070005.

Error: (05/13/2021 11:07:11 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/13/2021 11:03:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.987, time stamp: 0x60894603
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process ID: 0x21e0
Faulting application start time: 0x01d747ded30be48e
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report ID: 844413d8-b3d2-11eb-82e7-50465db36e87
Faulting package full name:
Faulting package-relative application ID:

Error: (05/12/2021 09:55:44 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/11/2021 09:31:37 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.


System errors:
=============
Error: (05/13/2021 12:41:37 PM) (Source: DCOM) (EventID: 10010) (User: Sinbad)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (05/13/2021 12:41:07 PM) (Source: DCOM) (EventID: 10010) (User: Sinbad)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"5"
Happened while starting this command:
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding

Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"5"
Happened while starting this command:
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding

Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"5"
Happened while starting this command:
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding

Error: (05/13/2021 11:35:03 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"5"
Happened while starting this command:
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding

Error: (05/13/2021 11:34:20 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"5"
Happened while starting this command:
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding

Error: (05/13/2021 11:34:20 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error:
"5"
Happened while starting this command:
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding


Windows Defender:
================
Date: 2021-05-13 11:20:42.419
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-01-25 19:34:26.035
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.

Date: 2021-01-25 19:23:38.065
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-01-25 19:23:38.065
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-01-25 18:42:21.528
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: The resource is too old to be compatible.
Signature version: 1.155.266.0;1.155.266.0
Engine version: 1.1.9700.0

Date: 2021-01-25 16:58:01.819
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version: 1.1.17700.4
Previous Engine Version: 1.1.9700.0
Error Code: 0x8050800c
Error description: An unexpected problem occurred. Install any available updates, then try to start the program again. For information on installing updates, see Help and Support.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 5104 09/14/2012
Motherboard: ASUSTeK COMPUTER INC. F2A85-V PRO
Processor: AMD A6-6400K APU with Radeon™ HD Graphics
Percentage of memory in use: 40%
Total physical RAM: 7624.94 MB
Available physical RAM: 4533.46 MB
Total Virtual: 8840.94 MB
Available Virtual: 5199.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:90.89 GB) NTFS
Drive d: (Black) (Fixed) (Total:931.51 GB) (Free:294.3 GB) NTFS
Drive e: (Maxtor) (Fixed) (Total:152.66 GB) (Free:41.92 GB) NTFS
Drive h: (Toshiba) (Fixed) (Total:2794.39 GB) (Free:739.22 GB) NTFS
Drive i: (K1) (Removable) (Total:59.05 GB) (Free:32.76 GB) FAT32
Drive m: (New Volume) (Fixed) (Total:2794.39 GB) (Free:304 GB) NTFS

\\?\Volume{70be6976-5f25-11eb-824e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 2C402D9B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C9699AB9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 152.7 GB) (Disk ID: 7B25CC4E)
Partition 1: (Active) - (Size=152.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 4 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 5 (Protective MBR) (Size: 59.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Attached Files


Edited by RKinner, 13 May 2021 - 02:34 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,067 posts
  • MVP

I don't see anything obvious.  We can remove some dead wood, test a few files and the system files with a  fixlist.  Will take about 25 minutes to finish be patient.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   3.57KB   97 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.

 

I would run MBAR to rule out any rootkits:

 

Pause Kaspersky

 

Go to

https://www.malwareb...om/antirootkit/

 

Hit Download,

 

Save the file and then go to the folder and right click and Run As Admin.  Follow the instructions.

 

Turn on Kaspersky when done.

 

You might also try Rogue Killer.

 

http://www.adlice.co...iller/#download

Portable 64 bits

Download and Save.



Right click on the downloaded file (RogueKillerX64.exe or RogueKiller.exe)  and Run As admin

Start Scan
Start Scan

Will take about 20 minutes to complete.

Open Report
Export TXT (save it to your desktop as rk) Save

Do not let Rogue Killer remove anything until you hear from me.  Leave Rogue Killer up (but minimized) so you won't have to rescan.

Open rk.txt and copy and paste it to your next Reply.

 



 

 

 


  • 0

#3
northwalian1

northwalian1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Thanks for helping out, the Malwarebytes scan found nothing

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by Dyfan (15-05-2021 11:32:42) Run:1
Running from C:\Users\Dyfan\Desktop
Loaded Profiles: Dyfan
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\MountPoints2: {2b13ba87-5fe2-11eb-825c-50465db36e87} - "G:\Setup.exe"
Unlock: "C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll"
File: "C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll"
Unlock: "C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe"
File: "C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe"
Task: {C38DB12F-6996-49D9-A354-E58EA55CD46E} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [274]
AlternateDataStreams: C:\ProgramData\TEMP:D735933A [138]
ContextMenuHandlers1: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers2: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers4: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers5: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} =>  -> No File
ContextMenuHandlers6: [FastCopy] -> {72FF462B-AB7D-427A-A268-E22E414933D7} => C:\Users\Dyfan\FastCopy\FastEx64.dll -> No File
REG: reg query "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager"
REG: reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager"
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b13ba87-5fe2-11eb-825c-50465db36e87} => removed successfully
"C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll" => was unlocked
 
========================= File: "C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll" ========================
 
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
File is digitally signed
MD5: FF676AA0DBFC7D450452F5E060156C93
Creation and modification date: 2021-01-26 13:03 - 2021-05-09 10:51
Size: 006539696
Attributes: ----A
Company Name: Malwarebytes Inc -> The Qt Company Ltd.
Internal Name: 
Original Name: Qt5Core.dll
Product: Qt5
Description: C++ Application Development Framework
File Version: 5.14.1.0
Product Version: 5.14.1.0
Copyright: Copyright © 2020 The Qt Company Ltd.
 
====== End of File: ======
 
"C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe" => was unlocked
 
========================= File: "C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe" ========================
 
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1363_for_KB5003209~31bf3856ad364e35~amd64~~6.3.1.6.cat
File is digitally signed
MD5: 1DD684E647BF9DD3E486276F5FA07A11
Creation and modification date: 2021-01-25 17:44 - 2018-03-03 06:28
Size: 000419328
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: Wmiprvse.exe
Original Name: Wmiprvse.exe
Product: Microsoft® Windows® Operating System
Description: WMI Provider Host
File Version: 6.3.9600.18946 (winblue_ltsb_escrow.180302-1800)
Product Version: 6.3.9600.18946
Copyright: © Microsoft Corporation. All rights reserved.
 
====== End of File: ======
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C38DB12F-6996-49D9-A354-E58EA55CD46E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C38DB12F-6996-49D9-A354-E58EA55CD46E}" => removed successfully
C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" => removed successfully
HKLM\System\CurrentControlSet\Services\NMIndexingService => removed successfully
NMIndexingService => service removed successfully
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully
C:\ProgramData\TEMP => ":D735933A" ADS removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FastCopy => removed successfully
HKLM\Software\Classes\CLSID\{72FF462B-AB7D-427A-A268-E22E414933D7} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\FastCopy => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FastCopy => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\FastCopy => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\TeraCopy => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\FastCopy => removed successfully
 
========= reg query "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager" =========
 
 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
    GlobalFlag    REG_DWORD    0x0
    HeapDeCommitTotalFreeThreshold    REG_DWORD    0x0
    HeapSegmentCommit    REG_DWORD    0x0
    HeapDeCommitFreeBlockThreshold    REG_DWORD    0x0
    ResourceTimeoutCount    REG_DWORD    0x9e340
    ObjectDirectories    REG_MULTI_SZ    \Windows\0\RPC Control
    ProtectionMode    REG_DWORD    0x1
    CriticalSectionTimeout    REG_DWORD    0x278d00
    ProcessorControl    REG_DWORD    0x2
    HeapSegmentReserve    REG_DWORD    0x0
    ExcludeFromKnownDlls    REG_MULTI_SZ    
    BootExecute    REG_MULTI_SZ    PDBoot.exe\0autocheck autochk *\0sdnclean64.exe
    BootShell    REG_EXPAND_SZ    %SystemRoot%\system32\bootim.exe
    NumberOfInitialSessions    REG_DWORD    0x2
    RunLevelExecute    REG_MULTI_SZ    WinInit\0ServiceControlManager
    AutoChkTimeout    REG_DWORD    0x1
    RunLevelValidate    REG_MULTI_SZ    ServiceControlManager
    SetupExecute    REG_MULTI_SZ    
    PendingFileRenameOperations    REG_MULTI_SZ    \??\C:\WINDOWS\AppCompat\Programs\Amcache.hve.tmp\0!\??\C:\WINDOWS\AppCompat\Programs\Amcache.hve
 
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\AppCompatCache
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Configuration Manager
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\DOS Devices
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Executive
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\FileRenameOperations
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\I/O System
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Kernel
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\KnownDLLs
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\PDUnmovableFiles
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Power
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Quota System
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SubSystems
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\WPA
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" =========
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
    GlobalFlag    REG_DWORD    0x0
    HeapDeCommitTotalFreeThreshold    REG_DWORD    0x0
    HeapSegmentCommit    REG_DWORD    0x0
    HeapDeCommitFreeBlockThreshold    REG_DWORD    0x0
    ResourceTimeoutCount    REG_DWORD    0x9e340
    ObjectDirectories    REG_MULTI_SZ    \Windows\0\RPC Control
    ProtectionMode    REG_DWORD    0x1
    CriticalSectionTimeout    REG_DWORD    0x278d00
    ProcessorControl    REG_DWORD    0x2
    HeapSegmentReserve    REG_DWORD    0x0
    ExcludeFromKnownDlls    REG_MULTI_SZ    
    BootExecute    REG_MULTI_SZ    PDBoot.exe\0autocheck autochk *\0sdnclean64.exe
    BootShell    REG_EXPAND_SZ    %SystemRoot%\system32\bootim.exe
    NumberOfInitialSessions    REG_DWORD    0x2
    RunLevelExecute    REG_MULTI_SZ    WinInit\0ServiceControlManager
    AutoChkTimeout    REG_DWORD    0x1
    RunLevelValidate    REG_MULTI_SZ    ServiceControlManager
    SetupExecute    REG_MULTI_SZ    
    PendingFileRenameOperations    REG_MULTI_SZ    \??\C:\WINDOWS\AppCompat\Programs\Amcache.hve.tmp\0!\??\C:\WINDOWS\AppCompat\Programs\Amcache.hve
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCompatCache
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\DOS Devices
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Executive
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\I/O System
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PDUnmovableFiles
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Quota System
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\WPA
 
 
========= End of Reg: =========
 
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 6.3.9600.19408
 
Image Version: 6.3.9600.19397
 
The restore operation completed successfully. The component store corruption was repaired.
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
Verification 0% complete.Verification 0% complete.Verification 1% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 3% complete.Verification 4% complete.Verification 4% complete.Verification 5% complete.Verification 5% complete.Verification 5% complete.Verification 6% complete.Verification 6% complete.Verification 7% complete.Verification 7% complete.Verification 7% complete.Verification 8% complete.Verification 8% complete.Verification 9% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 11% complete.Verification 12% complete.Verification 12% complete.Verification 12% complete.Verification 13% complete.Verification 13% complete.Verification 14% complete.Verification 14% complete.Verification 15% complete.Verification 15% complete.Verification 15% complete.Verification 16% complete.Verification 16% complete.Verification 17% complete.Verification 17% complete.Verification 17% complete.Verification 18% complete.Verification 18% complete.Verification 19% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 23% complete.Verification 24% complete.Verification 24% complete.Verification 25% complete.Verification 25% complete.Verification 25% complete.Verification 26% complete.Verification 26% complete.Verification 27% complete.Verification 27% complete.Verification 28% complete.Verification 28% complete.Verification 28% complete.Verification 29% complete.Verification 29% complete.Verification 30% complete.Verification 30% complete.Verification 30% complete.Verification 31% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 33% complete.Verification 33% complete.Verification 34% complete.Verification 34% complete.Verification 35% complete.Verification 35% complete.Verification 35% complete.Verification 36% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 38% complete.Verification 38% complete.Verification 39% complete.Verification 39% complete.Verification 40% complete.Verification 40% complete.Verification 40% complete.Verification 41% complete.Verification 41% complete.Verification 42% complete.Verification 42% complete.Verification 43% complete.Verification 43% complete.Verification 43% complete.Verification 44% complete.Verification 44% complete.Verification 45% complete.Verification 45% complete.Verification 45% complete.Verification 46% complete.Verification 46% complete.Verification 47% complete.Verification 47% complete.Verification 48% complete.Verification 48% complete.Verification 48% complete.Verification 49% complete.Verification 49% complete.Verification 50% complete.Verification 50% complete.Verification 51% complete.Verification 51% complete.Verification 51% complete.Verification 52% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 56% complete.Verification 56% complete.Verification 57% complete.Verification 57% complete.Verification 58% complete.Verification 58% complete.Verification 58% complete.Verification 59% complete.Verification 59% complete.Verification 60% complete.Verification 60% complete.Verification 61% complete.Verification 61% complete.Verification 61% complete.Verification 62% complete.Verification 62% complete.Verification 63% complete.Verification 63% complete.Verification 63% complete.Verification 64% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 66% complete.Verification 66% complete.Verification 67% complete.Verification 67% complete.Verification 68% complete.Verification 68% complete.Verification 68% complete.Verification 69% complete.Verification 69% complete.Verification 70% complete.Verification 70% complete.Verification 71% complete.Verification 71% complete.Verification 71% complete.Verification 72% complete.Verification 72% complete.Verification 73% complete.Verification 73% complete.Verification 74% complete.Verification 74% complete.Verification 74% complete.Verification 75% complete.Verification 75% complete.Verification 76% complete.Verification 76% complete.Verification 76% complete.Verification 77% complete.Verification 77% complete.Verification 78% complete.Verification 78% complete.Verification 79% complete.Verification 79% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 81% complete.Verification 81% complete.Verification 82% complete.Verification 82% complete.Verification 83% complete.Verification 83% complete.Verification 84% complete.Verification 84% complete.Verification 84% complete.Verification 85% complete.Verification 85% complete.Verification 86% complete.Verification 86% complete.Verification 86% complete.Verification 87% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 89% complete.Verification 89% complete.Verification 90% complete.Verification 90% complete.Verification 91% complete.Verification 91% complete.Verification 91% complete.Verification 92% complete.Verification 92% complete.Verification 93% complete.Verification 93% complete.Verification 94% complete.Verification 94% complete.Verification 94% complete.Verification 95% complete.Verification 95% complete.Verification 96% complete.Verification 96% complete.Verification 97% complete.Verification 97% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 99% complete.Verification 99% complete.Verification 100% complete.
 
 
Windows Resource Protection did not find any integrity violations.
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2021-05-15 11:39:59, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:39:59, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:01, Info                  CSI    00000017 [SR] Verify complete
2021-05-15 11:40:01, Info                  CSI    00000018 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:01, Info                  CSI    00000019 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:03, Info                  CSI    0000001a [SR] Verify complete
2021-05-15 11:40:03, Info                  CSI    0000001b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:03, Info                  CSI    0000001c [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:04, Info                  CSI    0000001d [SR] Verify complete
2021-05-15 11:40:04, Info                  CSI    0000001e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:04, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:06, Info                  CSI    00000020 [SR] Verify complete
2021-05-15 11:40:06, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:06, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:08, Info                  CSI    00000023 [SR] Verify complete
2021-05-15 11:40:08, Info                  CSI    00000024 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:08, Info                  CSI    00000025 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:10, Info                  CSI    00000026 [SR] Verify complete
2021-05-15 11:40:10, Info                  CSI    00000027 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:10, Info                  CSI    00000028 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:11, Info                  CSI    00000029 [SR] Verify complete
2021-05-15 11:40:11, Info                  CSI    0000002a [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:11, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:13, Info                  CSI    0000002c [SR] Verify complete
2021-05-15 11:40:13, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:13, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:15, Info                  CSI    0000002f [SR] Verify complete
2021-05-15 11:40:15, Info                  CSI    00000030 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:15, Info                  CSI    00000031 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:16, Info                  CSI    00000032 [SR] Verify complete
2021-05-15 11:40:17, Info                  CSI    00000033 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:17, Info                  CSI    00000034 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:18, Info                  CSI    00000035 [SR] Verify complete
2021-05-15 11:40:18, Info                  CSI    00000036 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:18, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:20, Info                  CSI    00000038 [SR] Verify complete
2021-05-15 11:40:20, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:20, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:22, Info                  CSI    0000003b [SR] Verify complete
2021-05-15 11:40:22, Info                  CSI    0000003c [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:22, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:23, Info                  CSI    0000003e [SR] Verify complete
2021-05-15 11:40:23, Info                  CSI    0000003f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:23, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:25, Info                  CSI    00000041 [SR] Verify complete
2021-05-15 11:40:25, Info                  CSI    00000042 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:25, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:27, Info                  CSI    00000044 [SR] Verify complete
2021-05-15 11:40:27, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:27, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:28, Info                  CSI    00000047 [SR] Verify complete
2021-05-15 11:40:28, Info                  CSI    00000048 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:28, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:30, Info                  CSI    0000004a [SR] Verify complete
2021-05-15 11:40:30, Info                  CSI    0000004b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:30, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:32, Info                  CSI    0000004d [SR] Verify complete
2021-05-15 11:40:32, Info                  CSI    0000004e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:32, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:33, Info                  CSI    00000050 [SR] Verify complete
2021-05-15 11:40:33, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:33, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:35, Info                  CSI    00000053 [SR] Verify complete
2021-05-15 11:40:35, Info                  CSI    00000054 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:35, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:37, Info                  CSI    00000056 [SR] Verify complete
2021-05-15 11:40:37, Info                  CSI    00000057 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:37, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:38, Info                  CSI    00000059 [SR] Verify complete
2021-05-15 11:40:39, Info                  CSI    0000005a [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:39, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:40, Info                  CSI    0000005c [SR] Verify complete
2021-05-15 11:40:40, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:40, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:42, Info                  CSI    0000005f [SR] Verify complete
2021-05-15 11:40:42, Info                  CSI    00000060 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:42, Info                  CSI    00000061 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:43, Info                  CSI    00000062 [SR] Verify complete
2021-05-15 11:40:44, Info                  CSI    00000063 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:44, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:45, Info                  CSI    00000065 [SR] Verify complete
2021-05-15 11:40:45, Info                  CSI    00000066 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:45, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:47, Info                  CSI    00000068 [SR] Verify complete
2021-05-15 11:40:47, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:47, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:48, Info                  CSI    0000006b [SR] Verify complete
2021-05-15 11:40:49, Info                  CSI    0000006c [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:49, Info                  CSI    0000006d [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:50, Info                  CSI    0000006e [SR] Verify complete
2021-05-15 11:40:50, Info                  CSI    0000006f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:50, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:52, Info                  CSI    00000071 [SR] Verify complete
2021-05-15 11:40:52, Info                  CSI    00000072 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:52, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:54, Info                  CSI    00000074 [SR] Verify complete
2021-05-15 11:40:54, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:54, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:55, Info                  CSI    00000077 [SR] Verify complete
2021-05-15 11:40:55, Info                  CSI    00000078 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:55, Info                  CSI    00000079 [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:57, Info                  CSI    0000007a [SR] Verify complete
2021-05-15 11:40:57, Info                  CSI    0000007b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:57, Info                  CSI    0000007c [SR] Beginning Verify and Repair transaction
2021-05-15 11:40:59, Info                  CSI    0000007d [SR] Verify complete
2021-05-15 11:40:59, Info                  CSI    0000007e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:40:59, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:00, Info                  CSI    00000080 [SR] Verify complete
2021-05-15 11:41:00, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:00, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:02, Info                  CSI    00000083 [SR] Verify complete
2021-05-15 11:41:02, Info                  CSI    00000084 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:02, Info                  CSI    00000085 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:04, Info                  CSI    00000086 [SR] Verify complete
2021-05-15 11:41:04, Info                  CSI    00000087 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:04, Info                  CSI    00000088 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:05, Info                  CSI    00000089 [SR] Verify complete
2021-05-15 11:41:05, Info                  CSI    0000008a [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:05, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:07, Info                  CSI    0000008c [SR] Verify complete
2021-05-15 11:41:07, Info                  CSI    0000008d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:07, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:09, Info                  CSI    0000008f [SR] Verify complete
2021-05-15 11:41:09, Info                  CSI    00000090 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:09, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:11, Info                  CSI    00000092 [SR] Verify complete
2021-05-15 11:41:11, Info                  CSI    00000093 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:11, Info                  CSI    00000094 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:13, Info                  CSI    00000095 [SR] Verify complete
2021-05-15 11:41:13, Info                  CSI    00000096 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:13, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:14, Info                  CSI    00000098 [SR] Verify complete
2021-05-15 11:41:14, Info                  CSI    00000099 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:14, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:16, Info                  CSI    0000009b [SR] Verify complete
2021-05-15 11:41:16, Info                  CSI    0000009c [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:16, Info                  CSI    0000009d [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:18, Info                  CSI    0000009e [SR] Verify complete
2021-05-15 11:41:18, Info                  CSI    0000009f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:18, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:19, Info                  CSI    000000a1 [SR] Verify complete
2021-05-15 11:41:19, Info                  CSI    000000a2 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:19, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:21, Info                  CSI    000000a4 [SR] Verify complete
2021-05-15 11:41:21, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:21, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:23, Info                  CSI    000000a7 [SR] Verify complete
2021-05-15 11:41:23, Info                  CSI    000000a8 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:23, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:24, Info                  CSI    000000aa [SR] Verify complete
2021-05-15 11:41:24, Info                  CSI    000000ab [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:24, Info                  CSI    000000ac [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:26, Info                  CSI    000000ad [SR] Verify complete
2021-05-15 11:41:26, Info                  CSI    000000ae [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:26, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:28, Info                  CSI    000000b0 [SR] Verify complete
2021-05-15 11:41:28, Info                  CSI    000000b1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:28, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:29, Info                  CSI    000000b3 [SR] Verify complete
2021-05-15 11:41:29, Info                  CSI    000000b4 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:29, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:31, Info                  CSI    000000b6 [SR] Verify complete
2021-05-15 11:41:31, Info                  CSI    000000b7 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:31, Info                  CSI    000000b8 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:33, Info                  CSI    000000b9 [SR] Verify complete
2021-05-15 11:41:33, Info                  CSI    000000ba [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:33, Info                  CSI    000000bb [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:34, Info                  CSI    000000bc [SR] Verify complete
2021-05-15 11:41:34, Info                  CSI    000000bd [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:34, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:36, Info                  CSI    000000bf [SR] Verify complete
2021-05-15 11:41:36, Info                  CSI    000000c0 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:36, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:38, Info                  CSI    000000c2 [SR] Verify complete
2021-05-15 11:41:38, Info                  CSI    000000c3 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:38, Info                  CSI    000000c4 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:39, Info                  CSI    000000c5 [SR] Verify complete
2021-05-15 11:41:39, Info                  CSI    000000c6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:39, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:41, Info                  CSI    000000c9 [SR] Verify complete
2021-05-15 11:41:41, Info                  CSI    000000ca [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:41, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:43, Info                  CSI    000000cc [SR] Verify complete
2021-05-15 11:41:43, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:43, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:45, Info                  CSI    000000cf [SR] Verify complete
2021-05-15 11:41:45, Info                  CSI    000000d0 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:45, Info                  CSI    000000d1 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:47, Info                  CSI    000000d2 [SR] Verify complete
2021-05-15 11:41:47, Info                  CSI    000000d3 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:47, Info                  CSI    000000d4 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:48, Info                  CSI    000000d5 [SR] Verify complete
2021-05-15 11:41:48, Info                  CSI    000000d6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:48, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:50, Info                  CSI    000000d8 [SR] Verify complete
2021-05-15 11:41:50, Info                  CSI    000000d9 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:50, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:52, Info                  CSI    000000db [SR] Verify complete
2021-05-15 11:41:52, Info                  CSI    000000dc [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:52, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:54, Info                  CSI    000000de [SR] Verify complete
2021-05-15 11:41:54, Info                  CSI    000000df [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:54, Info                  CSI    000000e0 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:55, Info                  CSI    000000e1 [SR] Verify complete
2021-05-15 11:41:55, Info                  CSI    000000e2 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:55, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:57, Info                  CSI    000000e4 [SR] Verify complete
2021-05-15 11:41:57, Info                  CSI    000000e5 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:57, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2021-05-15 11:41:59, Info                  CSI    000000e7 [SR] Verify complete
2021-05-15 11:41:59, Info                  CSI    000000e8 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:41:59, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:01, Info                  CSI    000000ea [SR] Verify complete
2021-05-15 11:42:01, Info                  CSI    000000eb [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:01, Info                  CSI    000000ec [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:02, Info                  CSI    000000ed [SR] Verify complete
2021-05-15 11:42:02, Info                  CSI    000000ee [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:02, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:04, Info                  CSI    000000f0 [SR] Verify complete
2021-05-15 11:42:04, Info                  CSI    000000f1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:04, Info                  CSI    000000f2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:06, Info                  CSI    000000f3 [SR] Verify complete
2021-05-15 11:42:07, Info                  CSI    000000f4 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:07, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:08, Info                  CSI    000000f6 [SR] Verify complete
2021-05-15 11:42:08, Info                  CSI    000000f7 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:08, Info                  CSI    000000f8 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:10, Info                  CSI    000000f9 [SR] Verify complete
2021-05-15 11:42:10, Info                  CSI    000000fa [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:10, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:11, Info                  CSI    000000fc [SR] Verify complete
2021-05-15 11:42:11, Info                  CSI    000000fd [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:11, Info                  CSI    000000fe [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:13, Info                  CSI    000000ff [SR] Verify complete
2021-05-15 11:42:13, Info                  CSI    00000100 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:13, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:15, Info                  CSI    00000102 [SR] Verify complete
2021-05-15 11:42:15, Info                  CSI    00000103 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:15, Info                  CSI    00000104 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:17, Info                  CSI    00000105 [SR] Verify complete
2021-05-15 11:42:17, Info                  CSI    00000106 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:17, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:18, Info                  CSI    00000108 [SR] Verify complete
2021-05-15 11:42:18, Info                  CSI    00000109 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:18, Info                  CSI    0000010a [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:20, Info                  CSI    0000010b [SR] Verify complete
2021-05-15 11:42:20, Info                  CSI    0000010c [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:20, Info                  CSI    0000010d [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:22, Info                  CSI    0000010e [SR] Verify complete
2021-05-15 11:42:22, Info                  CSI    0000010f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:22, Info                  CSI    00000110 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:23, Info                  CSI    00000111 [SR] Verify complete
2021-05-15 11:42:23, Info                  CSI    00000112 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:23, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:25, Info                  CSI    00000114 [SR] Verify complete
2021-05-15 11:42:25, Info                  CSI    00000115 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:25, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:27, Info                  CSI    00000117 [SR] Verify complete
2021-05-15 11:42:27, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:27, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:28, Info                  CSI    0000011a [SR] Verify complete
2021-05-15 11:42:29, Info                  CSI    0000011b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:29, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:30, Info                  CSI    0000011d [SR] Verify complete
2021-05-15 11:42:30, Info                  CSI    0000011e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:30, Info                  CSI    0000011f [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:32, Info                  CSI    00000120 [SR] Verify complete
2021-05-15 11:42:32, Info                  CSI    00000121 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:32, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:34, Info                  CSI    00000123 [SR] Verify complete
2021-05-15 11:42:34, Info                  CSI    00000124 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:34, Info                  CSI    00000125 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:35, Info                  CSI    00000126 [SR] Verify complete
2021-05-15 11:42:35, Info                  CSI    00000127 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:35, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:37, Info                  CSI    00000129 [SR] Verify complete
2021-05-15 11:42:37, Info                  CSI    0000012a [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:37, Info                  CSI    0000012b [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:40, Info                  CSI    0000012c [SR] Verify complete
2021-05-15 11:42:40, Info                  CSI    0000012d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:40, Info                  CSI    0000012e [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:42, Info                  CSI    0000012f [SR] Verify complete
2021-05-15 11:42:42, Info                  CSI    00000130 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:42, Info                  CSI    00000131 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:45, Info                  CSI    00000132 [SR] Verify complete
2021-05-15 11:42:45, Info                  CSI    00000133 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:45, Info                  CSI    00000134 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:47, Info                  CSI    0000014d [SR] Verify complete
2021-05-15 11:42:48, Info                  CSI    0000014e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:48, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:51, Info                  CSI    00000156 [SR] Verify complete
2021-05-15 11:42:52, Info                  CSI    00000157 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:52, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:55, Info                  CSI    0000015b [SR] Verify complete
2021-05-15 11:42:55, Info                  CSI    0000015c [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:55, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2021-05-15 11:42:58, Info                  CSI    00000166 [SR] Verify complete
2021-05-15 11:42:58, Info                  CSI    00000167 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:42:58, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:01, Info                  CSI    0000016e [SR] Verify complete
2021-05-15 11:43:01, Info                  CSI    0000016f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:01, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:04, Info                  CSI    00000171 [SR] Verify complete
2021-05-15 11:43:04, Info                  CSI    00000172 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:04, Info                  CSI    00000173 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:07, Info                  CSI    00000175 [SR] Verify complete
2021-05-15 11:43:07, Info                  CSI    00000176 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:07, Info                  CSI    00000177 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:13, Info                  CSI    00000198 [SR] Verify complete
2021-05-15 11:43:13, Info                  CSI    00000199 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:13, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:19, Info                  CSI    000001be [SR] Verify complete
2021-05-15 11:43:19, Info                  CSI    000001bf [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:19, Info                  CSI    000001c0 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:23, Info                  CSI    000001ca [SR] Verify complete
2021-05-15 11:43:23, Info                  CSI    000001cb [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:23, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:26, Info                  CSI    000001d5 [SR] Verify complete
2021-05-15 11:43:27, Info                  CSI    000001d6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:27, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:31, Info                  CSI    000001ef [SR] Verify complete
2021-05-15 11:43:31, Info                  CSI    000001f0 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:31, Info                  CSI    000001f1 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:34, Info                  CSI    000001f7 [SR] Verify complete
2021-05-15 11:43:34, Info                  CSI    000001f8 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:34, Info                  CSI    000001f9 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:38, Info                  CSI    000001fa [SR] Verify complete
2021-05-15 11:43:38, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:38, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:41, Info                  CSI    00000201 [SR] Verify complete
2021-05-15 11:43:41, Info                  CSI    00000202 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:41, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:45, Info                  CSI    00000220 [SR] Verify complete
2021-05-15 11:43:45, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:45, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:50, Info                  CSI    00000242 [SR] Verify complete
2021-05-15 11:43:50, Info                  CSI    00000243 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:50, Info                  CSI    00000244 [SR] Beginning Verify and Repair transaction
2021-05-15 11:43:59, Info                  CSI    0000027a [SR] Verify complete
2021-05-15 11:43:59, Info                  CSI    0000027b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:43:59, Info                  CSI    0000027c [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:06, Info                  CSI    0000027e [SR] Verify complete
2021-05-15 11:44:06, Info                  CSI    0000027f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:06, Info                  CSI    00000280 [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:09, Info                  CSI    00000288 [SR] Verify complete
2021-05-15 11:44:09, Info                  CSI    00000289 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:09, Info                  CSI    0000028a [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:13, Info                  CSI    000002a0 [SR] Verify complete
2021-05-15 11:44:13, Info                  CSI    000002a1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:13, Info                  CSI    000002a2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:18, Info                  CSI    000002b1 [SR] Verify complete
2021-05-15 11:44:18, Info                  CSI    000002b2 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:18, Info                  CSI    000002b3 [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:20, Info                  CSI    000002b4 [SR] Verify complete
2021-05-15 11:44:20, Info                  CSI    000002b5 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:20, Info                  CSI    000002b6 [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:23, Info                  CSI    000002ba [SR] Verify complete
2021-05-15 11:44:23, Info                  CSI    000002bb [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:23, Info                  CSI    000002bc [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:26, Info                  CSI    000002c5 [SR] Verify complete
2021-05-15 11:44:26, Info                  CSI    000002c6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:26, Info                  CSI    000002c7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:29, Info                  CSI    0000033c [SR] Verify complete
2021-05-15 11:44:30, Info                  CSI    0000033d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:30, Info                  CSI    0000033e [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:34, Info                  CSI    00000345 [SR] Verify complete
2021-05-15 11:44:34, Info                  CSI    00000346 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:34, Info                  CSI    00000347 [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:38, Info                  CSI    00000358 [SR] Verify complete
2021-05-15 11:44:38, Info                  CSI    00000359 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:38, Info                  CSI    0000035a [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:47, Info                  CSI    0000035b [SR] Verify complete
2021-05-15 11:44:47, Info                  CSI    0000035c [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:47, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:54, Info                  CSI    00000362 [SR] Verify complete
2021-05-15 11:44:54, Info                  CSI    00000363 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:54, Info                  CSI    00000364 [SR] Beginning Verify and Repair transaction
2021-05-15 11:44:59, Info                  CSI    0000037d [SR] Verify complete
2021-05-15 11:44:59, Info                  CSI    0000037e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:44:59, Info                  CSI    0000037f [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:05, Info                  CSI    0000038a [SR] Verify complete
2021-05-15 11:45:05, Info                  CSI    0000038b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:05, Info                  CSI    0000038c [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:07, Info                  CSI    0000038e [SR] Verify complete
2021-05-15 11:45:08, Info                  CSI    0000038f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:08, Info                  CSI    00000390 [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:17, Info                  CSI    000003ad [SR] Verify complete
2021-05-15 11:45:17, Info                  CSI    000003ae [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:17, Info                  CSI    000003af [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:20, Info                  CSI    000003b5 [SR] Verify complete
2021-05-15 11:45:20, Info                  CSI    000003b6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:20, Info                  CSI    000003b7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:23, Info                  CSI    000003bd [SR] Verify complete
2021-05-15 11:45:23, Info                  CSI    000003be [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:23, Info                  CSI    000003bf [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:29, Info                  CSI    000003c9 [SR] Verify complete
2021-05-15 11:45:29, Info                  CSI    000003ca [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:29, Info                  CSI    000003cb [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:33, Info                  CSI    000003fa [SR] Verify complete
2021-05-15 11:45:34, Info                  CSI    000003fb [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:34, Info                  CSI    000003fc [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:36, Info                  CSI    000003fd [SR] Verify complete
2021-05-15 11:45:36, Info                  CSI    000003fe [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:36, Info                  CSI    000003ff [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:40, Info                  CSI    0000040c [SR] Verify complete
2021-05-15 11:45:40, Info                  CSI    0000040d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:40, Info                  CSI    0000040e [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:42, Info                  CSI    0000041f [SR] Verify complete
2021-05-15 11:45:43, Info                  CSI    00000420 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:43, Info                  CSI    00000421 [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:46, Info                  CSI    0000042f [SR] Verify complete
2021-05-15 11:45:46, Info                  CSI    00000430 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:46, Info                  CSI    00000431 [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:49, Info                  CSI    0000043c [SR] Verify complete
2021-05-15 11:45:49, Info                  CSI    0000043d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:49, Info                  CSI    0000043e [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:52, Info                  CSI    00000443 [SR] Verify complete
2021-05-15 11:45:53, Info                  CSI    00000444 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:53, Info                  CSI    00000445 [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:56, Info                  CSI    00000447 [SR] Verify complete
2021-05-15 11:45:56, Info                  CSI    00000448 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:56, Info                  CSI    00000449 [SR] Beginning Verify and Repair transaction
2021-05-15 11:45:59, Info                  CSI    0000044d [SR] Verify complete
2021-05-15 11:45:59, Info                  CSI    0000044e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:45:59, Info                  CSI    0000044f [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:02, Info                  CSI    0000045c [SR] Verify complete
2021-05-15 11:46:02, Info                  CSI    0000045d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:02, Info                  CSI    0000045e [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:05, Info                  CSI    00000460 [SR] Verify complete
2021-05-15 11:46:05, Info                  CSI    00000461 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:05, Info                  CSI    00000462 [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:09, Info                  CSI    00000467 [SR] Verify complete
2021-05-15 11:46:09, Info                  CSI    00000468 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:09, Info                  CSI    00000469 [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:13, Info                  CSI    00000476 [SR] Verify complete
2021-05-15 11:46:14, Info                  CSI    00000477 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:14, Info                  CSI    00000478 [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:17, Info                  CSI    0000047b [SR] Verify complete
2021-05-15 11:46:17, Info                  CSI    0000047c [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:17, Info                  CSI    0000047d [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:22, Info                  CSI    000004b3 [SR] Verify complete
2021-05-15 11:46:22, Info                  CSI    000004b4 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:22, Info                  CSI    000004b5 [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:26, Info                  CSI    000004bd [SR] Verify complete
2021-05-15 11:46:26, Info                  CSI    000004be [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:26, Info                  CSI    000004bf [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:29, Info                  CSI    000004c4 [SR] Verify complete
2021-05-15 11:46:30, Info                  CSI    000004c5 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:30, Info                  CSI    000004c6 [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:33, Info                  CSI    000004ca [SR] Verify complete
2021-05-15 11:46:33, Info                  CSI    000004cb [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:33, Info                  CSI    000004cc [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:40, Info                  CSI    000004cd [SR] Verify complete
2021-05-15 11:46:40, Info                  CSI    000004ce [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:40, Info                  CSI    000004cf [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:44, Info                  CSI    000004d5 [SR] Verify complete
2021-05-15 11:46:44, Info                  CSI    000004d6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:44, Info                  CSI    000004d7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:47, Info                  CSI    000004db [SR] Verify complete
2021-05-15 11:46:47, Info                  CSI    000004dc [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:47, Info                  CSI    000004dd [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:52, Info                  CSI    000004ef [SR] Verify complete
2021-05-15 11:46:53, Info                  CSI    000004f0 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:53, Info                  CSI    000004f1 [SR] Beginning Verify and Repair transaction
2021-05-15 11:46:57, Info                  CSI    000004f7 [SR] Verify complete
2021-05-15 11:46:57, Info                  CSI    000004f8 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:46:57, Info                  CSI    000004f9 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:01, Info                  CSI    00000506 [SR] Verify complete
2021-05-15 11:47:01, Info                  CSI    00000507 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:01, Info                  CSI    00000508 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:04, Info                  CSI    00000516 [SR] Verify complete
2021-05-15 11:47:04, Info                  CSI    00000517 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:04, Info                  CSI    00000518 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:08, Info                  CSI    0000051a [SR] Verify complete
2021-05-15 11:47:08, Info                  CSI    0000051b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:08, Info                  CSI    0000051c [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:14, Info                  CSI    00000522 [SR] Verify complete
2021-05-15 11:47:14, Info                  CSI    00000523 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:14, Info                  CSI    00000524 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:19, Info                  CSI    00000557 [SR] Verify complete
2021-05-15 11:47:19, Info                  CSI    00000558 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:19, Info                  CSI    00000559 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:22, Info                  CSI    0000055c [SR] Verify complete
2021-05-15 11:47:22, Info                  CSI    0000055d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:22, Info                  CSI    0000055e [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:26, Info                  CSI    0000056d [SR] Verify complete
2021-05-15 11:47:26, Info                  CSI    0000056e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:26, Info                  CSI    0000056f [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:28, Info                  CSI    00000570 [SR] Verify complete
2021-05-15 11:47:28, Info                  CSI    00000571 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:28, Info                  CSI    00000572 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:32, Info                  CSI    00000574 [SR] Verify complete
2021-05-15 11:47:32, Info                  CSI    00000575 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:32, Info                  CSI    00000576 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:36, Info                  CSI    00000577 [SR] Verify complete
2021-05-15 11:47:36, Info                  CSI    00000578 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:36, Info                  CSI    00000579 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:38, Info                  CSI    0000057a [SR] Verify complete
2021-05-15 11:47:39, Info                  CSI    0000057b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:39, Info                  CSI    0000057c [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:42, Info                  CSI    0000057d [SR] Verify complete
2021-05-15 11:47:42, Info                  CSI    0000057e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:42, Info                  CSI    0000057f [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:45, Info                  CSI    00000580 [SR] Verify complete
2021-05-15 11:47:45, Info                  CSI    00000581 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:45, Info                  CSI    00000582 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:49, Info                  CSI    00000583 [SR] Verify complete
2021-05-15 11:47:49, Info                  CSI    00000584 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:49, Info                  CSI    00000585 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:51, Info                  CSI    00000586 [SR] Verify complete
2021-05-15 11:47:51, Info                  CSI    00000587 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:51, Info                  CSI    00000588 [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:54, Info                  CSI    00000589 [SR] Verify complete
2021-05-15 11:47:54, Info                  CSI    0000058a [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:54, Info                  CSI    0000058b [SR] Beginning Verify and Repair transaction
2021-05-15 11:47:57, Info                  CSI    0000058c [SR] Verify complete
2021-05-15 11:47:57, Info                  CSI    0000058d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:47:57, Info                  CSI    0000058e [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:00, Info                  CSI    000005ad [SR] Verify complete
2021-05-15 11:48:00, Info                  CSI    000005ae [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:00, Info                  CSI    000005af [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:02, Info                  CSI    000005b0 [SR] Verify complete
2021-05-15 11:48:02, Info                  CSI    000005b1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:02, Info                  CSI    000005b2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:08, Info                  CSI    000005b5 [SR] Verify complete
2021-05-15 11:48:08, Info                  CSI    000005b6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:08, Info                  CSI    000005b7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:13, Info                  CSI    000005b8 [SR] Verify complete
2021-05-15 11:48:13, Info                  CSI    000005b9 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:13, Info                  CSI    000005ba [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:16, Info                  CSI    000005bb [SR] Verify complete
2021-05-15 11:48:16, Info                  CSI    000005bc [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:16, Info                  CSI    000005bd [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:19, Info                  CSI    000005be [SR] Verify complete
2021-05-15 11:48:19, Info                  CSI    000005bf [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:19, Info                  CSI    000005c0 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:23, Info                  CSI    000005c1 [SR] Verify complete
2021-05-15 11:48:24, Info                  CSI    000005c2 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:24, Info                  CSI    000005c3 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:30, Info                  CSI    000005c5 [SR] Verify complete
2021-05-15 11:48:30, Info                  CSI    000005c6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:30, Info                  CSI    000005c7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:34, Info                  CSI    000005ce [SR] Verify complete
2021-05-15 11:48:34, Info                  CSI    000005cf [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:34, Info                  CSI    000005d0 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:37, Info                  CSI    000005e3 [SR] Verify complete
2021-05-15 11:48:37, Info                  CSI    000005e4 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:37, Info                  CSI    000005e5 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:40, Info                  CSI    00000641 [SR] Verify complete
2021-05-15 11:48:41, Info                  CSI    00000642 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:41, Info                  CSI    00000643 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:44, Info                  CSI    00000646 [SR] Verify complete
2021-05-15 11:48:44, Info                  CSI    00000647 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:44, Info                  CSI    00000648 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:46, Info                  CSI    00000649 [SR] Verify complete
2021-05-15 11:48:47, Info                  CSI    0000064a [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:47, Info                  CSI    0000064b [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:49, Info                  CSI    0000064c [SR] Verify complete
2021-05-15 11:48:50, Info                  CSI    0000064d [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:50, Info                  CSI    0000064e [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:52, Info                  CSI    0000064f [SR] Verify complete
2021-05-15 11:48:52, Info                  CSI    00000650 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:52, Info                  CSI    00000651 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:55, Info                  CSI    00000652 [SR] Verify complete
2021-05-15 11:48:55, Info                  CSI    00000653 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:55, Info                  CSI    00000654 [SR] Beginning Verify and Repair transaction
2021-05-15 11:48:58, Info                  CSI    00000660 [SR] Verify complete
2021-05-15 11:48:58, Info                  CSI    00000661 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:48:58, Info                  CSI    00000662 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:02, Info                  CSI    00000672 [SR] Verify complete
2021-05-15 11:49:02, Info                  CSI    00000673 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:02, Info                  CSI    00000674 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:06, Info                  CSI    0000068a [SR] Verify complete
2021-05-15 11:49:06, Info                  CSI    0000068b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:06, Info                  CSI    0000068c [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:14, Info                  CSI    00000691 [SR] Verify complete
2021-05-15 11:49:14, Info                  CSI    00000692 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:14, Info                  CSI    00000693 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:18, Info                  CSI    00000694 [SR] Verify complete
2021-05-15 11:49:18, Info                  CSI    00000695 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:18, Info                  CSI    00000696 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:22, Info                  CSI    0000069a [SR] Verify complete
2021-05-15 11:49:22, Info                  CSI    0000069b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:22, Info                  CSI    0000069c [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:27, Info                  CSI    000006a7 [SR] Verify complete
2021-05-15 11:49:27, Info                  CSI    000006a8 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:27, Info                  CSI    000006a9 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:31, Info                  CSI    000006c0 [SR] Verify complete
2021-05-15 11:49:31, Info                  CSI    000006c1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:31, Info                  CSI    000006c2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:35, Info                  CSI    000006d0 [SR] Verify complete
2021-05-15 11:49:35, Info                  CSI    000006d1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:35, Info                  CSI    000006d2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:39, Info                  CSI    000006dd [SR] Verify complete
2021-05-15 11:49:40, Info                  CSI    000006de [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:40, Info                  CSI    000006df [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:44, Info                  CSI    000006f6 [SR] Verify complete
2021-05-15 11:49:44, Info                  CSI    000006f7 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:44, Info                  CSI    000006f8 [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:49, Info                  CSI    0000071d [SR] Verify complete
2021-05-15 11:49:50, Info                  CSI    0000071e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:50, Info                  CSI    0000071f [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:53, Info                  CSI    0000075a [SR] Verify complete
2021-05-15 11:49:53, Info                  CSI    0000075b [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:53, Info                  CSI    0000075c [SR] Beginning Verify and Repair transaction
2021-05-15 11:49:59, Info                  CSI    0000075d [SR] Verify complete
2021-05-15 11:49:59, Info                  CSI    0000075e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:49:59, Info                  CSI    0000075f [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:03, Info                  CSI    00000762 [SR] Verify complete
2021-05-15 11:50:03, Info                  CSI    00000763 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:03, Info                  CSI    00000764 [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:14, Info                  CSI    0000077e [SR] Verify complete
2021-05-15 11:50:14, Info                  CSI    0000077f [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:14, Info                  CSI    00000780 [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:26, Info                  CSI    000007a1 [SR] Verify complete
2021-05-15 11:50:26, Info                  CSI    000007a2 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:26, Info                  CSI    000007a3 [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:32, Info                  CSI    000007ab [SR] Verify complete
2021-05-15 11:50:32, Info                  CSI    000007ac [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:32, Info                  CSI    000007ad [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:37, Info                  CSI    000007b5 [SR] Verify complete
2021-05-15 11:50:38, Info                  CSI    000007b6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:38, Info                  CSI    000007b7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:42, Info                  CSI    000007b8 [SR] Verify complete
2021-05-15 11:50:42, Info                  CSI    000007b9 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:42, Info                  CSI    000007ba [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:44, Info                  CSI    000007c0 [SR] Verify complete
2021-05-15 11:50:45, Info                  CSI    000007c1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:45, Info                  CSI    000007c2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:51, Info                  CSI    000007e8 [SR] Verify complete
2021-05-15 11:50:51, Info                  CSI    000007e9 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:51, Info                  CSI    000007ea [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:56, Info                  CSI    000007fc [SR] Verify complete
2021-05-15 11:50:56, Info                  CSI    000007fd [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:56, Info                  CSI    000007fe [SR] Beginning Verify and Repair transaction
2021-05-15 11:50:59, Info                  CSI    00000804 [SR] Verify complete
2021-05-15 11:50:59, Info                  CSI    00000805 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:50:59, Info                  CSI    00000806 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:01, Info                  CSI    00000808 [SR] Verify complete
2021-05-15 11:51:01, Info                  CSI    00000809 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:01, Info                  CSI    0000080a [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:05, Info                  CSI    00000814 [SR] Verify complete
2021-05-15 11:51:05, Info                  CSI    00000815 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:05, Info                  CSI    00000816 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:15, Info                  CSI    00000817 [SR] Verify complete
2021-05-15 11:51:15, Info                  CSI    00000818 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:15, Info                  CSI    00000819 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:21, Info                  CSI    00000832 [SR] Verify complete
2021-05-15 11:51:21, Info                  CSI    00000833 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:21, Info                  CSI    00000834 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:24, Info                  CSI    00000835 [SR] Verify complete
2021-05-15 11:51:24, Info                  CSI    00000836 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:24, Info                  CSI    00000837 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:31, Info                  CSI    00000842 [SR] Verify complete
2021-05-15 11:51:31, Info                  CSI    00000843 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:31, Info                  CSI    00000844 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:36, Info                  CSI    0000085f [SR] Verify complete
2021-05-15 11:51:36, Info                  CSI    00000860 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:36, Info                  CSI    00000861 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:41, Info                  CSI    0000086d [SR] Verify complete
2021-05-15 11:51:41, Info                  CSI    0000086e [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:41, Info                  CSI    0000086f [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:45, Info                  CSI    00000890 [SR] Verify complete
2021-05-15 11:51:46, Info                  CSI    00000891 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:46, Info                  CSI    00000892 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:48, Info                  CSI    00000894 [SR] Verify complete
2021-05-15 11:51:48, Info                  CSI    00000895 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:48, Info                  CSI    00000896 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:51, Info                  CSI    000008a7 [SR] Verify complete
2021-05-15 11:51:51, Info                  CSI    000008a8 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:51, Info                  CSI    000008a9 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:53, Info                  CSI    000008ae [SR] Verify complete
2021-05-15 11:51:53, Info                  CSI    000008af [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:53, Info                  CSI    000008b0 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:56, Info                  CSI    000008b2 [SR] Verify complete
2021-05-15 11:51:56, Info                  CSI    000008b3 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:51:56, Info                  CSI    000008b4 [SR] Beginning Verify and Repair transaction
2021-05-15 11:51:59, Info                  CSI    000008b7 [SR] Verify complete
2021-05-15 11:52:00, Info                  CSI    000008b8 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:00, Info                  CSI    000008b9 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:03, Info                  CSI    000008c0 [SR] Verify complete
2021-05-15 11:52:03, Info                  CSI    000008c1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:03, Info                  CSI    000008c2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:06, Info                  CSI    000008c5 [SR] Verify complete
2021-05-15 11:52:06, Info                  CSI    000008c6 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:06, Info                  CSI    000008c7 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:08, Info                  CSI    000008cc [SR] Verify complete
2021-05-15 11:52:08, Info                  CSI    000008cd [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:08, Info                  CSI    000008ce [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:12, Info                  CSI    000008d0 [SR] Verify complete
2021-05-15 11:52:12, Info                  CSI    000008d1 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:12, Info                  CSI    000008d2 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:17, Info                  CSI    000008d4 [SR] Verify complete
2021-05-15 11:52:17, Info                  CSI    000008d5 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:17, Info                  CSI    000008d6 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:21, Info                  CSI    000008e1 [SR] Verify complete
2021-05-15 11:52:21, Info                  CSI    000008e2 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:21, Info                  CSI    000008e3 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:25, Info                  CSI    000008e4 [SR] Verify complete
2021-05-15 11:52:25, Info                  CSI    000008e5 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:25, Info                  CSI    000008e6 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:29, Info                  CSI    000008e8 [SR] Verify complete
2021-05-15 11:52:29, Info                  CSI    000008e9 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:29, Info                  CSI    000008ea [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:32, Info                  CSI    000008eb [SR] Verify complete
2021-05-15 11:52:32, Info                  CSI    000008ec [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:32, Info                  CSI    000008ed [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:35, Info                  CSI    000008ee [SR] Verify complete
2021-05-15 11:52:35, Info                  CSI    000008ef [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:35, Info                  CSI    000008f0 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:38, Info                  CSI    000008f1 [SR] Verify complete
2021-05-15 11:52:38, Info                  CSI    000008f2 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:38, Info                  CSI    000008f3 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:41, Info                  CSI    000008f4 [SR] Verify complete
2021-05-15 11:52:41, Info                  CSI    000008f5 [SR] Verifying 100 (0x0000000000000064) components
2021-05-15 11:52:41, Info                  CSI    000008f6 [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:45, Info                  CSI    000008f9 [SR] Verify complete
2021-05-15 11:52:45, Info                  CSI    000008fa [SR] Verifying 15 (0x000000000000000f) components
2021-05-15 11:52:45, Info                  CSI    000008fb [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:45, Info                  CSI    000008fc [SR] Verify complete
2021-05-15 11:52:45, Info                  CSI    000008fd [SR] Repairing 0 components
2021-05-15 11:52:45, Info                  CSI    000008fe [SR] Beginning Verify and Repair transaction
2021-05-15 11:52:45, Info                  CSI    000008ff [SR] Repair complete
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 11:53:34 ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by Dyfan (administrator) on SINBAD (15-05-2021 11:56:49)
Running from C:\Users\Dyfan\Desktop
Loaded Profiles: Dyfan
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
(Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(JackettConsole) [File not signed] C:\ProgramData\Jackett\JackettConsole.exe
(JackettService) [File not signed] C:\ProgramData\Jackett\JackettService.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2020-09-26] (Open-Shell) [File not signed]
HKLM\...\Run: [AsioReg] => REGSVR32.EXE /S CTASIO.DLL*
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => C:\Windows\SysWOW64\CTHELPER.EXE* [19456 2007-04-09] () [File not signed]
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE* [19968 2007-04-09] () [File not signed]
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PrivateFolder] => C:\Program Files (x86)\PrivateFolder\PF_Pass.exe [253504 2012-12-31] (eMing Software Inc. -> eMing Software Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-03-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DevconDefaultDB] => C:\WINDOWS\system32\READREG /SILENT /FAIL=1
HKLM\...\Windows x64\Print Processors\Canon MP560 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA0.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP560 series: C:\WINDOWS\system32\CNMLMA0.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-10] (Google LLC -> Google LLC)
BootExecute: PDBoot.exeautocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {395C37E6-F737-42E3-87CC-6995B0CE846C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {5807951C-9665-4994-B992-DFE8BB56DB33} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {589EE948-D775-4ECF-9841-5C5C4484EE31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {96105BC3-AFEE-47A7-8891-D5695DCAFAA5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-04-29] (Garmin International, Inc. -> )
Task: {B3DDBA0C-2045-433C-82BA-A3D7B3E29004} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CD8993E1-0076-4DC4-9D2D-731B3BD5EAE8} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2012-03-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CF79DC15-CE26-488D-99B8-BDBF722552B4} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {FE988C55-483B-4B7F-B571-8251A053352D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-05-11] () [File not signed]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{FB23B534-7674-410D-9BF6-24D3C4A67BF6}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.2,1]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
 
Chrome: 
=======
CHR Profile: C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default [2021-05-15]
CHR DownloadDir: H:\FRD
CHR Notifications: Default -> hxxps://loadsite.online; hxxps://mail.protonmail.com; hxxps://mail.yandex.com; hxxps://www.enjoythemusic.net
CHR Extension: (uBlock Origin) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-09]
CHR Extension: (Strong Password Generator) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\emehklffcaphknhhfhadkjhpfapcbpco [2021-01-25]
CHR Extension: (I don't care about cookies) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-04-17]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2021-01-25]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2021-01-26]
CHR Extension: (Protect My Choices) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2021-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Dyfan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-15]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2021-01-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [324608 2021-01-25] (ASUSTeK Computer Inc.) [File not signed]
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2021-01-26] (GuinpinSoft inc) [File not signed]
R2 Jackett; C:\ProgramData\Jackett\JackettService.exe [405504 2021-05-14] (JackettService) [File not signed]
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-09] (Malwarebytes Inc -> Malwarebytes)
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [151296 2007-04-12] (Creative -> Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd.)
R3 ctgame; C:\WINDOWS\system32\DRIVERS\ctgame.sys [28544 2015-07-01] (Creative Technology Ltd -> Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Labs Inc -> Creative Technology Ltd)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245752 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [283144 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [108576 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [216576 2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-26] (Malwarebytes Inc -> Malwarebytes)
R1 PFolder; C:\WINDOWS\System32\Drivers\PFolder64.sys [57832 2012-12-31] (eMing Software Inc. -> eMing Software Inc.)
S3 rtdrm; C:\WINDOWS\System32\drivers\rtdrm64.sys [19656 2021-01-23] (TenAsys Corporation -> TenAsys Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-05-15 11:32 - 2021-05-15 11:53 - 000095625 _____ C:\Users\Dyfan\Desktop\Fixlog.txt
2021-05-15 11:31 - 2021-05-15 11:31 - 000000000 ____D C:\Users\Dyfan\Desktop\FRST-OlderVersion
2021-05-14 10:41 - 2021-05-14 10:43 - 000000000 ____D C:\Users\Dyfan\Desktop\rkill
2021-05-14 10:38 - 2021-05-14 10:38 - 000000085 _____ C:\WINDOWS\wininit.ini
2021-05-14 09:33 - 2021-05-15 11:28 - 000235008 ___SH C:\Users\Dyfan\Desktop\Thumbs.db
2021-05-13 22:06 - 2021-05-13 22:07 - 000822298 _____ C:\TDSSKiller.3.1.0.28_13.05.2021_22.06.53_log.txt
2021-05-13 22:05 - 2021-05-13 22:05 - 000010412 _____ C:\TDSSKiller.3.1.0.28_13.05.2021_22.05.34_log.txt
2021-05-13 15:29 - 2021-05-13 15:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-05-13 15:29 - 2021-05-13 15:29 - 000000000 ____D C:\Safer-Networking Ltd
2021-05-13 15:28 - 2021-05-15 11:18 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-05-13 15:28 - 2021-05-14 10:38 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-05-13 15:18 - 2021-05-13 15:18 - 000235728 _____ C:\TDSSKiller.3.1.0.28_13.05.2021_15.18.12_log.txt
2021-05-13 14:34 - 2021-05-13 14:35 - 000041369 _____ C:\Users\Dyfan\Desktop\Addition.txt
2021-05-13 14:33 - 2021-05-15 11:57 - 000018054 _____ C:\Users\Dyfan\Desktop\FRST.txt
2021-05-13 14:32 - 2021-05-15 11:56 - 000000000 ____D C:\FRST
2021-05-13 14:30 - 2021-05-15 11:31 - 002299392 _____ (Farbar) C:\Users\Dyfan\Desktop\FRST64.exe
2021-05-13 11:31 - 2021-05-13 11:31 - 000235730 _____ C:\TDSSKiller.3.1.0.28_13.05.2021_11.31.01_log.txt
2021-05-13 11:26 - 2021-05-13 11:26 - 000283144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000245752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000216576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000108576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-05-13 11:20 - 2021-05-13 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2021-05-13 11:19 - 2021-05-13 16:22 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-05-13 11:19 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2021-05-13 11:19 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-05-13 11:19 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-05-13 11:04 - 2021-05-13 11:09 - 000000013 _____ C:\ProgramData\krosqm.txt
2021-05-12 16:12 - 2021-05-12 16:12 - 024514956 _____ C:\Users\Dyfan\Documents\E8021_F2A85-V_PRO.pdf
2021-05-12 15:17 - 2021-05-12 15:38 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Direct Folders
2021-05-12 15:17 - 2021-05-12 15:17 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Direct Folders.lnk
2021-05-12 15:17 - 2021-05-12 15:17 - 000000000 ____D C:\Program Files (x86)\Direct Folders
2021-05-12 14:37 - 2021-05-12 14:37 - 000000000 ____D C:\Users\Dyfan\AppData\Local\calibre-ebook.com
2021-05-12 14:37 - 2021-05-12 14:37 - 000000000 ____D C:\Users\Dyfan\AppData\Local\cache
2021-05-12 13:59 - 2021-05-12 13:59 - 000637646 _____ C:\Users\Dyfan\Documents\Jennifer's Body (2009).XtoDVD
2021-05-12 12:36 - 2021-05-12 12:36 - 000234816 _____ C:\TDSSKiller.3.1.0.28_12.05.2021_12.36.07_log.txt
2021-05-12 10:09 - 2021-04-06 07:51 - 001678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-11 15:01 - 2021-05-11 15:01 - 000000958 _____ C:\Users\Dyfan\Documents\jennifer's body unrated.txt
2021-05-10 11:20 - 2021-05-10 11:20 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Fredrik_Blomqvist
2021-05-08 10:26 - 2021-05-14 09:51 - 000000000 ____D C:\Users\Dyfan\AppData\LocalLow\IGDump
2021-05-08 10:23 - 2021-05-08 10:23 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.9
2021-05-08 10:23 - 2021-05-08 10:23 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Package Cache
2021-05-07 23:38 - 2021-05-07 23:38 - 000000000 ____D C:\Users\Dyfan\Documents\Audacity
2021-05-07 18:11 - 2021-05-14 10:34 - 000000000 ____D C:\ProgramData\Jackett
2021-05-07 18:11 - 2021-05-07 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jackett
2021-05-05 11:22 - 2021-05-05 11:22 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Kaspersky Lab
2021-05-04 12:47 - 2021-05-04 12:47 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2021-05-03 17:35 - 2021-05-03 17:35 - 000924336 _____ (Python Software Foundation) C:\WINDOWS\pyw.exe
2021-05-03 17:35 - 2021-05-03 17:35 - 000924336 _____ (Python Software Foundation) C:\WINDOWS\py.exe
2021-05-03 17:35 - 2021-05-03 17:35 - 000058032 _____ (Python Software Foundation) C:\WINDOWS\pyshellext.amd64.dll
2021-05-03 13:13 - 2021-05-03 13:13 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Digiarty
2021-05-03 13:13 - 2021-05-03 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2021-05-03 13:13 - 2021-05-03 13:13 - 000000000 ____D C:\Program Files (x86)\Digiarty
2021-05-03 10:16 - 2021-05-03 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-05-03 10:16 - 2021-05-03 10:16 - 000000000 ____D C:\Program Files\qBittorrent
2021-05-02 11:48 - 2021-05-02 11:48 - 000000086 _____ C:\Users\Dyfan\Documents\This Is The Zodiak Speaking.txt
2021-05-02 10:20 - 2021-05-02 10:27 - 000000000 ____D C:\Users\Dyfan\AppData\Local\EZ CD Audio Converter
2021-05-02 10:20 - 2021-05-02 10:21 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2021-05-02 10:20 - 2021-05-02 10:20 - 000000899 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2021-05-02 10:20 - 2021-05-02 10:20 - 000000000 ____D C:\ProgramData\EZ CD Audio Converter
2021-05-01 14:06 - 2021-05-12 13:53 - 000000000 ____D C:\Users\Dyfan\Documents\ConvertXtoDVD_Resources
2021-05-01 14:04 - 2021-05-12 23:35 - 000000000 ____D C:\ProgramData\VSO
2021-05-01 14:04 - 2021-05-12 13:58 - 000000000 ____D C:\Users\Dyfan\Documents\ConvertXToDVD
2021-05-01 14:04 - 2021-05-01 14:06 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\VSO
2021-05-01 14:04 - 2021-05-01 14:04 - 000099384 _____ C:\Users\Dyfan\AppData\Roaming\inst.exe
2021-05-01 14:04 - 2021-05-01 14:04 - 000082816 _____ (VSO Software) C:\Users\Dyfan\AppData\Roaming\pcouffin.sys
2021-05-01 14:04 - 2021-05-01 14:04 - 000007859 _____ C:\Users\Dyfan\AppData\Roaming\pcouffin.cat
2021-05-01 14:04 - 2021-05-01 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2021-05-01 14:04 - 2021-05-01 14:04 - 000000000 ____D C:\Program Files (x86)\VSO
2021-04-30 09:35 - 2021-04-30 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-04-29 11:35 - 2021-05-15 11:29 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\TeraCopy
2021-04-29 11:35 - 2021-04-29 11:35 - 000000919 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy.lnk
2021-04-29 11:35 - 2021-04-29 11:35 - 000000000 ____D C:\ProgramData\Code Sector
2021-04-29 11:35 - 2021-04-29 11:35 - 000000000 ____D C:\ProgramData\Caphyon
2021-04-29 11:35 - 2021-04-29 11:35 - 000000000 ____D C:\Program Files\TeraCopy
2021-04-28 21:42 - 2021-05-06 22:41 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\dvdcss
2021-04-26 08:53 - 2021-04-26 08:57 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\XMedia Recode
2021-04-26 08:44 - 2021-04-26 08:44 - 000000000 ____D C:\Users\Dyfan\AppData\Local\RadeonInstaller
2021-04-26 08:44 - 2021-04-26 08:44 - 000000000 ____D C:\ProgramData\AMD
2021-04-26 08:44 - 2021-04-26 08:44 - 000000000 ____D C:\AMD
2021-04-25 17:32 - 2021-04-25 17:32 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Hard Disk Sentinel
2021-04-25 17:31 - 2021-04-26 07:53 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2021-04-25 17:31 - 2021-04-25 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2021-04-25 12:09 - 2021-04-25 12:09 - 018869868 _____ C:\Users\Dyfan\Desktop\mkvtoolnix-64-bit-56.1.0.7z
2021-04-25 11:58 - 2021-04-25 11:58 - 000000000 ____D C:\Users\Dyfan\ultracopier
2021-04-24 16:21 - 2021-04-25 10:50 - 000000000 ____D C:\Program Files (x86)\KillSoft
2021-04-21 21:11 - 2021-04-21 21:11 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\TagScanner
2021-04-21 21:11 - 2021-04-21 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner
2021-04-21 21:11 - 2021-04-21 21:11 - 000000000 ____D C:\Program Files\TagScanner
2021-04-21 21:10 - 2021-04-21 21:10 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\TagScanner_old
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\MAAT
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAAT
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\Program Files\MAAT
2021-04-20 13:54 - 2021-04-20 13:54 - 000000000 ____D C:\Program Files\Common Files\MAAT
2021-04-18 14:40 - 2021-04-18 14:40 - 000000630 _____ C:\Users\Dyfan\Desktop\Temp - Shortcut.lnk
2021-04-17 22:06 - 2021-04-17 22:06 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\r128gain
2021-04-17 13:01 - 2021-04-17 13:01 - 000000000 ____D C:\ProgramData\ASUS OC Profiles
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-05-15 11:56 - 2021-01-25 21:27 - 000000000 ____D C:\Program Files\CCleaner
2021-05-15 11:55 - 2021-01-25 17:11 - 000000000 ____D C:\Users\Dyfan\AppData\Local\OpenShell
2021-05-15 11:54 - 2021-02-01 14:06 - 000000000 ____D C:\Users\Dyfan\Documents\ShareX
2021-05-15 11:54 - 2021-01-25 16:56 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-05-15 11:54 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-15 11:39 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-15 11:38 - 2021-01-25 20:26 - 000000000 ____D C:\ProgramData\FanXpert2
2021-05-15 11:21 - 2021-01-25 17:09 - 000003918 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{29C36ED8-C146-4CB0-97F8-C03FE50B218A}
2021-05-14 23:05 - 2021-01-26 00:36 - 000000000 ____D C:\Users\Dyfan\AppData\Local\Everything
2021-05-14 23:05 - 2021-01-25 21:16 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Everything
2021-05-14 23:04 - 2021-01-26 15:16 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Mp3tag
2021-05-14 23:04 - 2021-01-25 21:56 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\foobar2000
2021-05-14 23:01 - 2021-01-25 22:37 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\qBittorrent
2021-05-14 19:04 - 2021-01-27 12:24 - 000034240 _____ C:\WINDOWS\system32\BMXStateBkp-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-05-14 19:04 - 2021-01-27 12:24 - 000034240 _____ C:\WINDOWS\system32\BMXState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-05-14 19:04 - 2021-01-27 12:24 - 000030528 _____ C:\WINDOWS\system32\BMXCtrlState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-05-14 19:04 - 2021-01-27 12:24 - 000030528 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-05-14 19:04 - 2021-01-27 12:24 - 000011564 _____ C:\WINDOWS\system32\DVCState-{00000001-00000000-00000005-00001102-00000004-20021102}.rfx
2021-05-14 11:48 - 2021-01-25 17:06 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1704149506-1908064861-659173645-1001
2021-05-14 11:46 - 2021-03-29 21:13 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\HandBrake
2021-05-13 23:55 - 2021-01-28 19:30 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\MPC-HC
2021-05-13 23:55 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2021-05-13 16:22 - 2021-01-25 21:06 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-05-13 15:18 - 2021-01-25 22:45 - 000000000 ____D C:\ProgramData\TEMP
2021-05-13 15:18 - 2021-01-25 22:45 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2021-05-13 12:46 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2021-05-13 11:20 - 2021-01-25 21:07 - 000003032 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-05-13 11:20 - 2021-01-25 21:07 - 000000000 ____D C:\Program Files\Common Files\AV
2021-05-13 11:19 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-13 11:19 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2021-05-13 11:06 - 2021-01-26 11:14 - 000000000 ____D C:\Users\Dyfan\AppData\LocalLow\Mozilla
2021-05-13 11:06 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2021-05-12 19:43 - 2021-02-02 13:37 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\vlc
2021-05-12 14:45 - 2021-02-01 14:01 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\calibre
2021-05-12 14:44 - 2021-02-01 14:03 - 000000000 ____D C:\Users\Dyfan\AppData\Local\calibre-cache
2021-05-12 10:37 - 2013-08-22 15:44 - 000337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 10:36 - 2014-03-18 15:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-05-12 10:19 - 2021-01-25 18:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 10:15 - 2021-01-25 18:08 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 14:27 - 2021-01-25 23:15 - 000000697 _____ C:\Users\Dyfan\Desktop\rush reissues.txt
2021-05-10 21:20 - 2021-01-25 17:38 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-10 11:04 - 2021-01-26 14:15 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\audacity
2021-05-09 10:52 - 2021-01-26 13:03 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-09 10:51 - 2021-01-26 13:03 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-08 10:23 - 2021-01-26 00:49 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-07 22:54 - 2021-01-26 14:12 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-05-06 22:00 - 2021-03-31 19:48 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\FFBatch
2021-05-04 23:32 - 2021-02-06 00:33 - 000000000 ____D C:\Users\Dyfan\AppData\Local\CrashDumps
2021-05-03 18:17 - 2021-03-16 12:42 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\ImgBurn
2021-05-02 12:25 - 2021-02-06 22:51 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\XRECODE3
2021-05-02 11:41 - 2021-01-26 13:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-05-02 11:41 - 2021-01-26 13:06 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-04-30 09:35 - 2021-01-26 00:54 - 000000000 ____D C:\ProgramData\Garmin
2021-04-30 09:35 - 2021-01-26 00:49 - 000003554 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2021-04-30 09:35 - 2021-01-26 00:49 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-04-30 09:29 - 2021-01-25 21:27 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-04-28 22:50 - 2021-01-28 20:07 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\CUE Tools
2021-04-26 08:44 - 2021-01-28 16:27 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\Mozilla
2021-04-26 08:44 - 2021-01-25 16:54 - 000000000 ____D C:\Program Files\AMD
2021-04-25 16:33 - 2021-01-25 17:01 - 000000000 ____D C:\Users\Dyfan
2021-04-24 15:04 - 2021-04-03 22:55 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\BatchEncoder
2021-04-20 22:33 - 2021-01-26 14:12 - 000001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-04-20 21:13 - 2021-01-25 17:33 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 21:13 - 2021-01-25 17:33 - 000003204 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-17 23:46 - 2021-01-26 22:47 - 000000000 ____D C:\Users\Dyfan\AppData\Roaming\dBpoweramp
2021-04-17 13:13 - 2021-01-25 18:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-17 13:07 - 2021-01-25 18:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2021-04-17 13:07 - 2021-01-25 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-04-16 10:08 - 2021-03-31 18:18 - 000000000 ____D C:\Users\Dyfan\AppData\Local\clever_FFmpeg_GUI
 
==================== Files in the root of some directories ========
 
2021-05-01 14:04 - 2021-05-01 14:04 - 000099384 _____ () C:\Users\Dyfan\AppData\Roaming\inst.exe
2021-05-01 14:04 - 2021-05-01 14:04 - 000007859 _____ () C:\Users\Dyfan\AppData\Roaming\pcouffin.cat
2021-05-01 14:04 - 2021-05-01 14:04 - 000001167 _____ () C:\Users\Dyfan\AppData\Roaming\pcouffin.inf
2021-05-01 14:04 - 2021-05-01 14:04 - 000000055 _____ () C:\Users\Dyfan\AppData\Roaming\pcouffin.log
2021-05-01 14:04 - 2021-05-01 14:04 - 000082816 _____ (VSO Software) C:\Users\Dyfan\AppData\Roaming\pcouffin.sys
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2021-05-08 11:22
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by Dyfan (15-05-2021 11:57:35)
Running from C:\Users\Dyfan\Desktop
Windows 8.1 (Update) (X64) (2021-01-25 16:01:49)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1704149506-1908064861-659173645-500 - Administrator - Disabled)
Dyfan (S-1-5-21-1704149506-1908064861-659173645-1001 - Administrator - Enabled) => C:\Users\Dyfan
Guest (S-1-5-21-1704149506-1908064861-659173645-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1704149506-1908064861-659173645-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Security Cloud (Disabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4K Video Downloader (HKLM\...\{19BDF435-8F4A-4AFC-80AE-AF007BD67A8E}) (Version: 4.15.1.4190 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{86b588ff-78bb-4251-85d5-56f2450b123a}) (Version: 4.14.2.4070 - Open Media LLC)
ANT Drivers Installer x64 (HKLM\...\{1BC0225E-AF99-4434-92CC-615111CE698F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Ant Video downloader (Native messaging host) (HKLM-x32\...\{41A57734-2ED5-449A-BAF0-F0B356417716}) (Version: 4.7 - Ant.com)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
AudioMuxer 0.9.6.4 (HKLM-x32\...\{E62BDA87-5FD3-4A47-9CF1-F3B04C542713}_is1) (Version: 0.9.6.4 - Pl4yit)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
calibre (HKLM-x32\...\{46FD03C7-BCA4-4075-A384-AE21E2155424}) (Version: 5.17.0 - Kovid Goyal)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
CrystalDiskInfo 8.12.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.0 - Crystal Dew World)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 17.3 - Illustrate)
Direct Folders (HKLM-x32\...\DirectFoldersAppID_is1) (Version: 3.8 - Code Sector)
Elevated Installer (HKLM-x32\...\{C3D3E0B3-6B8D-4AF4-B49A-3583E512ECE8}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Everything 1.4.1.1005 (x64) (HKLM\...\Everything) (Version: 1.4.1.1005 - voidtools)
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 9.1.6 - Poikosoft)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FFmpeg Batch AV Converter (HKLM\...\FFBATCH_cv_is1) (Version: 2.3.7 - Eibolsoft)
File Renamer - Basic (HKLM-x32\...\File Renamer - Basic) (Version: 6.3 - Sherrod Computers)
foobar2000 v1.6.5 (HKLM-x32\...\foobar2000) (Version: 1.6.5 - Peter Pawlowski)
Garmin Express (HKLM-x32\...\{034F279C-D74E-42F2-8CEC-216E91969B29}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{afe06296-a3d5-48cf-88a2-77629aeb124b}) (Version: 7.5.0.0 - Garmin Ltd or its subsidiaries)
get_iplayer 3.27.1 (x64) (HKLM\...\get_iplayer_is1) (Version: 3.27.1 - The get_iplayer Contributors)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.61 - Janos Mathe)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Jackett (HKLM-x32\...\{C2A9FC00-AA48-4F17-9A72-62FBCEE2785B}_is1) (Version: 0.17.1032.0 - Jackett)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.9 - Oracle Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
K-Lite Codec Pack 16.1.6 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.1.6 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
MAAT DROffline MkII (HKLM\...\DROffline MkII_is1) (Version: 2.1.3 - MAAT)
MakeMKV v1.16.3 (HKLM-x32\...\MakeMKV) (Version: v1.16.3 - GuinpinSoft inc)
Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mp3tag v3.06a (HKLM-x32\...\Mp3tag) (Version: 3.06a - Florian Heidenreich)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
Open-Shell (HKLM\...\{F4B6EE58-F183-4B0D-930B-4480673C0F5B}) (Version: 4.4.160 - The Open-Shell Team)
PerfectDisk Professional Business (HKLM\...\{C4E01CDC-0063-493C-B383-9C4FCF7A89F7}) (Version: 14.0.893 - Raxco Software Inc.)
Python 3.9.5 (64-bit) (HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\{f3d4ed4c-f434-41ef-8469-ffadd80c4ccf}) (Version: 3.9.5150.0 - Python Software Foundation)
Python 3.9.5 Core Interpreter (64-bit) (HKLM\...\{FBB6299D-CB58-4177-B6A0-63BFB1C8C3AE}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Development Libraries (64-bit) (HKLM\...\{AEE58901-97A1-422A-B964-4FD9BF3327B8}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Documentation (64-bit) (HKLM\...\{4EFE695B-F377-4CB0-90E3-6AEEE22DEFEB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Executables (64-bit) (HKLM\...\{843C07B6-040E-4E83-B244-5383247D70AB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 pip Bootstrap (64-bit) (HKLM\...\{7559EB6B-36F9-4AE8-8970-532E4DC0ECA3}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Standard Library (64-bit) (HKLM\...\{F4DC18F4-6323-4BE8-A322-38268831BC24}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Tcl/Tk Support (64-bit) (HKLM\...\{351016A7-AED4-4824-8D2E-2F9ED497CF77}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Test Suite (64-bit) (HKLM\...\{605117B9-EE12-4498-A089-A63219191799}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Utility Scripts (64-bit) (HKLM\...\{420E50F6-A8E8-4098-A321-7DF6B3C3BA82}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B6EF11B6-0882-43B1-AA75-4D3BD32A144A}) (Version: 3.9.7427.0 - Python Software Foundation)
qBittorrent 4.3.5 (HKLM-x32\...\qBittorrent) (Version: 4.3.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 - ShareX Team)
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
TagScanner 6.1.8 (64-bit) (HKLM\...\TagScanner_is1) (Version:  - Sergey Serkov)
TeraCopy (HKLM\...\{952ED35A-74C3-4204-8F01-986D8711B41D}) (Version: 3.8.5 - Code Sector)
Trader's Little Helper 2.8.4 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.8.4 - Robert Hoffmann)
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.69 - VSO Software)
Weiss Engineering Saracon (HKLM-x32\...\Saracon) (Version: 01.61-27 - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.5 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
 
Packages:
=========
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2021-01-25] (Microsoft Corporation) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> )
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2020-09-08] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2020-09-08] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-05-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2021-04-21] (Code Sector -> Code Sector)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2021-05-07 18:11 - 2021-05-14 10:33 - 000205824 _____ () [File not signed] [File is in use] C:\ProgramData\Jackett\YamlDotNet.dll
2021-01-25 18:46 - 2010-08-23 11:17 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2021-01-25 18:47 - 2011-07-12 19:14 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2021-01-25 18:48 - 2012-10-08 17:07 - 000972288 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2021-01-25 18:47 - 2010-10-05 08:22 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2021-01-25 18:47 - 2010-10-05 08:22 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2021-01-25 18:47 - 2012-05-28 21:27 - 001622528 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2021-01-25 18:47 - 2009-08-12 20:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2021-01-25 18:48 - 2012-05-25 10:33 - 000883712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2021-01-25 18:48 - 2011-09-19 20:18 - 001243136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2021-01-25 18:47 - 2011-07-21 09:06 - 000846848 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2021-01-25 18:47 - 2012-08-29 18:09 - 000875520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2021-01-25 18:39 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2021-01-25 18:39 - 2021-05-15 11:54 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000829440 _____ (AngleSharp) [File not signed] [File is in use] C:\ProgramData\Jackett\AngleSharp.dll
2021-01-25 18:46 - 2010-08-09 22:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2021-01-25 18:47 - 2010-08-09 21:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2021-01-25 18:48 - 2021-01-25 18:46 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsAcpi.dll
2021-01-25 18:46 - 2010-08-12 08:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2021-01-25 18:47 - 2010-08-12 07:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2021-01-25 18:47 - 2010-10-05 08:22 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2021-01-25 18:48 - 2010-09-08 21:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2021-01-25 18:48 - 2012-06-15 00:03 - 001016320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2021-01-25 18:48 - 2010-06-03 20:04 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\AsMultiLang.dll
2021-01-25 18:48 - 2012-05-23 15:28 - 001545728 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FanXpert2\FanXpert2.dll
2021-01-25 18:48 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2021-01-25 18:47 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2021-01-25 18:47 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2021-01-25 18:48 - 2021-01-25 18:46 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\asacpiEx.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000251904 _____ (Autofac) [File not signed] [File is in use] C:\ProgramData\Jackett\Autofac.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000015872 _____ (Autofac) [File not signed] [File is in use] C:\ProgramData\Jackett\Autofac.Extensions.DependencyInjection.dll
2021-01-26 12:08 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2021-05-07 18:11 - 2021-05-14 10:33 - 000018432 _____ (Diego Heras (ngosang)) [File not signed] [File is in use] C:\ProgramData\Jackett\FlareSolverrSharp.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000217088 _____ (gsscoder;nemec;ericnewton76;moh-hassan) [File not signed] [File is in use] C:\ProgramData\Jackett\CommandLine.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 001252352 _____ (Jackett.Common) [File not signed] [File is in use] C:\ProgramData\Jackett\Jackett.Common.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000393216 _____ (JackettConsole) [File not signed] [File is in use] C:\ProgramData\Jackett\JackettConsole.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000312832 _____ (JackettService) [File not signed] [File is in use] C:\ProgramData\Jackett\JackettService.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000297472 _____ (Jimmy Bogard) [File not signed] [File is in use] C:\ProgramData\Jackett\AutoMapper.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000010752 _____ (Landon Key) [File not signed] [File is in use] C:\ProgramData\Jackett\SocksWebProxy.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000817152 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000046080 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.Extensions.Logging.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000046592 _____ (NLog) [File not signed] [File is in use] C:\ProgramData\Jackett\NLog.Web.AspNetCore.dll
2020-09-26 14:47 - 2020-09-26 14:47 - 000975872 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2020-09-26 14:47 - 2020-09-26 14:47 - 002659328 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2020-09-26 14:48 - 2020-09-26 14:48 - 000562688 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2021-05-07 18:11 - 2021-05-14 10:33 - 000028672 _____ (Org.Mentalis) [File not signed] [File is in use] C:\ProgramData\Jackett\Org.Mentalis.dll
2015-06-02 13:10 - 2015-06-02 13:10 - 002246656 ____R (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Raxco\PerfectDisk\LIBEAY32.dll
2015-06-02 13:10 - 2015-06-02 13:10 - 000408064 ____R (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Raxco\PerfectDisk\SSLEAY32.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80753807.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\96276668.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80753807.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\96276668.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-03-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\1001movie.com -> 1001movie.com
 
There are 6091 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\FFmpeg\bin;C:\FFmpeg\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files\get_iplayer
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: kpm_launch_service => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
HKLM\...\StartupApproved\Run: => "Open-Shell Start Menu"
HKLM\...\StartupApproved\Run: => "AsioReg"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "CTHelper"
HKLM\...\StartupApproved\Run32: => "CTxfiHlp"
HKLM\...\StartupApproved\Run32: => "AsioThk32Reg"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IJNetworkScanUtility"
HKLM\...\StartupApproved\Run32: => "PrivateFolder"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1704149506-1908064861-659173645-1001\...\StartupApproved\Run: => "ultracopier"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{A003020E-8BAC-4330-82F1-F03E00203013}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{CF7468BC-9F59-4C8E-86BA-3D871F5DD53D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{8316E5D8-B835-4D16-9E38-C7AF2CED5C45}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{91320F9D-2E42-4A2E-8579-6F1E7C408A23}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{84304862-91A3-42CD-B4D7-340314FBE947}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CFD4F7E8-995E-40BF-8E70-31F2DF31DC26}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [UDP Query User{E494B49E-5D0E-4FA9-8903-6AB0907EEBB2}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [{AB327029-4A72-40CA-A83A-0C4DA4701735}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{BAB32843-1F0B-4697-92F7-69794BA2F8C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{39C3E5B7-4183-44C6-B740-E6E044917A87}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A715F1E7-C432-4286-9AD1-C7AE39E22061}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{3B02CCCE-05E3-497A-8E02-9AB5AAB2E0CE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
09-05-2021 13:42:31 Removed Kaspersky Password Manager
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (05/15/2021 11:54:07 AM) (Source: DCOM) (EventID: 10010) (User: Sinbad)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 5104 09/14/2012
Motherboard: ASUSTeK COMPUTER INC. F2A85-V PRO
Processor: AMD A6-6400K APU with Radeon™ HD Graphics 
Percentage of memory in use: 23%
Total physical RAM: 7624.94 MB
Available physical RAM: 5796.45 MB
Total Virtual: 8840.94 MB
Available Virtual: 6958.69 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:118.9 GB) (Free:88.72 GB) NTFS
Drive d: (Black) (Fixed) (Total:931.51 GB) (Free:294.27 GB) NTFS
Drive e: (Maxtor) (Fixed) (Total:152.66 GB) (Free:41.85 GB) NTFS
Drive h: (Toshiba) (Fixed) (Total:2794.39 GB) (Free:739.15 GB) NTFS
Drive i: (K1) (Removable) (Total:59.05 GB) (Free:31.88 GB) FAT32
Drive m: (New Volume) (Fixed) (Total:2794.39 GB) (Free:307.82 GB) NTFS
 
\\?\Volume{70be6976-5f25-11eb-824e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 152.7 GB) (Disk ID: 7B25CC4E)
Partition 1: (Active) - (Size=152.7 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 2C402D9B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C9699AB9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 3 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 4 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 5 (Protective MBR) (Size: 59.1 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software
Operating System : Windows 8.1 (6.3.9600) 64 bits
Started in : Normal mode
User : Dyfan [Administrator]
Started from : C:\Users\Dyfan\Desktop\RogueKiller_portable64.exe
Signatures : 20210512_094316, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2021/05/15 12:05:28 (Duration : 00:13:38)
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - System Policies
  [PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,067 posts
  • MVP

Fixlog and Frst logs look good.  Rogue Killer flagged one entry but I can't see why.  It's the same value on my PC so I think you can just close Rogue killer without doing anything.

 

I think you are clean.  Is it running OK?


  • 0

#5
northwalian1

northwalian1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Yes, everything seems fine, thanks so much for the help!


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP