Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lots of issues with my Win 8.1 (virus, malware, etc.)


  • This topic is locked This topic is locked
10 replies to this topic

#1 ivankaclinton

ivankaclinton

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 17 April 2017 - 06:54 AM

Hi there,

 

My computer got infected and I am afraid to act alone so, I need your help. I noticed that my modem is working even when I am not using the internet, and yesterday I plugged my Android phone only to discover that it got infected with advertising pop-ups. Now when i plug it in, my computer doesn't recognize it.

 

I ran Malware Bytes and got rid of one Trojan, but I am pretty sure I have more problems.

 

I also ran HijackThis and received an error message (I attached the picture of it). I am also attaching the HijackThis log file.

 

Please help!

 

Thank you in advance!

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 18 April 2017 - 07:58 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs.

Let me know what problems persists.
===

p.s.
HijackThis is no longer supported and not ready for your Operating system.
I suggest your remove via the Control panel > Programs > Programs and Features.
Use the Farbar tool from now on to report problems.
<<<>>>

#3 ivankaclinton

ivankaclinton
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 18 April 2017 - 10:16 PM

Thank you for replying.

 

I didn't know what I was doing and I ran AwdCleaner while other programs were open. I deleted suggested items and re-run the program. All together I ran it 5 times and no malicious items are currently showing.

 

By the way, I have issues with my USB ports. Every time I unplug and plug-in, the ports don't react. I have to restart the computer in order to make them work again; until I unplug again. :(

 

---------------------------------------------------------------------------------

 

Here is the first scan:

 

# AdwCleaner v6.045 - Logfile created 17/04/2017 at 10:23:17
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-16.1 [Server]
# Operating System : Windows 8.1  (X64)
# Username : mickeymouse - ASUSPC
# Running from : C:\Users\mickeymouse\Desktop\adwcleaner_6.045.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
Folder Found:  C:\ProgramData\Avg_Update_0814avt
Folder Found:  C:\ProgramData\Avg_Update_1214tb
Folder Found:  C:\Users\mickeymouse\AppData\Roaming\RHEng
Folder Found:  C:\ProgramData\AVG Security Toolbar
Folder Found:  C:\ProgramData\Application Data\AVG Security Toolbar
Folder Found:  C:\Program Files (x86)\Common Files\freemake shared
Folder Found:  C:\WINDOWS\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
 
 
***** [ Files ] *****
 
File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found:  HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Myfree Codec
Key Found:  HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Softonic
Key Found:  HKCU\Software\Myfree Codec
Key Found:  HKCU\Software\Softonic
Key Found:  HKLM\SOFTWARE\WISECLEANER
Key Found:  [x64] HKCU\Software\Myfree Codec
Key Found:  [x64] HKCU\Software\Softonic
Key Found:  [x64] HKLM\SOFTWARE\AVG Secure Search
Key Found:  HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Key Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Value Found:  [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
 
 
***** [ Web browsers ] *****
 
Firefox pref Found:  [C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\prefs.js] - "browser.search.defaultenginename" -  "AVG Secure Search"
Firefox pref Found:  [C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\prefs.js] - "browser.search.defaultenginename.US" -  "AVG Secure Search"
Firefox pref Found:  [C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\prefs.js] - "browser.search.selectedEngine" -  "AVG Secure Search"
Chrome pref Found:  [C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found:  [C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [3675 Bytes] - [17/04/2017 10:23:17]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3748 Bytes] ##########
 
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
 
 
 
Here is FarBar Recovery Scan Tool (FRST.txt):
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2017 01
Ran by mickeymouse (administrator) on ASUSPC (18-04-2017 19:53:54)
Running from C:\Users\mickeymouse\Desktop
Loaded Profiles: mickeymouse (Available Profiles: mickeymouse)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\AstSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Bayer Healthcare LLC) C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Palm, Inc.) C:\Program Files (x86)\palmOne\HOTSYNC.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Adobe Systems Inc.) D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera_autoupdate.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7158344 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239104 2017-03-23] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263088 2017-04-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-18] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-08-29] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-22] (cyberlink)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624248 2007-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [MinerGateGui] => C:\Program Files\MinerGate\minergate.exe [19334144 2016-09-23] ()
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {1e387a38-4b6e-11e4-bece-d850e6c2cf2b} - "I:\AutoRun.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {505cd13f-a084-11e6-bfa1-d850e6c2cf2b} - "K:\AutoRun.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {5f186be1-9005-11e6-bf9a-d850e6c2cf2b} - "I:\LG_PC_Programs.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {6baae71c-8b35-11e5-bf37-d850e6c2cf2b} - "K:\LG_PC_Programs.exe" 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\MountPoints2: {966b7b29-3846-11e5-bf1e-d850e6c2cf2b} - "K:\LG_PC_Programs.exe" 
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2015-02-18]
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2017-03-29]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-05-18]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk [2014-02-23]
ShortcutTarget: HotSync Manager.lnk -> C:\Program Files (x86)\palmOne\HOTSYNC.EXE (Palm, Inc.)
GroupPolicy: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{8AF8D45E-DA00-45B2-A2E9-2BE5CF3032E4}: [DhcpNameServer] 192.168.0.1 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1644347244-160312638-2928786626-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1644347244-160312638-2928786626-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> D:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16] (Adobe Systems Incorporated.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-29] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-29] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16] (Adobe Systems Incorporated.)
Toolbar: HKU\S-1-5-21-1644347244-160312638-2928786626-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
 
FireFox:
========
FF ProfilePath: C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default [2017-04-18]
FF Homepage: Mozilla\Firefox\Profiles\mewisx1q.default -> hxxps://startpage.com/
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-02-02]
FF Extension: (YouTube™ AdBlock) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi [2016-09-28]
FF Extension: (FlashGot) - C:\Users\mickeymouse\AppData\Roaming\Mozilla\Firefox\Profiles\mewisx1q.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-01-29]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1644347244-160312638-2928786626-1001: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\mickeymouse\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll [2015-01-23] (SquareClock SAS)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default [2017-04-18]
CHR Extension: (Google Slides) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-19]
CHR Extension: (Google Docs) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-19]
CHR Extension: (Google Drive) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-19]
CHR Extension: (YouTube) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-19]
CHR Extension: (Google Docs Offline) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-19]
CHR Extension: (Gmail) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-09]
 
Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-17]
OPR Extension: (Ghostery) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2017-02-14]
OPR Extension: (Tic Tac Toe 5 in a row) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\dfaakjjdamafnfigpibbgbnjbbldmabl [2014-02-17]
OPR Extension: (HTTPS Everywhere) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2017-04-06]
OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-03-17]
OPR Extension: (History Eraser) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-12]
OPR Extension: (Terms of Service; Didn’t Read) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\lolkidmnimmcadfncfemieniekkkabcn [2014-03-18]
OPR Extension: (Web2PDFConvert) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlkfhjhojmjhgacahkealjkffnmeicfl [2014-02-18]
OPR Extension: (SaveFrom.net helper) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2017-04-07]
OPR Extension: (Adblock Plus) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-03-22]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.)
R2 Ast Service; C:\WINDOWS\SysWOW64\\AstSrv.exe [57344 2007-02-16] (Nalpeiron Ltd.) [File not signed]
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-18] () [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [262696 2017-04-05] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7448992 2017-04-05] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428680 2017-03-23] (AVG Technologies CZ, s.r.o.)
R2 BayerHealthcareService; C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe [162232 2012-10-30] (Bayer Healthcare LLC)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-02-18] (Macrovision Europe Ltd.) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-08-24] (Ellora Assets Corp.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-02-15] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2541248 2006-10-31] (Symantec Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [116368 2016-10-18] (Wondershare)
S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AU8168; C:\WINDOWS\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166136 2017-04-05] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [310056 2017-04-05] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192096 2017-04-05] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336408 2017-04-05] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [50848 2017-04-05] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39288 2017-04-05] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [128096 2017-04-05] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102136 2017-04-05] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76688 2017-04-05] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1006040 2017-04-05] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [557776 2017-04-05] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [165048 2017-04-05] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [340688 2017-04-05] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MTKSCVAD; C:\WINDOWS\system32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14304 1999-07-28] () [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-18 19:53 - 2017-04-18 19:54 - 00030438 _____ C:\Users\mickeymouse\Desktop\FRST.txt
2017-04-18 19:53 - 2017-04-18 19:53 - 00000000 ____D C:\FRST
2017-04-18 19:44 - 2017-04-18 19:44 - 02424832 _____ (Farbar) C:\Users\mickeymouse\Desktop\FRST64.exe
2017-04-17 19:44 - 2017-04-17 19:55 - 00000000 ____D C:\Users\mickeymouse\Desktop\Samsung S3
2017-04-17 10:21 - 2017-04-18 19:52 - 00000000 ____D C:\AdwCleaner
2017-04-17 10:21 - 2017-04-17 10:21 - 04089296 _____ C:\Users\mickeymouse\Desktop\adwcleaner_6.045.exe
2017-04-17 03:03 - 2017-04-17 03:03 - 01399374 _____ C:\Users\mickeymouse\Desktop\white_paper.pdf
2017-04-16 18:44 - 2017-04-16 18:44 - 11522896 _____ (SoftPerfect ) C:\Users\mickeymouse\Desktop\networx_setup.exe
2017-04-16 18:21 - 2017-04-16 18:20 - 18253467 ____R C:\Users\mickeymouse\Desktop\Truecaller Caller Id & Dialer 8.01.apk
2017-04-16 06:08 - 2017-04-16 06:08 - 00029075 _____ C:\Users\mickeymouse\Desktop\all-things-must-pass-the-rise-and-fall-of-tower-records-2015-yts-ag.downloaded.from.swesub.tv.torrent
2017-04-15 10:06 - 2017-04-15 10:06 - 00000000 ____D C:\Users\mickeymouse\Desktop\NanoWallet
2017-04-15 10:02 - 2017-04-15 10:02 - 04525539 _____ C:\Users\mickeymouse\Desktop\NanoWallet-1.3.0 -- Apostille TX 5b8847344028781eb566ffb60803ee1d7c427b3bd5c3dbcb92f1236207b0a293 -- Date 2017-03-17.zip
2017-04-11 12:17 - 2017-04-11 12:17 - 00122964 _____ C:\Users\mickeymouse\Desktop\ACFrOgDgLgIa6xwTTLQwU229WX5PVFqzWBLVT-UcvfyPQJi68E93cJZEkZEtibkZLCSRgztJbRLtgmJUVctlDst80mCoDGLBrcCnO7cfzBtWkI-L_QG7NHYVo8lgjBI=.pdf
2017-04-10 16:06 - 2017-04-10 16:06 - 01743898 _____ C:\Users\mickeymouse\Desktop\Dražen Ričl zajebava Zabranjeno Pusenje - Video Dailymotion.mp4
2017-04-08 11:20 - 2017-04-08 11:20 - 00138096 _____ C:\Users\mickeymouse\Desktop\Stratis_Wallet_Instructions_01.pdf
2017-04-07 07:38 - 2017-04-07 07:38 - 00098304 _____ C:\Users\mickeymouse\Desktop\StratisWallet.dat
2017-04-07 07:29 - 2017-04-07 07:29 - 00098304 _____ C:\Users\mickeymouse\Documents\StratisWallet.dat
2017-04-06 22:22 - 2017-04-06 22:22 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-04-06 15:45 - 2017-04-06 15:45 - 00508547 _____ C:\Users\mickeymouse\Desktop\Moritz, Malden 2016 1040.pdf
2017-04-06 01:17 - 2017-04-06 01:23 - 180759572 _____ C:\Users\mickeymouse\Desktop\Treating Your Wounds💊 _ ASMR Doctor Roleplay.mp4
2017-04-05 18:14 - 2017-04-05 18:14 - 00400928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-04-02 03:59 - 2017-04-02 03:59 - 00022324 _____ C:\Users\mickeymouse\Desktop\MATH1325.pdf
2017-04-02 03:31 - 2017-04-02 03:31 - 00000000 ____D C:\ProgramData\bitmonero
2017-03-30 09:58 - 2017-03-30 10:00 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\Sia-UI
2017-03-29 20:42 - 2017-03-29 20:42 - 00001182 _____ C:\Users\Public\Desktop\Wondershare MobileGo.lnk
2017-03-29 20:21 - 2016-07-22 00:21 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2017-03-29 20:21 - 2016-07-22 00:21 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2017-03-29 03:13 - 2017-03-29 03:13 - 00682687 _____ C:\Users\mickeymouse\Desktop\SSA-7004.pdf
2017-03-29 00:01 - 2017-03-29 00:01 - 00002246 _____ C:\Users\mickeymouse\Desktop\Brave.lnk
2017-03-29 00:00 - 2017-03-29 00:01 - 00000000 ____D C:\Users\mickeymouse\AppData\Local\brave
2017-03-28 20:50 - 2017-03-29 01:34 - 00836039 _____ C:\Users\mickeymouse\Desktop\EthereumBeginnersGuide.pdf
2017-03-26 11:32 - 2017-04-16 05:12 - 00000000 ____D C:\Users\mickeymouse\Desktop\D A T A 222
2017-03-26 00:17 - 2017-04-18 19:46 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\Stratis
2017-03-26 00:17 - 2017-01-19 19:45 - 24751104 _____ C:\Users\mickeymouse\Desktop\stratis-qt.exe
2017-03-25 11:29 - 2017-03-25 18:23 - 00018944 _____ C:\Users\mickeymouse\Desktop\Leni Ethereum.xls
2017-03-23 10:53 - 2017-03-23 10:53 - 00104174 _____ C:\Users\mickeymouse\Documents\IMG_20170323_0006.pdf
2017-03-23 10:45 - 2017-03-23 10:45 - 00113946 _____ C:\Users\mickeymouse\Documents\IMG_20170323_0001.pdf
2017-03-19 23:01 - 2017-03-19 23:27 - 00000056 _____ C:\Users\mickeymouse\AppData\Roaming\Stock Calculator.ini
2017-03-19 23:01 - 2017-03-19 23:01 - 00001122 _____ C:\Users\Public\Desktop\Stock Calculator.lnk
2017-03-19 23:01 - 2017-03-19 23:01 - 00000051 ____H C:\Users\Public\Documents\3SSA
2017-03-19 23:01 - 2017-03-19 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stock Calculator
2017-03-19 23:01 - 2017-03-19 23:01 - 00000000 ____D C:\Program Files (x86)\Stock Calculator
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-18 19:54 - 2014-02-09 05:11 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1644347244-160312638-2928786626-1001
2017-04-18 19:49 - 2017-02-12 11:03 - 00000000 ____D C:\Users\mickeymouse\AppData\Local\minergate
2017-04-18 19:49 - 2014-02-18 21:27 - 06360064 ___SH C:\Users\mickeymouse\Desktop\Thumbs.db
2017-04-18 19:49 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Inf
2017-04-18 19:48 - 2014-02-09 22:28 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-18 19:48 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-18 19:48 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-04-18 18:49 - 2015-05-20 18:28 - 00000000 ____D C:\Users\mickeymouse\Desktop\Screen Capture
2017-04-18 17:33 - 2014-02-14 11:55 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\vlc
2017-04-18 06:00 - 2016-12-21 22:21 - 00000000 ____D C:\Users\mickeymouse\AppData\LocalLow\Mozilla
2017-04-17 22:44 - 2017-02-26 00:29 - 00003600 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-04-17 19:55 - 2014-02-09 05:03 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\Adobe
2017-04-17 10:55 - 2015-07-22 11:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-17 10:33 - 2013-11-14 00:28 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-17 04:13 - 2015-03-09 12:40 - 00000000 ____D C:\Program Files (x86)\iolo
2017-04-17 03:53 - 2014-03-31 16:17 - 00388608 _____ (Trend Micro Inc.) C:\Users\mickeymouse\Desktop\HijackThis.exe
2017-04-16 18:34 - 2014-02-12 17:48 - 00000000 ____D C:\Program Files (x86)\Opera
2017-04-16 18:28 - 2014-02-12 18:25 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\uTorrent
2017-04-16 18:28 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\ModemLogs
2017-04-16 09:18 - 2017-02-26 00:34 - 00004178 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-04-13 20:35 - 2016-11-28 22:20 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\Kodi
2017-04-12 21:40 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-09 22:35 - 2014-03-17 06:33 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-09 21:51 - 2014-05-20 13:51 - 00004096 ____H C:\Users\mickeymouse\AppData\Local\keyfile3.drm
2017-04-06 21:14 - 2014-03-17 06:33 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-06 21:14 - 2014-03-17 06:33 - 00003202 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-05 18:14 - 2017-02-26 00:34 - 01006040 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00557776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00340688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00336408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00310056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00166136 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00165048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00128096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00102136 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00076688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2017-04-05 18:14 - 2017-02-26 00:34 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-04-03 18:50 - 2015-01-20 18:42 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-04-03 08:31 - 2017-02-26 00:31 - 00001028 _____ C:\Users\Public\Desktop\AVG.lnk
2017-04-03 08:31 - 2017-02-26 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-03-29 20:21 - 2015-02-25 21:01 - 00001992 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2017-03-29 20:06 - 2014-08-18 18:27 - 00000000 ____D C:\Users\mickeymouse\AppData\Local\Adobe
2017-03-29 20:02 - 2015-11-05 17:03 - 00004434 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-29 20:02 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-29 20:02 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-29 10:19 - 2016-03-27 05:48 - 00025630 _____ C:\Users\mickeymouse\Desktop\pspbrwse.jbf
2017-03-29 01:25 - 2016-09-29 16:46 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\brave
2017-03-29 00:01 - 2016-09-29 16:46 - 00000000 ____D C:\Users\mickeymouse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Inc
2017-03-29 00:01 - 2016-09-29 16:46 - 00000000 ____D C:\Users\mickeymouse\AppData\Local\SquirrelTemp
2017-03-28 21:11 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-26 11:37 - 2014-02-13 20:04 - 00000000 ____D C:\Users\mickeymouse\Desktop\Data
2017-03-23 06:31 - 2017-02-04 12:58 - 00000000 ____D C:\Program Files\Waterfox
2017-03-22 23:46 - 2014-02-09 05:03 - 00000000 ____D C:\Users\mickeymouse\AppData\Local\VirtualStore
2017-03-19 22:51 - 2014-03-17 06:33 - 00000000 ____D C:\Users\mickeymouse\AppData\Local\Google
2017-03-19 22:44 - 2017-02-26 00:34 - 00548888 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgsp.sys.148998869795302
2017-03-19 22:44 - 2017-02-26 00:34 - 00338576 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgvmm.sys.148998869973405
 
==================== Files in the root of some directories =======
 
2017-02-12 10:49 - 2017-02-12 10:49 - 0000132 _____ () C:\Users\mickeymouse\AppData\Roaming\Adobe GIF Format CS6 Prefs
2017-03-19 23:01 - 2017-03-19 23:27 - 0000056 _____ () C:\Users\mickeymouse\AppData\Roaming\Stock Calculator.ini
2015-05-21 13:29 - 2015-11-24 21:57 - 0007168 _____ () C:\Users\mickeymouse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-20 13:51 - 2017-04-09 21:51 - 0004096 ____H () C:\Users\mickeymouse\AppData\Local\keyfile3.drm
2014-03-06 12:24 - 2014-03-06 12:24 - 0000017 _____ () C:\Users\mickeymouse\AppData\Local\resmon.resmoncfg
2015-01-23 10:06 - 2015-01-23 10:06 - 0353118 _____ () C:\Users\mickeymouse\AppData\Local\SquareClock.Production_HBMV1Icon.ico
2016-12-26 18:11 - 2016-12-26 18:11 - 0046804 _____ () C:\ProgramData\agent.1482801098.bdinstall.bin
2016-12-26 20:35 - 2016-12-26 20:35 - 0028784 _____ () C:\ProgramData\agent.1482809705.bdinstall.bin
2016-12-26 20:47 - 2016-12-26 20:47 - 0028767 _____ () C:\ProgramData\agent.1482810427.bdinstall.bin
2017-02-19 20:30 - 2017-02-19 20:30 - 0029168 _____ () C:\ProgramData\agent.1487561434.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093945.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093950.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093952.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093956.bdinstall.bin
2017-02-26 00:26 - 2017-02-26 00:26 - 0001587 _____ () C:\ProgramData\agent.1488093971.bdinstall.bin
2017-02-26 00:26 - 2017-02-26 00:26 - 0001587 _____ () C:\ProgramData\agent.1488093974.bdinstall.bin
 
Some files in TEMP:
====================
2017-04-17 10:42 - 2017-04-17 10:42 - 0739904 _____ (Oracle Corporation) C:\Users\mickeymouse\AppData\Local\Temp\jre-8u121-windows-au.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-04-11 04:33
 
==================== End of FRST.txt ============================
 
 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 19 April 2017 - 09:30 AM

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
GroupPolicy: Restriction <======= ATTENTION
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Toolbar: HKU\S-1-5-21-1644347244-160312638-2928786626-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Homepage: Mozilla\Firefox\Profiles\mewisx1q.default -> hxxps://startpage.com/
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-09]
OPR Extension: (SaveFrom.net helper) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2017-04-07]
S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X]
AlternateDataStreams: C:\Windows:AstInfo [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
2016-12-26 18:11 - 2016-12-26 18:11 - 0046804 _____ () C:\ProgramData\agent.1482801098.bdinstall.bin
2016-12-26 20:35 - 2016-12-26 20:35 - 0028784 _____ () C:\ProgramData\agent.1482809705.bdinstall.bin
2016-12-26 20:47 - 2016-12-26 20:47 - 0028767 _____ () C:\ProgramData\agent.1482810427.bdinstall.bin
2017-02-19 20:30 - 2017-02-19 20:30 - 0029168 _____ () C:\ProgramData\agent.1487561434.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093945.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093950.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093952.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093956.bdinstall.bin
2017-02-26 00:26 - 2017-02-26 00:26 - 0001587 _____ () C:\ProgramData\agent.1488093971.bdinstall.bin
2017-02-26 00:26 - 2017-02-26 00:26 - 0001587 _____ () C:\ProgramData\agent.1488093974.bdinstall.bin

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)

p.s.
This old version was downloaded. The current version is jre-8u131-windows-au.exe and will be installed if you follow the instructions above.

Some files in TEMP:
====================
2017-04-17 10:42 - 2017-04-17 10:42 - 0739904 _____ (Oracle Corporation) C:\Users\mickeymouse\AppData\Local\Temp\jre-8u121-windows-au.exe <- delete this .exe


Please let me know what problem persists with this computer.

#5 ivankaclinton

ivankaclinton
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 19 April 2017 - 10:02 AM

I created fixlist.txt and saved it in the same folder where Farbar is located. However, I am confused about this step:

 

"Run FRST and click Fix only once and wait."

 

I clicked on FRST.txt, but that's not it. What am I missing here?

 

TY!

 



#6 ivankaclinton

ivankaclinton
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 19 April 2017 - 10:14 AM

Never mind the previous reply. I figured it out.

 

Here is the Fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by mickeymouse (19-04-2017 08:08:48) Run:1
Running from C:\Users\mickeymouse\Desktop
Loaded Profiles: mickeymouse (Available Profiles: mickeymouse)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
GroupPolicy: Restriction <======= ATTENTION
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Toolbar: HKU\S-1-5-21-1644347244-160312638-2928786626-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Homepage: Mozilla\Firefox\Profiles\mewisx1q.default -> hxxps://startpage.com/
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-09]
OPR Extension: (SaveFrom.net helper) - C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2017-04-07]
S2 ProductAgentService; "C:\Program Files\Bitdefender Agent\ProductAgentService.exe" [X]
AlternateDataStreams: C:\Windows:AstInfo [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
2016-12-26 18:11 - 2016-12-26 18:11 - 0046804 _____ () C:\ProgramData\agent.1482801098.bdinstall.bin
2016-12-26 20:35 - 2016-12-26 20:35 - 0028784 _____ () C:\ProgramData\agent.1482809705.bdinstall.bin
2016-12-26 20:47 - 2016-12-26 20:47 - 0028767 _____ () C:\ProgramData\agent.1482810427.bdinstall.bin
2017-02-19 20:30 - 2017-02-19 20:30 - 0029168 _____ () C:\ProgramData\agent.1487561434.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093945.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093950.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093952.bdinstall.bin
2017-02-26 00:25 - 2017-02-26 00:25 - 0001587 _____ () C:\ProgramData\agent.1488093956.bdinstall.bin
2017-02-26 00:26 - 2017-02-26 00:26 - 0001587 _____ () C:\ProgramData\agent.1488093971.bdinstall.bin
2017-02-26 00:26 - 2017-02-26 00:26 - 0001587 _____ () C:\ProgramData\agent.1488093974.bdinstall.bin
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKU\S-1-5-21-1644347244-160312638-2928786626-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. 
Firefox "homepage" removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => key removed successfully
C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\mickeymouse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
C:\Users\mickeymouse\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak => moved successfully
HKLM\System\CurrentControlSet\Services\ProductAgentService => key removed successfully
ProductAgentService => service removed successfully
C:\Windows => ":AstInfo" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\agent.1482801098.bdinstall.bin => moved successfully
C:\ProgramData\agent.1482809705.bdinstall.bin => moved successfully
C:\ProgramData\agent.1482810427.bdinstall.bin => moved successfully
C:\ProgramData\agent.1487561434.bdinstall.bin => moved successfully
C:\ProgramData\agent.1488093945.bdinstall.bin => moved successfully
C:\ProgramData\agent.1488093950.bdinstall.bin => moved successfully
C:\ProgramData\agent.1488093952.bdinstall.bin => moved successfully
C:\ProgramData\agent.1488093956.bdinstall.bin => moved successfully
C:\ProgramData\agent.1488093971.bdinstall.bin => moved successfully
C:\ProgramData\agent.1488093974.bdinstall.bin => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 20971520 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12097916 B
Java, Flash, Steam htmlcache => 745 B
Windows/system/drivers => 328833 B
Edge => 0 B
Chrome => 112640 B
Firefox => 16356956 B
Opera => 324846724 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 266574 B
systemprofile32 => 933207 B
LocalService => 2470 B
NetworkService => 0 B
mickeymouse => 3441398 B
 
RecycleBin => 0 B
EmptyTemp: => 361.8 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 08:09:12 ====


#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 19 April 2017 - 12:57 PM

Any remaining issues?

#8 ivankaclinton

ivankaclinton
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 19 April 2017 - 04:52 PM

I am very grateful for your help!

 

It appears that everything is working as intended, except for the ports issue I briefly touched upon. Something seems to be disabling them once they are used from the first time. For example, I would reboot my computer, plug a USB or, my phone, and everything would work fine. Once I remove the item and try to reconnect it, all of my ports don't react at all. So I have to reboot the computer in order to make them work again.

 

So this happened somewhere down the road when I realized my computer is infected. Is there anything I can do to scan/discover the problem?

 

Thank you again.



#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 20 April 2017 - 07:25 AM


Do you properly dismound the USB or the phone?
it's not safe to just remove it when done.

http://www.pcworld.com/article/2040932/how-to-safely-remove-a-usb-drive-even-when-windows-says-it-isnt-safe-to-do-so.html
===

If the problem persists continue.

Check the integrity of the operating system files.
How to run sfc /Scannow
http://support.microsoft.com/kb/929833

When completed refer to the Microsoft article again and follow the instructions to view details of the System File Checker process

Post the contents of the sfcdetails.txt file for my review.

Let me know if the problem persists.
<<<>>>

#10 ivankaclinton

ivankaclinton
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 20 April 2017 - 09:08 AM

Everything A-OK!

 

Thank you, thank you, thank you!!!

 

<<<>>>

 

 

2017-04-20 06:34:12, Info                  CSI    0000000a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:12, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:14, Info                  CSI    0000000c [SR] Verify complete
2017-04-20 06:34:14, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:14, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:18, Info                  CSI    0000000f [SR] Verify complete
2017-04-20 06:34:18, Info                  CSI    00000010 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:18, Info                  CSI    00000011 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:20, Info                  CSI    00000012 [SR] Verify complete
2017-04-20 06:34:20, Info                  CSI    00000013 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:20, Info                  CSI    00000014 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:23, Info                  CSI    00000015 [SR] Verify complete
2017-04-20 06:34:23, Info                  CSI    00000016 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:23, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:27, Info                  CSI    00000018 [SR] Verify complete
2017-04-20 06:34:27, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:27, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:29, Info                  CSI    0000001b [SR] Verify complete
2017-04-20 06:34:29, Info                  CSI    0000001c [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:29, Info                  CSI    0000001d [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:32, Info                  CSI    0000001e [SR] Verify complete
2017-04-20 06:34:32, Info                  CSI    0000001f [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:32, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:34, Info                  CSI    00000021 [SR] Verify complete
2017-04-20 06:34:34, Info                  CSI    00000022 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:34, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:37, Info                  CSI    00000024 [SR] Verify complete
2017-04-20 06:34:37, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:37, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:39, Info                  CSI    00000027 [SR] Verify complete
2017-04-20 06:34:39, Info                  CSI    00000028 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:39, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:41, Info                  CSI    0000002a [SR] Verify complete
2017-04-20 06:34:41, Info                  CSI    0000002b [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:41, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:44, Info                  CSI    0000002d [SR] Verify complete
2017-04-20 06:34:44, Info                  CSI    0000002e [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:44, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:46, Info                  CSI    00000030 [SR] Verify complete
2017-04-20 06:34:46, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:46, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:49, Info                  CSI    00000033 [SR] Verify complete
2017-04-20 06:34:49, Info                  CSI    00000034 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:49, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:51, Info                  CSI    00000036 [SR] Verify complete
2017-04-20 06:34:51, Info                  CSI    00000037 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:51, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:53, Info                  CSI    00000039 [SR] Verify complete
2017-04-20 06:34:53, Info                  CSI    0000003a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:53, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:55, Info                  CSI    0000003c [SR] Verify complete
2017-04-20 06:34:55, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:55, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2017-04-20 06:34:58, Info                  CSI    0000003f [SR] Verify complete
2017-04-20 06:34:58, Info                  CSI    00000040 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:34:58, Info                  CSI    00000041 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:00, Info                  CSI    00000042 [SR] Verify complete
2017-04-20 06:35:00, Info                  CSI    00000043 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:00, Info                  CSI    00000044 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:02, Info                  CSI    00000045 [SR] Verify complete
2017-04-20 06:35:02, Info                  CSI    00000046 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:02, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:04, Info                  CSI    00000048 [SR] Verify complete
2017-04-20 06:35:05, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:05, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:07, Info                  CSI    0000004b [SR] Verify complete
2017-04-20 06:35:07, Info                  CSI    0000004c [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:07, Info                  CSI    0000004d [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:09, Info                  CSI    0000004e [SR] Verify complete
2017-04-20 06:35:09, Info                  CSI    0000004f [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:09, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:11, Info                  CSI    00000051 [SR] Verify complete
2017-04-20 06:35:11, Info                  CSI    00000052 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:11, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:14, Info                  CSI    00000054 [SR] Verify complete
2017-04-20 06:35:14, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:14, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:16, Info                  CSI    00000057 [SR] Verify complete
2017-04-20 06:35:16, Info                  CSI    00000058 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:16, Info                  CSI    00000059 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:18, Info                  CSI    0000005a [SR] Verify complete
2017-04-20 06:35:18, Info                  CSI    0000005b [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:18, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:21, Info                  CSI    0000005d [SR] Verify complete
2017-04-20 06:35:21, Info                  CSI    0000005e [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:21, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:23, Info                  CSI    00000060 [SR] Verify complete
2017-04-20 06:35:23, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:23, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:25, Info                  CSI    00000063 [SR] Verify complete
2017-04-20 06:35:25, Info                  CSI    00000064 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:25, Info                  CSI    00000065 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:27, Info                  CSI    00000066 [SR] Verify complete
2017-04-20 06:35:27, Info                  CSI    00000067 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:27, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:29, Info                  CSI    00000069 [SR] Verify complete
2017-04-20 06:35:30, Info                  CSI    0000006a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:30, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:32, Info                  CSI    0000006c [SR] Verify complete
2017-04-20 06:35:32, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:32, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:34, Info                  CSI    0000006f [SR] Verify complete
2017-04-20 06:35:34, Info                  CSI    00000070 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:34, Info                  CSI    00000071 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:36, Info                  CSI    00000072 [SR] Verify complete
2017-04-20 06:35:36, Info                  CSI    00000073 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:36, Info                  CSI    00000074 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:38, Info                  CSI    00000075 [SR] Verify complete
2017-04-20 06:35:38, Info                  CSI    00000076 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:38, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:40, Info                  CSI    00000078 [SR] Verify complete
2017-04-20 06:35:40, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:40, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:42, Info                  CSI    0000007b [SR] Verify complete
2017-04-20 06:35:42, Info                  CSI    0000007c [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:42, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:45, Info                  CSI    0000007e [SR] Verify complete
2017-04-20 06:35:45, Info                  CSI    0000007f [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:45, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:47, Info                  CSI    00000081 [SR] Verify complete
2017-04-20 06:35:47, Info                  CSI    00000082 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:47, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:49, Info                  CSI    00000084 [SR] Verify complete
2017-04-20 06:35:49, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:49, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:51, Info                  CSI    00000087 [SR] Verify complete
2017-04-20 06:35:51, Info                  CSI    00000088 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:51, Info                  CSI    00000089 [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:53, Info                  CSI    0000008a [SR] Verify complete
2017-04-20 06:35:54, Info                  CSI    0000008b [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:54, Info                  CSI    0000008c [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:56, Info                  CSI    0000008d [SR] Verify complete
2017-04-20 06:35:56, Info                  CSI    0000008e [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:56, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2017-04-20 06:35:58, Info                  CSI    00000090 [SR] Verify complete
2017-04-20 06:35:58, Info                  CSI    00000091 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:35:58, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:00, Info                  CSI    00000093 [SR] Verify complete
2017-04-20 06:36:00, Info                  CSI    00000094 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:00, Info                  CSI    00000095 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:02, Info                  CSI    00000096 [SR] Verify complete
2017-04-20 06:36:02, Info                  CSI    00000097 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:02, Info                  CSI    00000098 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:04, Info                  CSI    00000099 [SR] Verify complete
2017-04-20 06:36:04, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:04, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:06, Info                  CSI    0000009c [SR] Verify complete
2017-04-20 06:36:06, Info                  CSI    0000009d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:06, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:08, Info                  CSI    0000009f [SR] Verify complete
2017-04-20 06:36:08, Info                  CSI    000000a0 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:08, Info                  CSI    000000a1 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:10, Info                  CSI    000000a2 [SR] Verify complete
2017-04-20 06:36:10, Info                  CSI    000000a3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:10, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:12, Info                  CSI    000000a5 [SR] Verify complete
2017-04-20 06:36:12, Info                  CSI    000000a6 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:12, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:14, Info                  CSI    000000a8 [SR] Verify complete
2017-04-20 06:36:14, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:14, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:16, Info                  CSI    000000ab [SR] Verify complete
2017-04-20 06:36:16, Info                  CSI    000000ac [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:16, Info                  CSI    000000ad [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:18, Info                  CSI    000000ae [SR] Verify complete
2017-04-20 06:36:18, Info                  CSI    000000af [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:18, Info                  CSI    000000b0 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:21, Info                  CSI    000000b1 [SR] Verify complete
2017-04-20 06:36:21, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:21, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:23, Info                  CSI    000000b4 [SR] Verify complete
2017-04-20 06:36:23, Info                  CSI    000000b5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:23, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:25, Info                  CSI    000000b7 [SR] Verify complete
2017-04-20 06:36:25, Info                  CSI    000000b8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:25, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:27, Info                  CSI    000000ba [SR] Verify complete
2017-04-20 06:36:27, Info                  CSI    000000bb [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:27, Info                  CSI    000000bc [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:30, Info                  CSI    000000be [SR] Verify complete
2017-04-20 06:36:30, Info                  CSI    000000bf [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:30, Info                  CSI    000000c0 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:32, Info                  CSI    000000c1 [SR] Verify complete
2017-04-20 06:36:32, Info                  CSI    000000c2 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:32, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:34, Info                  CSI    000000c4 [SR] Verify complete
2017-04-20 06:36:34, Info                  CSI    000000c5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:34, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:36, Info                  CSI    000000c7 [SR] Verify complete
2017-04-20 06:36:36, Info                  CSI    000000c8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:36, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:38, Info                  CSI    000000ca [SR] Verify complete
2017-04-20 06:36:38, Info                  CSI    000000cb [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:38, Info                  CSI    000000cc [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:40, Info                  CSI    000000cd [SR] Verify complete
2017-04-20 06:36:40, Info                  CSI    000000ce [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:40, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:43, Info                  CSI    000000d0 [SR] Verify complete
2017-04-20 06:36:43, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:43, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:45, Info                  CSI    000000d3 [SR] Verify complete
2017-04-20 06:36:45, Info                  CSI    000000d4 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:45, Info                  CSI    000000d5 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:47, Info                  CSI    000000d6 [SR] Verify complete
2017-04-20 06:36:47, Info                  CSI    000000d7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:47, Info                  CSI    000000d8 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:49, Info                  CSI    000000d9 [SR] Verify complete
2017-04-20 06:36:49, Info                  CSI    000000da [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:49, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:51, Info                  CSI    000000dc [SR] Verify complete
2017-04-20 06:36:51, Info                  CSI    000000dd [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:51, Info                  CSI    000000de [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:54, Info                  CSI    000000df [SR] Verify complete
2017-04-20 06:36:54, Info                  CSI    000000e0 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:54, Info                  CSI    000000e1 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:56, Info                  CSI    000000e2 [SR] Verify complete
2017-04-20 06:36:56, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:56, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:57, Info                  CSI    000000e5 [SR] Verify complete
2017-04-20 06:36:57, Info                  CSI    000000e6 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:57, Info                  CSI    000000e7 [SR] Beginning Verify and Repair transaction
2017-04-20 06:36:59, Info                  CSI    000000e8 [SR] Verify complete
2017-04-20 06:36:59, Info                  CSI    000000e9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:36:59, Info                  CSI    000000ea [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:01, Info                  CSI    000000eb [SR] Verify complete
2017-04-20 06:37:01, Info                  CSI    000000ec [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:01, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:03, Info                  CSI    000000ee [SR] Verify complete
2017-04-20 06:37:03, Info                  CSI    000000ef [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:03, Info                  CSI    000000f0 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:05, Info                  CSI    000000f1 [SR] Verify complete
2017-04-20 06:37:05, Info                  CSI    000000f2 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:05, Info                  CSI    000000f3 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:07, Info                  CSI    000000f4 [SR] Verify complete
2017-04-20 06:37:07, Info                  CSI    000000f5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:07, Info                  CSI    000000f6 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:09, Info                  CSI    000000f7 [SR] Verify complete
2017-04-20 06:37:09, Info                  CSI    000000f8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:09, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:11, Info                  CSI    000000fa [SR] Verify complete
2017-04-20 06:37:11, Info                  CSI    000000fb [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:11, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:14, Info                  CSI    000000fd [SR] Verify complete
2017-04-20 06:37:14, Info                  CSI    000000fe [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:14, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:16, Info                  CSI    00000100 [SR] Verify complete
2017-04-20 06:37:16, Info                  CSI    00000101 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:16, Info                  CSI    00000102 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:17, Info                  CSI    00000103 [SR] Verify complete
2017-04-20 06:37:17, Info                  CSI    00000104 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:17, Info                  CSI    00000105 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:19, Info                  CSI    00000106 [SR] Verify complete
2017-04-20 06:37:19, Info                  CSI    00000107 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:19, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:21, Info                  CSI    00000109 [SR] Verify complete
2017-04-20 06:37:22, Info                  CSI    0000010a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:22, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:23, Info                  CSI    0000010c [SR] Verify complete
2017-04-20 06:37:24, Info                  CSI    0000010d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:24, Info                  CSI    0000010e [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:25, Info                  CSI    0000010f [SR] Verify complete
2017-04-20 06:37:25, Info                  CSI    00000110 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:25, Info                  CSI    00000111 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:28, Info                  CSI    00000112 [SR] Verify complete
2017-04-20 06:37:28, Info                  CSI    00000113 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:28, Info                  CSI    00000114 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:29, Info                  CSI    00000115 [SR] Verify complete
2017-04-20 06:37:30, Info                  CSI    00000116 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:30, Info                  CSI    00000117 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:31, Info                  CSI    00000118 [SR] Verify complete
2017-04-20 06:37:31, Info                  CSI    00000119 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:31, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:34, Info                  CSI    0000011b [SR] Verify complete
2017-04-20 06:37:34, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:34, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:36, Info                  CSI    0000011e [SR] Verify complete
2017-04-20 06:37:37, Info                  CSI    0000011f [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:37, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:40, Info                  CSI    00000121 [SR] Verify complete
2017-04-20 06:37:40, Info                  CSI    00000122 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:40, Info                  CSI    00000123 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:42, Info                  CSI    00000124 [SR] Verify complete
2017-04-20 06:37:42, Info                  CSI    00000125 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:42, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:45, Info                  CSI    0000012a [SR] Verify complete
2017-04-20 06:37:45, Info                  CSI    0000012b [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:45, Info                  CSI    0000012c [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:47, Info                  CSI    00000141 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\WINDOWS\System32"\[l:24{12}]"invagent.dll" from store
2017-04-20 06:37:48, Info                  CSI    00000144 [SR] Verify complete
2017-04-20 06:37:48, Info                  CSI    00000145 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:48, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:53, Info                  CSI    0000014e [SR] Verify complete
2017-04-20 06:37:53, Info                  CSI    0000014f [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:53, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:57, Info                  CSI    00000153 [SR] Verify complete
2017-04-20 06:37:57, Info                  CSI    00000154 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:57, Info                  CSI    00000155 [SR] Beginning Verify and Repair transaction
2017-04-20 06:37:59, Info                  CSI    00000161 [SR] Verify complete
2017-04-20 06:37:59, Info                  CSI    00000162 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:37:59, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:02, Info                  CSI    00000165 [SR] Verify complete
2017-04-20 06:38:02, Info                  CSI    00000166 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:02, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:05, Info                  CSI    00000168 [SR] Verify complete
2017-04-20 06:38:05, Info                  CSI    00000169 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:05, Info                  CSI    0000016a [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:10, Info                  CSI    00000184 [SR] Verify complete
2017-04-20 06:38:10, Info                  CSI    00000185 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:10, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:13, Info                  CSI    00000190 [SR] Verify complete
2017-04-20 06:38:13, Info                  CSI    00000191 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:13, Info                  CSI    00000192 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:18, Info                  CSI    000001bc [SR] Verify complete
2017-04-20 06:38:18, Info                  CSI    000001bd [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:18, Info                  CSI    000001be [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:23, Info                  CSI    000001c1 [SR] Verify complete
2017-04-20 06:38:23, Info                  CSI    000001c2 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:23, Info                  CSI    000001c3 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:28, Info                  CSI    000001d4 [SR] Verify complete
2017-04-20 06:38:28, Info                  CSI    000001d5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:28, Info                  CSI    000001d6 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:32, Info                  CSI    000001e6 [SR] Verify complete
2017-04-20 06:38:32, Info                  CSI    000001e7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:32, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:34, Info                  CSI    000001ee [SR] Verify complete
2017-04-20 06:38:34, Info                  CSI    000001ef [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:34, Info                  CSI    000001f0 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:38, Info                  CSI    000001f2 [SR] Verify complete
2017-04-20 06:38:38, Info                  CSI    000001f3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:38, Info                  CSI    000001f4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:41, Info                  CSI    000001fc [SR] Verify complete
2017-04-20 06:38:41, Info                  CSI    000001fd [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:41, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:46, Info                  CSI    00000236 [SR] Verify complete
2017-04-20 06:38:46, Info                  CSI    00000237 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:46, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2017-04-20 06:38:53, Info                  CSI    00000250 [SR] Verify complete
2017-04-20 06:38:53, Info                  CSI    00000251 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:38:53, Info                  CSI    00000252 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:02, Info                  CSI    0000026f [SR] Verify complete
2017-04-20 06:39:02, Info                  CSI    00000270 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:02, Info                  CSI    00000271 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:09, Info                  CSI    00000278 [SR] Verify complete
2017-04-20 06:39:09, Info                  CSI    00000279 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:09, Info                  CSI    0000027a [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:12, Info                  CSI    00000285 [SR] Verify complete
2017-04-20 06:39:12, Info                  CSI    00000286 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:12, Info                  CSI    00000287 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:16, Info                  CSI    000002a2 [SR] Verify complete
2017-04-20 06:39:16, Info                  CSI    000002a3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:16, Info                  CSI    000002a4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:18, Info                  CSI    000002a6 [SR] Verify complete
2017-04-20 06:39:18, Info                  CSI    000002a7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:18, Info                  CSI    000002a8 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:19, Info                  CSI    000002a9 [SR] Verify complete
2017-04-20 06:39:19, Info                  CSI    000002aa [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:19, Info                  CSI    000002ab [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:22, Info                  CSI    000002b7 [SR] Verify complete
2017-04-20 06:39:23, Info                  CSI    000002b8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:23, Info                  CSI    000002b9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:25, Info                  CSI    000002d5 [SR] Verify complete
2017-04-20 06:39:25, Info                  CSI    000002d6 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:25, Info                  CSI    000002d7 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:28, Info                  CSI    00000333 [SR] Verify complete
2017-04-20 06:39:28, Info                  CSI    00000334 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:28, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:34, Info                  CSI    00000347 [SR] Verify complete
2017-04-20 06:39:34, Info                  CSI    00000348 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:34, Info                  CSI    00000349 [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:37, Info                  CSI    0000034d [SR] Verify complete
2017-04-20 06:39:37, Info                  CSI    0000034e [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:37, Info                  CSI    0000034f [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:41, Info                  CSI    0000036a [SR] Verify complete
2017-04-20 06:39:41, Info                  CSI    0000036b [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:41, Info                  CSI    0000036c [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:47, Info                  CSI    00000379 [SR] Verify complete
2017-04-20 06:39:48, Info                  CSI    0000037a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:48, Info                  CSI    0000037b [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:53, Info                  CSI    0000037c [SR] Verify complete
2017-04-20 06:39:53, Info                  CSI    0000037d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:53, Info                  CSI    0000037e [SR] Beginning Verify and Repair transaction
2017-04-20 06:39:58, Info                  CSI    00000387 [SR] Verify complete
2017-04-20 06:39:58, Info                  CSI    00000388 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:39:58, Info                  CSI    00000389 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:05, Info                  CSI    000003a8 [SR] Verify complete
2017-04-20 06:40:05, Info                  CSI    000003a9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:05, Info                  CSI    000003aa [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:08, Info                  CSI    000003ad [SR] Verify complete
2017-04-20 06:40:08, Info                  CSI    000003ae [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:08, Info                  CSI    000003af [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:11, Info                  CSI    000003b3 [SR] Verify complete
2017-04-20 06:40:11, Info                  CSI    000003b4 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:11, Info                  CSI    000003b5 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:16, Info                  CSI    000003c1 [SR] Verify complete
2017-04-20 06:40:17, Info                  CSI    000003c2 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:17, Info                  CSI    000003c3 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:20, Info                  CSI    000003f0 [SR] Verify complete
2017-04-20 06:40:20, Info                  CSI    000003f1 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:20, Info                  CSI    000003f2 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:23, Info                  CSI    000003f7 [SR] Verify complete
2017-04-20 06:40:23, Info                  CSI    000003f8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:23, Info                  CSI    000003f9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:27, Info                  CSI    00000403 [SR] Verify complete
2017-04-20 06:40:27, Info                  CSI    00000404 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:27, Info                  CSI    00000405 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:30, Info                  CSI    00000418 [SR] Verify complete
2017-04-20 06:40:30, Info                  CSI    00000419 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:30, Info                  CSI    0000041a [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:34, Info                  CSI    00000427 [SR] Verify complete
2017-04-20 06:40:34, Info                  CSI    00000428 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:34, Info                  CSI    00000429 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:37, Info                  CSI    00000433 [SR] Verify complete
2017-04-20 06:40:37, Info                  CSI    00000434 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:37, Info                  CSI    00000435 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:40, Info                  CSI    00000439 [SR] Verify complete
2017-04-20 06:40:40, Info                  CSI    0000043a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:40, Info                  CSI    0000043b [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:43, Info                  CSI    0000043d [SR] Verify complete
2017-04-20 06:40:43, Info                  CSI    0000043e [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:43, Info                  CSI    0000043f [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:48, Info                  CSI    0000044a [SR] Verify complete
2017-04-20 06:40:48, Info                  CSI    0000044b [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:48, Info                  CSI    0000044c [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:51, Info                  CSI    00000455 [SR] Verify complete
2017-04-20 06:40:51, Info                  CSI    00000456 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:51, Info                  CSI    00000457 [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:54, Info                  CSI    00000458 [SR] Verify complete
2017-04-20 06:40:54, Info                  CSI    00000459 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:54, Info                  CSI    0000045a [SR] Beginning Verify and Repair transaction
2017-04-20 06:40:58, Info                  CSI    00000465 [SR] Verify complete
2017-04-20 06:40:58, Info                  CSI    00000466 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:40:58, Info                  CSI    00000467 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:01, Info                  CSI    0000046f [SR] Verify complete
2017-04-20 06:41:01, Info                  CSI    00000470 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:01, Info                  CSI    00000471 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:06, Info                  CSI    00000478 [SR] Verify complete
2017-04-20 06:41:06, Info                  CSI    00000479 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:06, Info                  CSI    0000047a [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:11, Info                  CSI    000004ac [SR] Verify complete
2017-04-20 06:41:11, Info                  CSI    000004ad [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:11, Info                  CSI    000004ae [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:16, Info                  CSI    000004b5 [SR] Verify complete
2017-04-20 06:41:16, Info                  CSI    000004b6 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:16, Info                  CSI    000004b7 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:19, Info                  CSI    000004bc [SR] Verify complete
2017-04-20 06:41:19, Info                  CSI    000004bd [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:19, Info                  CSI    000004be [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:23, Info                  CSI    000004c2 [SR] Verify complete
2017-04-20 06:41:23, Info                  CSI    000004c3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:23, Info                  CSI    000004c4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:27, Info                  CSI    000004c5 [SR] Verify complete
2017-04-20 06:41:27, Info                  CSI    000004c6 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:27, Info                  CSI    000004c7 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:31, Info                  CSI    000004cc [SR] Verify complete
2017-04-20 06:41:31, Info                  CSI    000004cd [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:31, Info                  CSI    000004ce [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:37, Info                  CSI    000004d7 [SR] Verify complete
2017-04-20 06:41:37, Info                  CSI    000004d8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:37, Info                  CSI    000004d9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:41, Info                  CSI    000004e9 [SR] Verify complete
2017-04-20 06:41:41, Info                  CSI    000004ea [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:41, Info                  CSI    000004eb [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:44, Info                  CSI    000004f5 [SR] Verify complete
2017-04-20 06:41:45, Info                  CSI    000004f6 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:45, Info                  CSI    000004f7 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:47, Info                  CSI    00000502 [SR] Verify complete
2017-04-20 06:41:47, Info                  CSI    00000503 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:47, Info                  CSI    00000504 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:51, Info                  CSI    00000512 [SR] Verify complete
2017-04-20 06:41:51, Info                  CSI    00000513 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:51, Info                  CSI    00000514 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:55, Info                  CSI    00000516 [SR] Verify complete
2017-04-20 06:41:55, Info                  CSI    00000517 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:55, Info                  CSI    00000518 [SR] Beginning Verify and Repair transaction
2017-04-20 06:41:59, Info                  CSI    00000519 [SR] Verify complete
2017-04-20 06:41:59, Info                  CSI    0000051a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:41:59, Info                  CSI    0000051b [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:04, Info                  CSI    00000553 [SR] Verify complete
2017-04-20 06:42:04, Info                  CSI    00000554 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:04, Info                  CSI    00000555 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:07, Info                  CSI    00000558 [SR] Verify complete
2017-04-20 06:42:07, Info                  CSI    00000559 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:07, Info                  CSI    0000055a [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:11, Info                  CSI    00000569 [SR] Verify complete
2017-04-20 06:42:11, Info                  CSI    0000056a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:11, Info                  CSI    0000056b [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:14, Info                  CSI    0000056c [SR] Verify complete
2017-04-20 06:42:15, Info                  CSI    0000056d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:15, Info                  CSI    0000056e [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:20, Info                  CSI    00000570 [SR] Verify complete
2017-04-20 06:42:20, Info                  CSI    00000571 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:20, Info                  CSI    00000572 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:27, Info                  CSI    00000573 [SR] Verify complete
2017-04-20 06:42:27, Info                  CSI    00000574 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:27, Info                  CSI    00000575 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:30, Info                  CSI    00000576 [SR] Verify complete
2017-04-20 06:42:30, Info                  CSI    00000577 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:30, Info                  CSI    00000578 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:35, Info                  CSI    00000579 [SR] Verify complete
2017-04-20 06:42:35, Info                  CSI    0000057a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:35, Info                  CSI    0000057b [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:37, Info                  CSI    0000057c [SR] Verify complete
2017-04-20 06:42:37, Info                  CSI    0000057d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:37, Info                  CSI    0000057e [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:40, Info                  CSI    0000057f [SR] Verify complete
2017-04-20 06:42:40, Info                  CSI    00000580 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:40, Info                  CSI    00000581 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:42, Info                  CSI    00000582 [SR] Verify complete
2017-04-20 06:42:43, Info                  CSI    00000583 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:43, Info                  CSI    00000584 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:45, Info                  CSI    00000585 [SR] Verify complete
2017-04-20 06:42:45, Info                  CSI    00000586 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:45, Info                  CSI    00000587 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:49, Info                  CSI    000005a4 [SR] Verify complete
2017-04-20 06:42:49, Info                  CSI    000005a5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:49, Info                  CSI    000005a6 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:52, Info                  CSI    000005a7 [SR] Verify complete
2017-04-20 06:42:52, Info                  CSI    000005a8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:52, Info                  CSI    000005a9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:42:56, Info                  CSI    000005ac [SR] Verify complete
2017-04-20 06:42:56, Info                  CSI    000005ad [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:42:56, Info                  CSI    000005ae [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:04, Info                  CSI    000005af [SR] Verify complete
2017-04-20 06:43:04, Info                  CSI    000005b0 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:04, Info                  CSI    000005b1 [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:10, Info                  CSI    000005b2 [SR] Verify complete
2017-04-20 06:43:10, Info                  CSI    000005b3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:10, Info                  CSI    000005b4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:14, Info                  CSI    000005b5 [SR] Verify complete
2017-04-20 06:43:14, Info                  CSI    000005b6 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:14, Info                  CSI    000005b7 [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:16, Info                  CSI    000005b8 [SR] Verify complete
2017-04-20 06:43:16, Info                  CSI    000005b9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:16, Info                  CSI    000005ba [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:24, Info                  CSI    000005bb [SR] Verify complete
2017-04-20 06:43:24, Info                  CSI    000005bc [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:24, Info                  CSI    000005bd [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:27, Info                  CSI    000005c8 [SR] Verify complete
2017-04-20 06:43:27, Info                  CSI    000005c9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:27, Info                  CSI    000005ca [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:30, Info                  CSI    000005cb [SR] Verify complete
2017-04-20 06:43:30, Info                  CSI    000005cc [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:30, Info                  CSI    000005cd [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:32, Info                  CSI    00000639 [SR] Verify complete
2017-04-20 06:43:33, Info                  CSI    0000063a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:33, Info                  CSI    0000063b [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:35, Info                  CSI    00000640 [SR] Verify complete
2017-04-20 06:43:35, Info                  CSI    00000641 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:35, Info                  CSI    00000642 [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:38, Info                  CSI    00000643 [SR] Verify complete
2017-04-20 06:43:38, Info                  CSI    00000644 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:38, Info                  CSI    00000645 [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:40, Info                  CSI    00000646 [SR] Verify complete
2017-04-20 06:43:40, Info                  CSI    00000647 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:40, Info                  CSI    00000648 [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:42, Info                  CSI    00000649 [SR] Verify complete
2017-04-20 06:43:42, Info                  CSI    0000064a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:42, Info                  CSI    0000064b [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:44, Info                  CSI    0000064c [SR] Verify complete
2017-04-20 06:43:45, Info                  CSI    0000064d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:45, Info                  CSI    0000064e [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:47, Info                  CSI    0000065a [SR] Verify complete
2017-04-20 06:43:47, Info                  CSI    0000065b [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:47, Info                  CSI    0000065c [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:51, Info                  CSI    0000066c [SR] Verify complete
2017-04-20 06:43:51, Info                  CSI    0000066d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:51, Info                  CSI    0000066e [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:55, Info                  CSI    00000686 [SR] Verify complete
2017-04-20 06:43:55, Info                  CSI    00000687 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:55, Info                  CSI    00000688 [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:58, Info                  CSI    0000068d [SR] Verify complete
2017-04-20 06:43:58, Info                  CSI    0000068e [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:43:58, Info                  CSI    0000068f [SR] Beginning Verify and Repair transaction
2017-04-20 06:43:59, Info                  CSI    00000690 [SR] Verify complete
2017-04-20 06:44:00, Info                  CSI    00000691 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:00, Info                  CSI    00000692 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:01, Info                  CSI    00000696 [SR] Verify complete
2017-04-20 06:44:01, Info                  CSI    00000697 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:01, Info                  CSI    00000698 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:05, Info                  CSI    000006a3 [SR] Verify complete
2017-04-20 06:44:05, Info                  CSI    000006a4 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:05, Info                  CSI    000006a5 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:10, Info                  CSI    000006bc [SR] Verify complete
2017-04-20 06:44:10, Info                  CSI    000006bd [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:10, Info                  CSI    000006be [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:12, Info                  CSI    000006cb [SR] Verify complete
2017-04-20 06:44:12, Info                  CSI    000006cc [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:12, Info                  CSI    000006cd [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:16, Info                  CSI    000006d8 [SR] Verify complete
2017-04-20 06:44:16, Info                  CSI    000006d9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:16, Info                  CSI    000006da [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:21, Info                  CSI    000006f3 [SR] Verify complete
2017-04-20 06:44:21, Info                  CSI    000006f4 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:21, Info                  CSI    000006f5 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:25, Info                  CSI    0000070c [SR] Verify complete
2017-04-20 06:44:25, Info                  CSI    0000070d [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:25, Info                  CSI    0000070e [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:29, Info                  CSI    0000074f [SR] Verify complete
2017-04-20 06:44:29, Info                  CSI    00000750 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:29, Info                  CSI    00000751 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:32, Info                  CSI    00000752 [SR] Verify complete
2017-04-20 06:44:32, Info                  CSI    00000753 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:32, Info                  CSI    00000754 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:35, Info                  CSI    00000757 [SR] Verify complete
2017-04-20 06:44:35, Info                  CSI    00000758 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:35, Info                  CSI    00000759 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:38, Info                  CSI    00000773 [SR] Verify complete
2017-04-20 06:44:38, Info                  CSI    00000774 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:38, Info                  CSI    00000775 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:41, Info                  CSI    00000789 [SR] Verify complete
2017-04-20 06:44:41, Info                  CSI    0000078a [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:41, Info                  CSI    0000078b [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:44, Info                  CSI    000007a0 [SR] Verify complete
2017-04-20 06:44:44, Info                  CSI    000007a1 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:44, Info                  CSI    000007a2 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:47, Info                  CSI    000007aa [SR] Verify complete
2017-04-20 06:44:47, Info                  CSI    000007ab [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:47, Info                  CSI    000007ac [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:50, Info                  CSI    000007ad [SR] Verify complete
2017-04-20 06:44:50, Info                  CSI    000007ae [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:50, Info                  CSI    000007af [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:52, Info                  CSI    000007b2 [SR] Verify complete
2017-04-20 06:44:52, Info                  CSI    000007b3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:52, Info                  CSI    000007b4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:56, Info                  CSI    000007dd [SR] Verify complete
2017-04-20 06:44:56, Info                  CSI    000007de [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:56, Info                  CSI    000007df [SR] Beginning Verify and Repair transaction
2017-04-20 06:44:58, Info                  CSI    000007e9 [SR] Verify complete
2017-04-20 06:44:58, Info                  CSI    000007ea [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:44:58, Info                  CSI    000007eb [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:00, Info                  CSI    000007f9 [SR] Verify complete
2017-04-20 06:45:00, Info                  CSI    000007fa [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:00, Info                  CSI    000007fb [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:02, Info                  CSI    000007fc [SR] Verify complete
2017-04-20 06:45:02, Info                  CSI    000007fd [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:02, Info                  CSI    000007fe [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:04, Info                  CSI    00000808 [SR] Verify complete
2017-04-20 06:45:04, Info                  CSI    00000809 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:04, Info                  CSI    0000080a [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:08, Info                  CSI    00000824 [SR] Verify complete
2017-04-20 06:45:08, Info                  CSI    00000825 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:08, Info                  CSI    00000826 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:11, Info                  CSI    00000827 [SR] Verify complete
2017-04-20 06:45:11, Info                  CSI    00000828 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:11, Info                  CSI    00000829 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:13, Info                  CSI    0000082f [SR] Verify complete
2017-04-20 06:45:13, Info                  CSI    00000830 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:13, Info                  CSI    00000831 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:22, Info                  CSI    00000850 [SR] Verify complete
2017-04-20 06:45:22, Info                  CSI    00000851 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:22, Info                  CSI    00000852 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:24, Info                  CSI    00000862 [SR] Verify complete
2017-04-20 06:45:24, Info                  CSI    00000863 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:24, Info                  CSI    00000864 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:29, Info                  CSI    00000885 [SR] Verify complete
2017-04-20 06:45:29, Info                  CSI    00000886 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:29, Info                  CSI    00000887 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:31, Info                  CSI    00000888 [SR] Verify complete
2017-04-20 06:45:31, Info                  CSI    00000889 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:31, Info                  CSI    0000088a [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:33, Info                  CSI    0000089b [SR] Verify complete
2017-04-20 06:45:33, Info                  CSI    0000089c [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:33, Info                  CSI    0000089d [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:35, Info                  CSI    000008a2 [SR] Verify complete
2017-04-20 06:45:35, Info                  CSI    000008a3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:35, Info                  CSI    000008a4 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:37, Info                  CSI    000008a7 [SR] Verify complete
2017-04-20 06:45:37, Info                  CSI    000008a8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:37, Info                  CSI    000008a9 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:41, Info                  CSI    000008ac [SR] Verify complete
2017-04-20 06:45:41, Info                  CSI    000008ad [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:41, Info                  CSI    000008ae [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:43, Info                  CSI    000008b4 [SR] Verify complete
2017-04-20 06:45:43, Info                  CSI    000008b5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:43, Info                  CSI    000008b6 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:46, Info                  CSI    000008b9 [SR] Verify complete
2017-04-20 06:45:46, Info                  CSI    000008ba [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:46, Info                  CSI    000008bb [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:48, Info                  CSI    000008bf [SR] Verify complete
2017-04-20 06:45:48, Info                  CSI    000008c0 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:48, Info                  CSI    000008c1 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:50, Info                  CSI    000008c4 [SR] Verify complete
2017-04-20 06:45:50, Info                  CSI    000008c5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:50, Info                  CSI    000008c6 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:52, Info                  CSI    000008c9 [SR] Verify complete
2017-04-20 06:45:52, Info                  CSI    000008ca [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:52, Info                  CSI    000008cb [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:56, Info                  CSI    000008d6 [SR] Verify complete
2017-04-20 06:45:56, Info                  CSI    000008d7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:56, Info                  CSI    000008d8 [SR] Beginning Verify and Repair transaction
2017-04-20 06:45:58, Info                  CSI    000008d9 [SR] Verify complete
2017-04-20 06:45:58, Info                  CSI    000008da [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:45:58, Info                  CSI    000008db [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:02, Info                  CSI    000008dd [SR] Verify complete
2017-04-20 06:46:02, Info                  CSI    000008de [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:46:02, Info                  CSI    000008df [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:04, Info                  CSI    000008e0 [SR] Verify complete
2017-04-20 06:46:04, Info                  CSI    000008e1 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:46:04, Info                  CSI    000008e2 [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:08, Info                  CSI    000008e3 [SR] Verify complete
2017-04-20 06:46:08, Info                  CSI    000008e4 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:46:08, Info                  CSI    000008e5 [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:10, Info                  CSI    000008e6 [SR] Verify complete
2017-04-20 06:46:10, Info                  CSI    000008e7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:46:10, Info                  CSI    000008e8 [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:12, Info                  CSI    000008e9 [SR] Verify complete
2017-04-20 06:46:12, Info                  CSI    000008ea [SR] Verifying 100 (0x0000000000000064) components
2017-04-20 06:46:12, Info                  CSI    000008eb [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:16, Info                  CSI    000008ee [SR] Verify complete
2017-04-20 06:46:16, Info                  CSI    000008ef [SR] Verifying 46 (0x000000000000002e) components
2017-04-20 06:46:16, Info                  CSI    000008f0 [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:18, Info                  CSI    000008f1 [SR] Verify complete
2017-04-20 06:46:18, Info                  CSI    000008f2 [SR] Repairing 1 components
2017-04-20 06:46:18, Info                  CSI    000008f3 [SR] Beginning Verify and Repair transaction
2017-04-20 06:46:18, Info                  CSI    000008f4 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\WINDOWS\System32"\[l:24{12}]"invagent.dll" from store
2017-04-20 06:46:18, Info                  CSI    000008f5 [SR] Repair complete
2017-04-20 06:46:18, Info                  CSI    000008f6 [SR] Committing transaction
2017-04-20 06:46:18, Info                  CSI    000008fb [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired

 

 

 

 

 



#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:42 PM

Posted 21 April 2017 - 06:49 AM

Glad we could help.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users