Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Start Up Time Is Extremely Slow


  • This topic is locked This topic is locked
10 replies to this topic

#1 TheRealSlimShady

TheRealSlimShady

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 25 April 2017 - 09:52 PM

For weeks now my computer has been taking forever to start up and I think it is because I have a virus. Once I am past the Windows welcome screen and am at the desktop, I am sometimes unable to do anything at all on my computer for up to ten minutes. While the hard drive I have Windows on is around seven years old at this point, the start up times on my computer have never been THIS bad before. Even when my computer does finally get going, it still performs slower than it typically does which is why I think something else is going on other than an aging hard drive. I have tried things such as defragging my hard drive but it doesn't seem like it had any effect on the start up times or general performance. Any help with this issue would be greatly appreciated, thank you!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2017 01
Ran by Max Wren (administrator) on SASUKEUCHIHA-PC (25-04-2017 19:31:36)
Running from C:\Users\Max Wren\Downloads
Loaded Profiles: Max Wren (Available Profiles: Max Wren & Mcx1-MAXWREN-PC & HiImMax)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\SysWOW64\ANIWConnService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Max Wren\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
(Wireless Service) C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Max Wren\Downloads\FRST64 (1).exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-18] ()
HKLM-x32\...\Run: [D-Link D-Link RangeBooster N DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.)
HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Run: [Spotify Web Helper] => C:\Users\Max Wren\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  -> No File
BootExecute: 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{040A3ED8-11A7-4C53-A7B4-DD71596687C9}: [NameServer] 192.168.1.254
Tcpip\..\Interfaces\{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> DefaultScope {184920D7-ECF1-46bf-8E2F-3383170E70A1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {12DC6175-B360-2C25-BF0E-2B6E49ADC9F3} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z152&form=ZGAIDF&install_date=20110903&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {184920D7-ECF1-46bf-8E2F-3383170E70A1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {8242CF80-7EB4-4d23-832C-E55687FF16C1} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-19] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
 
FireFox:
========
FF DefaultProfile: 7evw1m3g.default-1408922747848
FF ProfilePath: C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848 [2017-04-05]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848 -> Google
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848 -> Google
FF Homepage: Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848 -> hxxps://www.google.com
FF Extension: (Firefox Hotfix) - C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-13]
FF Extension: (Adblock Plus) - C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-03]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-06-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-20] [not signed]
FF HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @fileplanet.com/fpdlm -> C:\Program Files (x86)\Download Manager\npfpdlm.dll [2009-10-27] (IGN Entertainment)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-05-23] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll [No File]
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @talk.google.com/O1DPlugin -> C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max Wren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2011-11-17] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-05-23] (Pando Networks)
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-07-26] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Max Wren\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Max Wren\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\server.cfg [2006-10-25] <==== ATTENTION
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default [2017-04-25]
CHR Extension: (Super Netflix) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aioencjhbaolepcoappllicjebblphoc [2016-10-27]
CHR Extension: (Angry Birds) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-13]
CHR Extension: (Google Docs) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-03-07]
CHR Extension: (YouTube) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Google Search) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Deadmau5 Green Edition) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphfjhmkmdjocaaopmgpeikabebejihc [2016-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Gmail) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25]
CHR Profile: C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-04-05]
CHR Extension: (YouTube) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Google Search) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-14]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2016-02-02]
CHR Extension: (Gmail) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-02]
CHR Extension: (Chrome Media Router) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-14]
CHR Profile: C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-05]
CHR Extension: (Google Slides) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Google Docs) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Google Drive) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-03]
CHR Extension: (YouTube) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-03]
CHR Extension: (Google Search) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Google Sheets) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-03]
CHR Extension: (Google Wallet) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-03]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-07-03]
CHR Extension: (Gmail) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [151552 2009-07-07] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-06] ()
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [77872 2017-03-08] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [392480 2016-12-01] (EasyAntiCheat Ltd)
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-05-18] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-18] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-03-06] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [127488 2012-05-18] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-12-31] ()
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-04-15] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-08-29] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-12-31] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-04-08] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-25] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-25] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-25] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2017-04-25] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [987648 2009-08-05] (Ralink Technology Corp.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-10-02] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-25 19:31 - 2017-04-25 19:32 - 00034007 _____ C:\Users\Max Wren\Downloads\FRST.txt
2017-04-25 19:31 - 2017-04-25 19:31 - 02426368 _____ (Farbar) C:\Users\Max Wren\Downloads\FRST64 (1).exe
2017-04-25 19:10 - 2017-04-25 19:12 - 212154362 _____ C:\Users\Max Wren\Downloads\Migos-No_Label_2.zip
2017-04-25 19:05 - 2017-04-25 19:07 - 203371971 _____ C:\Users\Max Wren\Downloads\Migos - No Label II - HotNewHipHop.zip
2017-04-25 19:00 - 2017-04-25 19:00 - 00000000 ____D C:\Users\Max Wren\AppData\Roaming\Google
2017-04-25 12:58 - 2017-04-25 12:59 - 114369277 _____ C:\Users\Max Wren\Downloads\Playboi Carti - Playboi Carti.zip
2017-04-24 15:23 - 2017-04-24 15:24 - 87516987 _____ C:\Users\Max Wren\Downloads\New English - Desiigner.zip
2017-04-24 03:24 - 2017-04-24 03:24 - 78667068 _____ C:\Users\Max Wren\Downloads\Savage Mode - 21 Savage.zip
2017-04-21 18:35 - 2017-04-21 18:38 - 149370656 _____ C:\Users\Max Wren\Downloads\X&Y - Coldplay.zip
2017-04-19 16:21 - 2016-07-22 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-04-19 16:21 - 2016-07-22 07:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-04-19 14:57 - 2017-03-27 11:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-19 14:57 - 2017-03-27 10:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-19 14:57 - 2017-03-25 12:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-19 14:57 - 2017-03-25 12:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-19 14:57 - 2017-03-25 12:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-19 14:57 - 2017-03-25 11:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-19 14:57 - 2017-03-25 11:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-19 14:57 - 2017-03-25 11:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-19 14:57 - 2017-03-25 11:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-19 14:57 - 2017-03-25 11:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-19 14:57 - 2017-03-25 11:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-19 14:57 - 2017-03-25 11:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-04-19 14:57 - 2017-03-25 11:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-04-19 14:57 - 2017-03-25 11:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-19 14:57 - 2017-03-25 11:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-04-19 14:57 - 2017-03-25 11:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-04-19 14:57 - 2017-03-25 11:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-04-19 14:57 - 2017-03-25 11:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-04-19 14:57 - 2017-03-25 11:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-04-19 14:57 - 2017-03-25 11:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-04-19 14:57 - 2017-03-25 11:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-19 14:57 - 2017-03-25 11:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-04-19 14:57 - 2017-03-25 11:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-04-19 14:57 - 2017-03-25 11:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-04-19 14:57 - 2017-03-25 11:14 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-04-19 14:57 - 2017-03-25 11:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-04-19 14:57 - 2017-03-25 11:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-19 14:57 - 2017-03-25 11:13 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-04-19 14:57 - 2017-03-25 11:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-19 14:57 - 2017-03-25 11:04 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-04-19 14:57 - 2017-03-25 11:02 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-04-19 14:57 - 2017-03-25 10:57 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-04-19 14:57 - 2017-03-25 10:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-19 14:57 - 2017-03-25 10:56 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-04-19 14:57 - 2017-03-25 10:56 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-04-19 14:57 - 2017-03-25 10:56 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-04-19 14:57 - 2017-03-25 10:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-19 14:57 - 2017-03-25 10:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-19 14:57 - 2017-03-25 10:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-19 14:57 - 2017-03-25 10:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-04-19 14:57 - 2017-03-25 10:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-19 14:57 - 2017-03-25 10:29 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-04-19 14:57 - 2017-03-25 10:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-04-19 14:57 - 2017-03-25 10:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-19 14:57 - 2017-03-25 10:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-19 14:57 - 2017-03-25 10:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-04-19 14:57 - 2017-03-25 10:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-04-19 14:57 - 2017-03-25 10:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-04-19 14:57 - 2017-03-25 10:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-19 14:57 - 2017-03-25 10:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-19 14:57 - 2017-03-25 09:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-19 14:57 - 2017-03-25 09:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-19 14:57 - 2017-03-25 09:57 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-04-19 14:57 - 2017-03-25 09:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-19 14:57 - 2017-03-25 09:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-04-19 14:57 - 2017-03-25 09:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-19 14:57 - 2017-03-25 09:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-19 14:57 - 2017-03-25 09:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-19 14:57 - 2017-03-22 08:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-19 14:57 - 2017-03-10 09:00 - 03219968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-19 14:57 - 2017-03-07 21:36 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-19 14:57 - 2017-03-07 21:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-04-19 14:57 - 2017-03-07 21:33 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-19 14:57 - 2017-02-10 07:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-04-19 14:57 - 2017-02-09 07:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-04-19 14:57 - 2017-02-09 07:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-04-19 14:57 - 2017-01-11 11:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-04-19 14:57 - 2017-01-11 10:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-04-19 14:56 - 2017-03-25 11:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-04-19 14:56 - 2017-03-24 15:50 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-19 14:56 - 2017-03-24 15:42 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-19 14:56 - 2017-03-22 08:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-19 14:56 - 2017-03-22 08:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-19 14:56 - 2017-03-22 08:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-19 14:56 - 2017-03-22 08:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-19 14:56 - 2017-03-22 08:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-19 14:56 - 2017-03-22 08:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-19 14:56 - 2017-03-22 08:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-19 14:56 - 2017-03-22 08:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-19 14:56 - 2017-03-22 08:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-19 14:56 - 2017-03-22 08:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-19 14:56 - 2017-03-22 08:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-19 14:56 - 2017-03-22 08:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-19 14:56 - 2017-03-22 08:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-19 14:56 - 2017-03-22 08:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-19 14:56 - 2017-03-22 08:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-19 14:56 - 2017-03-14 08:34 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-19 14:56 - 2017-03-14 08:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-19 14:56 - 2017-03-14 08:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-04-19 14:56 - 2017-03-10 09:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-19 14:56 - 2017-03-10 09:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-19 14:56 - 2017-03-10 09:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-19 14:56 - 2017-03-10 09:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-19 14:56 - 2017-03-10 09:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-19 14:56 - 2017-03-10 09:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-19 14:56 - 2017-03-10 09:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-04-19 14:56 - 2017-03-10 09:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-04-19 14:56 - 2017-03-10 09:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-04-19 14:56 - 2017-03-10 08:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-19 14:56 - 2017-03-08 13:20 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-04-19 14:56 - 2017-03-08 13:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-04-19 14:56 - 2017-03-07 21:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-04-19 14:56 - 2017-03-07 21:36 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-04-19 14:56 - 2017-03-07 21:36 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-04-19 14:56 - 2017-03-07 21:36 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-04-19 14:56 - 2017-03-07 21:33 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-04-19 14:56 - 2017-03-07 21:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-04-19 14:56 - 2017-03-07 21:24 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-04-19 14:56 - 2017-03-07 21:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 21:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-04-19 14:56 - 2017-03-07 21:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-04-19 14:56 - 2017-03-07 21:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-04-19 14:56 - 2017-03-07 21:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-04-19 14:56 - 2017-03-07 21:00 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-04-19 14:56 - 2017-03-07 20:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-04-19 14:56 - 2017-03-07 20:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-04-19 14:56 - 2017-03-07 20:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-19 14:56 - 2017-03-07 20:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-19 14:56 - 2017-03-07 20:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-19 14:56 - 2017-03-07 20:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-04-19 14:56 - 2017-03-07 20:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-04-19 14:56 - 2017-03-07 20:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-04-19 14:56 - 2017-03-07 20:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-04-19 14:56 - 2017-03-07 20:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-04-19 14:56 - 2017-03-07 20:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-04-19 14:56 - 2017-03-07 20:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-04-19 14:56 - 2017-03-07 20:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 20:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 20:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 20:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-19 14:56 - 2017-03-07 09:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-19 14:56 - 2017-03-07 09:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-19 14:56 - 2017-03-07 07:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-19 14:56 - 2017-03-03 18:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-19 14:56 - 2017-03-03 18:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-19 14:56 - 2017-03-03 18:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-19 14:56 - 2017-03-03 18:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-19 14:56 - 2017-02-14 09:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-19 14:56 - 2017-02-14 09:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-19 14:56 - 2017-02-11 09:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-19 14:56 - 2017-02-11 09:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-19 14:56 - 2017-02-11 08:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-04-19 14:56 - 2017-02-11 08:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-04-19 14:56 - 2017-02-11 08:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-04-19 14:56 - 2017-02-10 09:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-04-19 14:56 - 2017-02-10 09:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-04-19 14:56 - 2017-02-09 09:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-19 14:56 - 2017-02-09 09:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-19 14:56 - 2017-02-09 09:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-04-19 14:56 - 2017-02-09 09:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-04-19 14:56 - 2017-02-09 09:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-04-19 14:56 - 2017-02-09 09:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-04-19 14:56 - 2017-02-09 09:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-04-19 14:56 - 2017-02-09 09:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-19 14:56 - 2017-02-09 08:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-04-19 14:56 - 2017-02-06 09:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-19 14:56 - 2017-01-18 08:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-19 14:56 - 2017-01-18 08:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-19 14:56 - 2017-01-13 11:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-19 14:56 - 2017-01-13 11:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-04-19 14:56 - 2017-01-13 10:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-19 14:56 - 2017-01-13 10:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-04-19 14:56 - 2017-01-11 11:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-04-19 14:56 - 2017-01-11 10:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-04-19 14:56 - 2016-03-23 15:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-19 14:56 - 2016-03-23 15:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-19 14:55 - 2017-02-22 16:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-04-19 14:55 - 2017-02-22 16:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-19 14:55 - 2017-02-18 07:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-19 14:55 - 2017-02-18 07:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-04-19 14:55 - 2016-12-31 08:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-19 14:55 - 2016-12-31 08:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-19 14:55 - 2016-12-31 08:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-04-19 14:55 - 2016-12-31 08:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-04-19 14:55 - 2016-12-31 08:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-17 13:57 - 2017-04-17 13:57 - 12305503 _____ C:\Users\Max Wren\Downloads\Luv_Is_Rage_15_EP-(DatPiff.com).zip
2017-04-17 11:49 - 2017-04-17 11:49 - 58728478 _____ C:\Users\Max Wren\Downloads\Lil Uzi Vert & Gucci Mane - 1017 Vs. The World - HotNewHipHop.zip
2017-04-17 11:36 - 2017-04-17 11:36 - 13133574 _____ C:\Users\Max Wren\Downloads\angels in America Text1.pdf
2017-04-17 09:45 - 2017-04-18 14:46 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-17 09:45 - 2017-04-17 09:46 - 00003194 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-04-17 09:45 - 2017-04-17 09:45 - 00003040 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-04-17 09:45 - 2017-04-17 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-04-17 09:45 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-04-17 09:45 - 2016-03-22 11:02 - 00036288 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2017-04-17 09:45 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-04-17 09:43 - 2017-04-17 09:44 - 13577944 _____ (IObit ) C:\Users\Max Wren\Downloads\smart-defrag-setup.exe
2017-04-12 15:27 - 2017-04-12 15:29 - 79291931 _____ C:\Users\Max Wren\Downloads\The_Perfect_Luv_Tape-(DatPiff.com).zip
2017-04-06 19:09 - 2017-04-06 19:25 - 142129002 _____ C:\Users\Max Wren\Downloads\Lil_Uzi_Vert-Luv_Is_Rage.zip
2017-04-03 11:26 - 2017-04-03 11:27 - 135840428 _____ C:\Users\Max Wren\Downloads\Last_Flight_To_Kiss_Land-(DatPiff.com).zip
2017-04-01 19:55 - 2017-04-01 19:55 - 00068279 _____ C:\Users\Max Wren\Downloads\self reflection essay (1).pdf
2017-03-29 11:26 - 2017-03-29 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-03-29 11:23 - 2017-03-29 11:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2017-03-29 11:23 - 2017-03-29 11:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-25 19:31 - 2014-12-13 22:08 - 00000000 ____D C:\FRST
2017-04-25 19:20 - 2015-02-22 13:42 - 00000000 ____D C:\Users\Max Wren\AppData\Local\Spotify
2017-04-25 19:03 - 2015-02-22 13:42 - 00000000 ____D C:\Users\Max Wren\AppData\Roaming\Spotify
2017-04-25 19:00 - 2014-10-12 14:23 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-25 18:56 - 2009-07-13 21:45 - 00024784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-25 18:56 - 2009-07-13 21:45 - 00024784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-25 18:55 - 2017-03-23 21:40 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-25 18:50 - 2013-08-06 11:29 - 00003284 _____ C:\Windows\SysWOW64\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}
2017-04-25 18:50 - 2013-08-06 11:29 - 00003284 _____ C:\Users\Max Wren\AppData\Roaming\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}
2017-04-25 18:48 - 2017-03-23 21:40 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-25 18:48 - 2017-03-23 21:40 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-25 18:48 - 2014-07-04 10:18 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-25 18:47 - 2014-08-29 04:31 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2017-04-25 18:46 - 2011-11-23 17:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-25 18:46 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-24 16:07 - 2015-04-19 01:07 - 00000080 _____ C:\Users\Max Wren\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2017-04-24 13:35 - 2014-09-07 22:45 - 00000000 ____D C:\Users\Max Wren\AppData\Local\CrashDumps
2017-04-20 18:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2017-04-19 16:04 - 2009-07-13 22:13 - 00006736 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-19 15:52 - 2016-01-10 22:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-19 15:52 - 2016-01-10 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-19 15:52 - 2009-07-13 21:45 - 05057016 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-19 15:40 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-04-19 15:39 - 2014-12-23 16:38 - 00000000 ____D C:\Windows\system32\appraiser
2017-04-19 15:39 - 2014-05-05 21:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-04-19 15:22 - 2016-01-10 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-19 15:20 - 2009-07-13 19:34 - 00000478 _____ C:\Windows\win.ini
2017-04-19 15:18 - 2013-08-14 15:58 - 00000000 ____D C:\Windows\system32\MRT
2017-04-19 15:10 - 2010-12-27 23:40 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-18 14:39 - 2012-02-07 20:14 - 00000000 ____D C:\ProgramData\IObit
2017-04-18 14:39 - 2010-12-14 21:52 - 00000000 ____D C:\Users\Max Wren\AppData\Roaming\IObit
2017-04-17 19:42 - 2010-12-14 22:00 - 00000000 ____D C:\Users\Max Wren\Tech
2017-04-17 09:46 - 2013-12-29 16:31 - 00000000 ____D C:\Users\Max Wren\AppData\LocalLow\IObit
2017-04-17 09:45 - 2013-12-29 16:31 - 00000000 ____D C:\ProgramData\ProductData
2017-04-15 02:56 - 2017-03-23 21:40 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-14 03:18 - 2015-12-02 22:19 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-14 03:17 - 2015-12-02 22:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-13 14:24 - 2016-08-22 08:41 - 00000000 ____D C:\Users\Max Wren\AppData\Local\CyberGhost
2017-04-12 14:29 - 2016-02-01 23:08 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d8033cab699
2017-04-12 14:29 - 2016-02-01 23:08 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d15d8033789dc6
2017-04-12 00:57 - 2016-02-01 18:06 - 00003514 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA1d15d55f2225355
2017-04-12 00:57 - 2016-02-01 18:06 - 00003242 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core1d15d55f1cbcdd3
2017-04-08 20:34 - 2017-03-23 21:41 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-07 15:06 - 2010-12-13 20:25 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 02:33 - 2012-11-02 17:11 - 00000000 ____D C:\Users\Max Wren\AppData\Roaming\.minecraft
2017-03-29 11:26 - 2015-12-24 15:02 - 00000000 ____D C:\Program Files\iTunes
2017-03-29 11:23 - 2012-01-31 18:42 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
 
==================== Files in the root of some directories =======
 
2013-08-06 11:26 - 2015-10-11 13:50 - 0000258 _____ () C:\Users\Max Wren\AppData\Roaming\ANICONFIG_{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}.ini
2013-08-06 11:29 - 2017-04-25 18:50 - 0003284 _____ () C:\Users\Max Wren\AppData\Roaming\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}
2013-04-25 20:48 - 2013-04-25 20:48 - 0000096 _____ () C:\Users\Max Wren\AppData\Roaming\Camdata.ini
2013-04-25 20:48 - 2013-04-25 20:48 - 0000408 _____ () C:\Users\Max Wren\AppData\Roaming\CamLayout.ini
2013-04-25 20:48 - 2013-04-25 20:48 - 0000408 _____ () C:\Users\Max Wren\AppData\Roaming\CamShapes.ini
2013-04-25 20:48 - 2013-04-25 20:48 - 0004509 _____ () C:\Users\Max Wren\AppData\Roaming\CamStudio.cfg
2010-12-27 14:38 - 2012-09-04 16:05 - 0000199 _____ () C:\Users\Max Wren\AppData\Roaming\default.rss
2011-12-25 23:44 - 2011-12-25 23:44 - 0000000 _____ () C:\Users\Max Wren\AppData\Roaming\downloads.m3u
2014-04-18 22:08 - 2014-04-18 22:09 - 0015872 ___SH () C:\Users\Max Wren\AppData\Roaming\Thumbs.db
2014-03-05 21:19 - 2014-03-05 21:19 - 0010567 _____ () C:\Users\Max Wren\AppData\Roaming\UserTile.png
2014-10-23 17:32 - 2014-10-23 17:32 - 0000000 ____H () C:\Users\Max Wren\AppData\Local\BIT2664.tmp
2014-10-10 21:16 - 2014-10-10 21:16 - 0000000 ____H () C:\Users\Max Wren\AppData\Local\BIT40A7.tmp
2010-12-27 15:22 - 2015-02-04 21:04 - 0006144 _____ () C:\Users\Max Wren\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-24 21:10 - 2011-05-24 21:10 - 0000096 _____ () C:\Users\Max Wren\AppData\Local\fusioncache.dat
2015-11-01 18:49 - 2015-11-01 18:50 - 0000307 _____ () C:\Users\Max Wren\AppData\Local\mwb-f5a3.dat
2014-12-14 18:39 - 2014-12-14 18:39 - 0000218 _____ () C:\Users\Max Wren\AppData\Local\poetsch.bat
2011-04-12 21:30 - 2016-01-11 23:06 - 0007605 _____ () C:\Users\Max Wren\AppData\Local\resmon.resmoncfg
2014-10-10 21:16 - 2014-10-10 21:16 - 0000000 _____ () C:\Users\Max Wren\AppData\Local\{8A7B47ED-4440-4A28-99C9-7A9075288D19}
2014-10-23 17:32 - 2014-10-23 17:32 - 0000000 _____ () C:\Users\Max Wren\AppData\Local\{B2699164-49A2-4150-965F-869F3D737CB5}
2013-12-14 20:55 - 2013-12-14 20:55 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
2017-04-24 16:07 - 2017-04-24 16:07 - 57017640 _____ () C:\Users\Max Wren\AppData\Local\Temp\Social-Club-v1.1.7.8-Setup.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2015-12-20 14:50
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,496 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 27 April 2017 - 07:48 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove this program in bold via the Control Panel > Programs > Programs and Features.
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.9 - Pando Networks Inc.)

Remove this program in bold if you DID NOT installed the program. It may have been installed without your knowledge.
Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.) <==== ATTENTION

HijackThis is no longer supported and not ready for your Operating system.
I suggest your remove via the Control panel > Programs > Programs and Features.
Use the Farbar tool to report problems.
<<<>>>

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:


HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  -> No File
SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> DefaultScope {184920D7-ECF1-46bf-8E2F-3383170E70A1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-06-06] [not signed]
FF HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\server.cfg [2006-10-25] <==== ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Chrome Media Router) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-14]
CHR Extension: (Google Wallet) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-03]
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {38F118DC-F749-481D-862F-16563BADF57E} - System32\Tasks\{79A1282A-2C29-41F0-BEBA-2C78F2063397} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.59.103/en/go/help.faq.installer?LastError=1603
Task: {4464552E-7C98-472D-8792-AD3D0CAA2E17} - System32\Tasks\{2D525CC8-7A01-41BB-896A-E609DAC78322} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.100/en/go/help.faq.installer?LastError=1603
Task: {47A439F7-DA01-428E-B95F-84722C90E9E8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {72D9F205-EF10-471F-B7F6-2703B9660E6E} - System32\Tasks\{E1B5CFA7-A915-4C58-A772-7A66CC9858B5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/en/go/help.faq.installer?LastError=1603
Task: {9349D98B-0983-40BA-BB7B-D6D4E227422A} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {9419BAEC-B79E-4A28-A0D5-A1252455B2D3} - System32\Tasks\{ED9FE9FB-6B5F-4C02-BD0A-635DF0919B91} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/go/help.faq.installer?LastError=1603
Task: {A94B926E-8FDA-4BCF-A494-E20AB2EA74AC} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {C453D996-CDE8-418C-B899-9D70E869C816} - System32\Tasks\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1603
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
C:\Windows\AutoKMS.exe

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after these updates remove these old version(s) via the Control Panel > Programs > Programs and Features.
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
===

If the slow starup continues, run this SFC.exe tool.

Check the integrity of the operating system files.
How to run sfc /Scannow
http://support.microsoft.com/kb/929833

When completed refer to the Microsoft article again and follow the instructions to view details of the System File Checker process

Post the contents of the sfcdetails.txt file for my review.

Let me know if the problem persists.
<<<>>>

#3 TheRealSlimShady

TheRealSlimShady
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 28 April 2017 - 06:25 PM

Hi, I did everything you asked and the start up time on my computer does seem to be faster though I haven't turned it on enough times yet to be absolutely sure:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-04-2017
Ran by Max Wren (27-04-2017 20:50:41) Run:3
Running from C:\Users\Max Wren\Tech
Loaded Profiles: Max Wren (Available Profiles: Max Wren & Mcx1-MAXWREN-PC & HiImMax)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
 
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  -> No File
SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> DefaultScope {184920D7-ECF1-46bf-8E2F-3383170E70A1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-06-06] [not signed]
FF HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\server.cfg [2006-10-25] <==== ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Chrome Media Router) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-14]
CHR Extension: (Google Wallet) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-03]
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {38F118DC-F749-481D-862F-16563BADF57E} - System32\Tasks\{79A1282A-2C29-41F0-BEBA-2C78F2063397} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.59.103/en/go/help.faq.installer?LastError=1603
Task: {4464552E-7C98-472D-8792-AD3D0CAA2E17} - System32\Tasks\{2D525CC8-7A01-41BB-896A-E609DAC78322} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.100/en/go/help.faq.installer?LastError=1603
Task: {47A439F7-DA01-428E-B95F-84722C90E9E8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {72D9F205-EF10-471F-B7F6-2703B9660E6E} - System32\Tasks\{E1B5CFA7-A915-4C58-A772-7A66CC9858B5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/en/go/help.faq.installer?LastError=1603
Task: {9349D98B-0983-40BA-BB7B-D6D4E227422A} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {9419BAEC-B79E-4A28-A0D5-A1252455B2D3} - System32\Tasks\{ED9FE9FB-6B5F-4C02-BD0A-635DF0919B91} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/go/help.faq.installer?LastError=1603
Task: {A94B926E-8FDA-4BCF-A494-E20AB2EA74AC} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {C453D996-CDE8-418C-B899-9D70E869C816} - System32\Tasks\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1603
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
C:\Windows\AutoKMS.exe
 
Reboot:
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => key not found. 
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => moved successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value removed successfully
HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer => key removed successfully
HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0 => key removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.4 => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0 => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0 => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0 => key removed successfully
C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll => not found.
C:\Program Files (x86)\mozilla firefox\server.cfg => moved successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
HKLM\System\CurrentControlSet\Services\nosGetPlusHelper => key removed successfully
nosGetPlusHelper => service removed successfully
HKLM\System\CurrentControlSet\Services\catchme => key removed successfully
catchme => service removed successfully
HKLM\System\CurrentControlSet\Services\EagleX64 => key removed successfully
EagleX64 => service removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => key removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => key removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => key removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => key removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => key removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => key removed successfully
HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38F118DC-F749-481D-862F-16563BADF57E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38F118DC-F749-481D-862F-16563BADF57E} => key removed successfully
C:\Windows\System32\Tasks\{79A1282A-2C29-41F0-BEBA-2C78F2063397} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79A1282A-2C29-41F0-BEBA-2C78F2063397} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4464552E-7C98-472D-8792-AD3D0CAA2E17} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4464552E-7C98-472D-8792-AD3D0CAA2E17} => key removed successfully
C:\Windows\System32\Tasks\{2D525CC8-7A01-41BB-896A-E609DAC78322} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D525CC8-7A01-41BB-896A-E609DAC78322} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47A439F7-DA01-428E-B95F-84722C90E9E8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47A439F7-DA01-428E-B95F-84722C90E9E8} => key removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72D9F205-EF10-471F-B7F6-2703B9660E6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72D9F205-EF10-471F-B7F6-2703B9660E6E} => key removed successfully
C:\Windows\System32\Tasks\{E1B5CFA7-A915-4C58-A772-7A66CC9858B5} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1B5CFA7-A915-4C58-A772-7A66CC9858B5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9349D98B-0983-40BA-BB7B-D6D4E227422A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9349D98B-0983-40BA-BB7B-D6D4E227422A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9419BAEC-B79E-4A28-A0D5-A1252455B2D3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9419BAEC-B79E-4A28-A0D5-A1252455B2D3} => key removed successfully
C:\Windows\System32\Tasks\{ED9FE9FB-6B5F-4C02-BD0A-635DF0919B91} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED9FE9FB-6B5F-4C02-BD0A-635DF0919B91} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A94B926E-8FDA-4BCF-A494-E20AB2EA74AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A94B926E-8FDA-4BCF-A494-E20AB2EA74AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C453D996-CDE8-418C-B899-9D70E869C816} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C453D996-CDE8-418C-B899-9D70E869C816} => key removed successfully
C:\Windows\System32\Tasks\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector => key removed successfully
C:\Windows\SysWOW64\zlib.dll => ":DocumentSummaryInformation" ADS could not remove.
C:\Windows\SysWOW64\zlib.dll => ":SummaryInformation" ADS could not remove.
C:\Windows\SysWOW64\zlib.dll => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
"C:\Windows\AutoKMS.exe" => not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5625045 B
Java, Flash, Steam htmlcache => 522265998 B
Windows/system/drivers => 210626188 B
Edge => 0 B
Chrome => 465048110 B
Firefox => 11382914 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 8144 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 6938448 B
Max Wren => 86589358 B
Mcx1-MAXWREN-PC => 0 B
 => 0 B
HiImMax => 191714193 B
 
RecycleBin => 2258611 B
EmptyTemp: => 1.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 20:55:33 ====
 
 
 
2017-04-28 16:09:33, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:33, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:34, Info                  CSI    0000000c [SR] Verify complete
2017-04-28 16:09:35, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:35, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:36, Info                  CSI    00000010 [SR] Verify complete
2017-04-28 16:09:37, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:37, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:38, Info                  CSI    00000014 [SR] Verify complete
2017-04-28 16:09:39, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:39, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:40, Info                  CSI    00000018 [SR] Verify complete
2017-04-28 16:09:41, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:41, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:42, Info                  CSI    0000001c [SR] Verify complete
2017-04-28 16:09:43, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:43, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:44, Info                  CSI    00000020 [SR] Verify complete
2017-04-28 16:09:45, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:45, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:47, Info                  CSI    00000024 [SR] Verify complete
2017-04-28 16:09:48, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:48, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:49, Info                  CSI    00000028 [SR] Verify complete
2017-04-28 16:09:50, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:50, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:51, Info                  CSI    0000002c [SR] Verify complete
2017-04-28 16:09:52, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:52, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:53, Info                  CSI    00000030 [SR] Verify complete
2017-04-28 16:09:54, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:54, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:55, Info                  CSI    00000034 [SR] Verify complete
2017-04-28 16:09:56, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:56, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2017-04-28 16:09:57, Info                  CSI    00000038 [SR] Verify complete
2017-04-28 16:09:58, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:09:58, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:00, Info                  CSI    0000003c [SR] Verify complete
2017-04-28 16:10:01, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:01, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:02, Info                  CSI    00000040 [SR] Verify complete
2017-04-28 16:10:02, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:02, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:04, Info                  CSI    00000044 [SR] Verify complete
2017-04-28 16:10:05, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:05, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:06, Info                  CSI    00000048 [SR] Verify complete
2017-04-28 16:10:07, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:07, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:08, Info                  CSI    0000004c [SR] Verify complete
2017-04-28 16:10:09, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:09, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:10, Info                  CSI    00000050 [SR] Verify complete
2017-04-28 16:10:11, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:11, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:12, Info                  CSI    00000054 [SR] Verify complete
2017-04-28 16:10:13, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:13, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:14, Info                  CSI    00000058 [SR] Verify complete
2017-04-28 16:10:15, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:15, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:16, Info                  CSI    0000005c [SR] Verify complete
2017-04-28 16:10:17, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:17, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:20, Info                  CSI    00000060 [SR] Verify complete
2017-04-28 16:10:20, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:20, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:21, Info                  CSI    00000064 [SR] Verify complete
2017-04-28 16:10:22, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:22, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:24, Info                  CSI    00000068 [SR] Verify complete
2017-04-28 16:10:25, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:25, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:27, Info                  CSI    0000006c [SR] Verify complete
2017-04-28 16:10:28, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:28, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:29, Info                  CSI    00000070 [SR] Verify complete
2017-04-28 16:10:29, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:29, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:31, Info                  CSI    00000074 [SR] Verify complete
2017-04-28 16:10:32, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:32, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:33, Info                  CSI    00000078 [SR] Verify complete
2017-04-28 16:10:34, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:34, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:36, Info                  CSI    0000007c [SR] Verify complete
2017-04-28 16:10:36, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:36, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:38, Info                  CSI    00000080 [SR] Verify complete
2017-04-28 16:10:38, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:38, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:40, Info                  CSI    00000084 [SR] Verify complete
2017-04-28 16:10:40, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:40, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:42, Info                  CSI    00000088 [SR] Verify complete
2017-04-28 16:10:42, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:42, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:44, Info                  CSI    0000008c [SR] Verify complete
2017-04-28 16:10:44, Info                  CSI    0000008d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:44, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:48, Info                  CSI    00000090 [SR] Verify complete
2017-04-28 16:10:48, Info                  CSI    00000091 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:48, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:50, Info                  CSI    00000094 [SR] Verify complete
2017-04-28 16:10:51, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:51, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2017-04-28 16:10:53, Info                  CSI    00000098 [SR] Verify complete
2017-04-28 16:10:54, Info                  CSI    00000099 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:10:54, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:00, Info                  CSI    0000009d [SR] Verify complete
2017-04-28 16:11:01, Info                  CSI    0000009e [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:01, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:06, Info                  CSI    000000a4 [SR] Verify complete
2017-04-28 16:11:06, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:06, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:10, Info                  CSI    000000a8 [SR] Verify complete
2017-04-28 16:11:10, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:10, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:14, Info                  CSI    000000ad [SR] Verify complete
2017-04-28 16:11:14, Info                  CSI    000000ae [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:14, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:18, Info                  CSI    000000b1 [SR] Verify complete
2017-04-28 16:11:19, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:19, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:25, Info                  CSI    000000d8 [SR] Verify complete
2017-04-28 16:11:25, Info                  CSI    000000d9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:25, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:29, Info                  CSI    000000dc [SR] Verify complete
2017-04-28 16:11:30, Info                  CSI    000000dd [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:30, Info                  CSI    000000de [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:34, Info                  CSI    000000e0 [SR] Verify complete
2017-04-28 16:11:34, Info                  CSI    000000e1 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:34, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:39, Info                  CSI    000000e4 [SR] Verify complete
2017-04-28 16:11:39, Info                  CSI    000000e5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:39, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:43, Info                  CSI    000000e8 [SR] Verify complete
2017-04-28 16:11:43, Info                  CSI    000000e9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:43, Info                  CSI    000000ea [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:47, Info                  CSI    000000ec [SR] Verify complete
2017-04-28 16:11:48, Info                  CSI    000000ed [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:48, Info                  CSI    000000ee [SR] Beginning Verify and Repair transaction
2017-04-28 16:11:54, Info                  CSI    000000f2 [SR] Verify complete
2017-04-28 16:11:55, Info                  CSI    000000f3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:11:55, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:02, Info                  CSI    00000115 [SR] Verify complete
2017-04-28 16:12:02, Info                  CSI    00000116 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:02, Info                  CSI    00000117 [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:10, Info                  CSI    00000119 [SR] Verify complete
2017-04-28 16:12:10, Info                  CSI    0000011a [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:10, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:22, Info                  CSI    0000011f [SR] Verify complete
2017-04-28 16:12:23, Info                  CSI    00000120 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:23, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:25, Info                  CSI    00000123 [SR] Verify complete
2017-04-28 16:12:25, Info                  CSI    00000124 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:25, Info                  CSI    00000125 [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:27, Info                  CSI    00000127 [SR] Verify complete
2017-04-28 16:12:27, Info                  CSI    00000128 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:27, Info                  CSI    00000129 [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:29, Info                  CSI    0000012b [SR] Verify complete
2017-04-28 16:12:30, Info                  CSI    0000012c [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:30, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:37, Info                  CSI    00000140 [SR] Verify complete
2017-04-28 16:12:38, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:38, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:40, Info                  CSI    00000144 [SR] Verify complete
2017-04-28 16:12:40, Info                  CSI    00000145 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:40, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:43, Info                  CSI    00000148 [SR] Verify complete
2017-04-28 16:12:43, Info                  CSI    00000149 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:43, Info                  CSI    0000014a [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:45, Info                  CSI    0000014c [SR] Verify complete
2017-04-28 16:12:46, Info                  CSI    0000014d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:46, Info                  CSI    0000014e [SR] Beginning Verify and Repair transaction
2017-04-28 16:12:50, Info                  CSI    00000151 [SR] Verify complete
2017-04-28 16:12:51, Info                  CSI    00000152 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:12:51, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:00, Info                  CSI    00000156 [SR] Verify complete
2017-04-28 16:13:01, Info                  CSI    00000157 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:01, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:03, Info                  CSI    0000015a [SR] Verify complete
2017-04-28 16:13:04, Info                  CSI    0000015b [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:04, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:06, Info                  CSI    0000015e [SR] Verify complete
2017-04-28 16:13:06, Info                  CSI    0000015f [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:06, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:12, Info                  CSI    00000162 [SR] Verify complete
2017-04-28 16:13:13, Info                  CSI    00000163 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:13, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:18, Info                  CSI    00000166 [SR] Verify complete
2017-04-28 16:13:19, Info                  CSI    00000167 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:19, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:23, Info                  CSI    0000016a [SR] Verify complete
2017-04-28 16:13:23, Info                  CSI    0000016b [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:23, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:33, Info                  CSI    00000184 [SR] Verify complete
2017-04-28 16:13:33, Info                  CSI    00000185 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:33, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:38, Info                  CSI    00000188 [SR] Verify complete
2017-04-28 16:13:38, Info                  CSI    00000189 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:38, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:50, Info                  CSI    0000018c [SR] Verify complete
2017-04-28 16:13:50, Info                  CSI    0000018d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:50, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2017-04-28 16:13:57, Info                  CSI    00000191 [SR] Verify complete
2017-04-28 16:13:58, Info                  CSI    00000192 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:13:58, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:05, Info                  CSI    00000195 [SR] Verify complete
2017-04-28 16:14:05, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:05, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:11, Info                  CSI    00000199 [SR] Verify complete
2017-04-28 16:14:12, Info                  CSI    0000019a [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:12, Info                  CSI    0000019b [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:16, Info                  CSI    0000019d [SR] Verify complete
2017-04-28 16:14:17, Info                  CSI    0000019e [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:17, Info                  CSI    0000019f [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:19, Info                  CSI    000001a1 [SR] Verify complete
2017-04-28 16:14:20, Info                  CSI    000001a2 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:20, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:24, Info                  CSI    000001a7 [SR] Verify complete
2017-04-28 16:14:24, Info                  CSI    000001a8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:24, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:34, Info                  CSI    000001ab [SR] Verify complete
2017-04-28 16:14:35, Info                  CSI    000001ac [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:35, Info                  CSI    000001ad [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:41, Info                  CSI    000001b0 [SR] Verify complete
2017-04-28 16:14:41, Info                  CSI    000001b1 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:41, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:46, Info                  CSI    000001b4 [SR] Verify complete
2017-04-28 16:14:46, Info                  CSI    000001b5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:46, Info                  CSI    000001b6 [SR] Beginning Verify and Repair transaction
2017-04-28 16:14:51, Info                  CSI    000001b9 [SR] Verify complete
2017-04-28 16:14:52, Info                  CSI    000001ba [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:14:52, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:00, Info                  CSI    000001be [SR] Verify complete
2017-04-28 16:15:00, Info                  CSI    000001bf [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:00, Info                  CSI    000001c0 [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:05, Info                  CSI    000001c2 [SR] Verify complete
2017-04-28 16:15:06, Info                  CSI    000001c3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:06, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:10, Info                  CSI    000001c6 [SR] Verify complete
2017-04-28 16:15:10, Info                  CSI    000001c7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:10, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:15, Info                  CSI    000001ca [SR] Verify complete
2017-04-28 16:15:15, Info                  CSI    000001cb [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:15, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:19, Info                  CSI    000001cf [SR] Verify complete
2017-04-28 16:15:20, Info                  CSI    000001d0 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:20, Info                  CSI    000001d1 [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:24, Info                  CSI    000001d3 [SR] Verify complete
2017-04-28 16:15:25, Info                  CSI    000001d4 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:25, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:29, Info                  CSI    000001d8 [SR] Verify complete
2017-04-28 16:15:29, Info                  CSI    000001d9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:29, Info                  CSI    000001da [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:34, Info                  CSI    000001dd [SR] Verify complete
2017-04-28 16:15:34, Info                  CSI    000001de [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:34, Info                  CSI    000001df [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:40, Info                  CSI    000001e2 [SR] Verify complete
2017-04-28 16:15:41, Info                  CSI    000001e3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:41, Info                  CSI    000001e4 [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:45, Info                  CSI    000001e7 [SR] Verify complete
2017-04-28 16:15:45, Info                  CSI    000001e8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:45, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:52, Info                  CSI    000001ec [SR] Verify complete
2017-04-28 16:15:52, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:52, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
2017-04-28 16:15:58, Info                  CSI    000001f0 [SR] Verify complete
2017-04-28 16:15:59, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:15:59, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:00, Info                  CSI    000001f4 [SR] Verify complete
2017-04-28 16:16:01, Info                  CSI    000001f5 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:01, Info                  CSI    000001f6 [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:04, Info                  CSI    000001f8 [SR] Verify complete
2017-04-28 16:16:04, Info                  CSI    000001f9 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:04, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:08, Info                  CSI    000001fc [SR] Verify complete
2017-04-28 16:16:09, Info                  CSI    000001fd [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:09, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:13, Info                  CSI    00000200 [SR] Verify complete
2017-04-28 16:16:14, Info                  CSI    00000201 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:14, Info                  CSI    00000202 [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:18, Info                  CSI    00000204 [SR] Verify complete
2017-04-28 16:16:19, Info                  CSI    00000205 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:19, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:21, Info                  CSI    00000208 [SR] Verify complete
2017-04-28 16:16:22, Info                  CSI    00000209 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:22, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:27, Info                  CSI    0000020c [SR] Verify complete
2017-04-28 16:16:27, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:27, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:47, Info                  CSI    00000210 [SR] Verify complete
2017-04-28 16:16:48, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:48, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2017-04-28 16:16:56, Info                  CSI    00000214 [SR] Verify complete
2017-04-28 16:16:56, Info                  CSI    00000215 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:16:56, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:02, Info                  CSI    00000218 [SR] Verify complete
2017-04-28 16:17:03, Info                  CSI    00000219 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:03, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:04, Info                  CSI    0000021c [SR] Verify complete
2017-04-28 16:17:05, Info                  CSI    0000021d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:05, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:08, Info                  CSI    00000220 [SR] Verify complete
2017-04-28 16:17:09, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:09, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:12, Info                  CSI    00000224 [SR] Verify complete
2017-04-28 16:17:12, Info                  CSI    00000225 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:12, Info                  CSI    00000226 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:16, Info                  CSI    00000228 [SR] Verify complete
2017-04-28 16:17:17, Info                  CSI    00000229 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:17, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:18, Info                  CSI    0000022c [SR] Verify complete
2017-04-28 16:17:18, Info                  CSI    0000022d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:18, Info                  CSI    0000022e [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:19, Info                  CSI    00000230 [SR] Verify complete
2017-04-28 16:17:20, Info                  CSI    00000231 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:20, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:25, Info                  CSI    0000023a [SR] Verify complete
2017-04-28 16:17:25, Info                  CSI    0000023b [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:25, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:28, Info                  CSI    0000023e [SR] Verify complete
2017-04-28 16:17:29, Info                  CSI    0000023f [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:29, Info                  CSI    00000240 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:31, Info                  CSI    00000242 [SR] Verify complete
2017-04-28 16:17:32, Info                  CSI    00000243 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:32, Info                  CSI    00000244 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:35, Info                  CSI    00000246 [SR] Verify complete
2017-04-28 16:17:35, Info                  CSI    00000247 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:35, Info                  CSI    00000248 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:41, Info                  CSI    0000024b [SR] Verify complete
2017-04-28 16:17:41, Info                  CSI    0000024c [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:41, Info                  CSI    0000024d [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:47, Info                  CSI    0000024f [SR] Verify complete
2017-04-28 16:17:47, Info                  CSI    00000250 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:47, Info                  CSI    00000251 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:49, Info                  CSI    00000253 [SR] Verify complete
2017-04-28 16:17:49, Info                  CSI    00000254 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:49, Info                  CSI    00000255 [SR] Beginning Verify and Repair transaction
2017-04-28 16:17:54, Info                  CSI    00000257 [SR] Verify complete
2017-04-28 16:17:54, Info                  CSI    00000258 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:17:54, Info                  CSI    00000259 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:03, Info                  CSI    0000025e [SR] Verify complete
2017-04-28 16:18:04, Info                  CSI    0000025f [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:04, Info                  CSI    00000260 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:11, Info                  CSI    00000265 [SR] Verify complete
2017-04-28 16:18:12, Info                  CSI    00000266 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:12, Info                  CSI    00000267 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:16, Info                  CSI    0000026a [SR] Verify complete
2017-04-28 16:18:17, Info                  CSI    0000026b [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:17, Info                  CSI    0000026c [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:22, Info                  CSI    00000279 [SR] Verify complete
2017-04-28 16:18:23, Info                  CSI    0000027a [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:23, Info                  CSI    0000027b [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:28, Info                  CSI    00000281 [SR] Verify complete
2017-04-28 16:18:29, Info                  CSI    00000282 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:29, Info                  CSI    00000283 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:32, Info                  CSI    00000285 [SR] Verify complete
2017-04-28 16:18:32, Info                  CSI    00000286 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:32, Info                  CSI    00000287 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:36, Info                  CSI    0000028b [SR] Verify complete
2017-04-28 16:18:36, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:36, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:40, Info                  CSI    00000293 [SR] Verify complete
2017-04-28 16:18:41, Info                  CSI    00000294 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:41, Info                  CSI    00000295 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:46, Info                  CSI    000002b6 [SR] Verify complete
2017-04-28 16:18:47, Info                  CSI    000002b7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:47, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:50, Info                  CSI    000002ba [SR] Verify complete
2017-04-28 16:18:51, Info                  CSI    000002bb [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:51, Info                  CSI    000002bc [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:54, Info                  CSI    000002be [SR] Verify complete
2017-04-28 16:18:55, Info                  CSI    000002bf [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:55, Info                  CSI    000002c0 [SR] Beginning Verify and Repair transaction
2017-04-28 16:18:57, Info                  CSI    000002c2 [SR] Verify complete
2017-04-28 16:18:58, Info                  CSI    000002c3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:18:58, Info                  CSI    000002c4 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:02, Info                  CSI    000002d2 [SR] Verify complete
2017-04-28 16:19:02, Info                  CSI    000002d3 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:02, Info                  CSI    000002d4 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:10, Info                  CSI    000002d6 [SR] Verify complete
2017-04-28 16:19:11, Info                  CSI    000002d7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:11, Info                  CSI    000002d8 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:17, Info                  CSI    000002e6 [SR] Verify complete
2017-04-28 16:19:17, Info                  CSI    000002e7 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:17, Info                  CSI    000002e8 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:19, Info                  CSI    000002ea [SR] Verify complete
2017-04-28 16:19:20, Info                  CSI    000002eb [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:20, Info                  CSI    000002ec [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:25, Info                  CSI    000002ef [SR] Verify complete
2017-04-28 16:19:25, Info                  CSI    000002f0 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:25, Info                  CSI    000002f1 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:28, Info                  CSI    000002f3 [SR] Verify complete
2017-04-28 16:19:28, Info                  CSI    000002f4 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:28, Info                  CSI    000002f5 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:30, Info                  CSI    000002f7 [SR] Verify complete
2017-04-28 16:19:30, Info                  CSI    000002f8 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:30, Info                  CSI    000002f9 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:37, Info                  CSI    000002fb [SR] Verify complete
2017-04-28 16:19:38, Info                  CSI    000002fc [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:38, Info                  CSI    000002fd [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:41, Info                  CSI    000002ff [SR] Verify complete
2017-04-28 16:19:41, Info                  CSI    00000300 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:41, Info                  CSI    00000301 [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:49, Info                  CSI    0000031b [SR] Verify complete
2017-04-28 16:19:49, Info                  CSI    0000031c [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:49, Info                  CSI    0000031d [SR] Beginning Verify and Repair transaction
2017-04-28 16:19:53, Info                  CSI    0000031f [SR] Verify complete
2017-04-28 16:19:53, Info                  CSI    00000320 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:19:53, Info                  CSI    00000321 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:04, Info                  CSI    00000323 [SR] Verify complete
2017-04-28 16:20:04, Info                  CSI    00000324 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:04, Info                  CSI    00000325 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:07, Info                  CSI    00000327 [SR] Verify complete
2017-04-28 16:20:08, Info                  CSI    00000328 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:08, Info                  CSI    00000329 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:11, Info                  CSI    0000032c [SR] Verify complete
2017-04-28 16:20:11, Info                  CSI    0000032d [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:11, Info                  CSI    0000032e [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:13, Info                  CSI    00000331 [SR] Verify complete
2017-04-28 16:20:14, Info                  CSI    00000332 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:14, Info                  CSI    00000333 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:20, Info                  CSI    00000335 [SR] Verify complete
2017-04-28 16:20:20, Info                  CSI    00000336 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:20, Info                  CSI    00000337 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:23, Info                  CSI    00000339 [SR] Verify complete
2017-04-28 16:20:24, Info                  CSI    0000033a [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:24, Info                  CSI    0000033b [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:27, Info                  CSI    0000033e [SR] Verify complete
2017-04-28 16:20:28, Info                  CSI    0000033f [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:28, Info                  CSI    00000340 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:31, Info                  CSI    00000342 [SR] Verify complete
2017-04-28 16:20:32, Info                  CSI    00000343 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:32, Info                  CSI    00000344 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:35, Info                  CSI    00000346 [SR] Verify complete
2017-04-28 16:20:35, Info                  CSI    00000347 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:35, Info                  CSI    00000348 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:39, Info                  CSI    0000034a [SR] Verify complete
2017-04-28 16:20:39, Info                  CSI    0000034b [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:39, Info                  CSI    0000034c [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:44, Info                  CSI    0000034f [SR] Verify complete
2017-04-28 16:20:45, Info                  CSI    00000350 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:45, Info                  CSI    00000351 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:47, Info                  CSI    00000353 [SR] Verify complete
2017-04-28 16:20:47, Info                  CSI    00000354 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:47, Info                  CSI    00000355 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:53, Info                  CSI    00000357 [SR] Verify complete
2017-04-28 16:20:53, Info                  CSI    00000358 [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:53, Info                  CSI    00000359 [SR] Beginning Verify and Repair transaction
2017-04-28 16:20:57, Info                  CSI    0000035b [SR] Verify complete
2017-04-28 16:20:58, Info                  CSI    0000035c [SR] Verifying 100 (0x0000000000000064) components
2017-04-28 16:20:58, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
2017-04-28 16:21:02, Info                  CSI    0000035f [SR] Verify complete
2017-04-28 16:21:02, Info                  CSI    00000360 [SR] Verifying 37 (0x0000000000000025) components
2017-04-28 16:21:02, Info                  CSI    00000361 [SR] Beginning Verify and Repair transaction
2017-04-28 16:21:03, Info                  CSI    00000363 [SR] Verify complete
2017-04-28 16:21:03, Info                  CSI    00000364 [SR] Repairing 0 components
2017-04-28 16:21:03, Info                  CSI    00000365 [SR] Beginning Verify and Repair transaction
2017-04-28 16:21:03, Info                  CSI    00000367 [SR] Repair complete
 


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,496 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 29 April 2017 - 06:36 AM

Check for latest version of 3rd party drivers.

Navigate to this page.
http://learn.flexerasoftware.com/SVM-EVAL-Personal-Software-Inspector

Download and run the Flexera Software Personal Software Inspector.

Update all that will be identified.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,496 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 05 May 2017 - 08:49 AM

Are you still with me?

#6 TheRealSlimShady

TheRealSlimShady
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 05 May 2017 - 06:36 PM

Hi, sorry for the late response, I've been out of town the past few days. Anyway, I did everything you've asked, unfortunately though my computer start time is still leaving much to be desired. I haven't noticed any improvement in the start up time.



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,496 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 06 May 2017 - 08:08 AM

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zoek tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
createsrpoint;
autoclean;
emptyclsid;
emptyffcache;
FFdefaults;
emptyiecache;
iedefaults;
emptychrcache;
CHRdefaults;
emptyalltemp;
emptyfolderscheck;delete
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.
===

Also, please provide an update on how the computer is behaving after running the above script.

#8 TheRealSlimShady

TheRealSlimShady
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 09 May 2017 - 06:11 PM

Hi, I ran the script as requested. I just ran the script so it's hard to say whether my computer start up time has improved but I will let you know within the next couple of days. Thank you so much for all of your help by the way, I truly do appreciate it. Here is the log:

 

 
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Max Wren on Tue 05/09/2017 at 15:31:39.15.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Max Wren\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
5/9/2017 3:34:45 PM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\Autodesk deleted successfully
C:\PROGRA~2\AVS4YOU deleted successfully
C:\PROGRA~2\LogMeIn Hamachi deleted successfully
C:\PROGRA~2\Malwarebytes Anti-Malware deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\MeteorEntertainment deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\WinRAR deleted successfully
C:\PROGRA~2\ZD Soft deleted successfully
C:\PROGRA~2\COMMON~1\Stardock deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\ReviverSoft deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Max Wren\AppData\Roaming\Auslogics deleted successfully
C:\Users\Max Wren\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Max Wren\AppData\Roaming\Opera deleted successfully
C:\Users\Max Wren\AppData\Roaming\Windows Live Writer deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Roaming\Xfire deleted successfully
C:\Users\Max Wren\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Max Wren\AppData\Local\EmieSiteList deleted successfully
C:\Users\Max Wren\AppData\Local\EmieUserList deleted successfully
C:\Users\Max Wren\AppData\Local\Opera deleted successfully
C:\Users\Max Wren\AppData\Local\Skype deleted successfully
C:\Users\Max Wren\AppData\Local\Solid State Networks deleted successfully
C:\Users\Max Wren\AppData\Local\WMTools Downloaded Files deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== FireFox Fix ======================
 
Deleted from C:\Users\MAXWRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\mkqj4hq3.default-1493352591547\prefs.js:
 
Added to C:\Users\MAXWRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\mkqj4hq3.default-1493352591547\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
Deleted from C:\Users\MAXWRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wRzGyHK7.default\prefs.js:
 
Added to C:\Users\MAXWRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wRzGyHK7.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\Autodesk not found
C:\PROGRA~2\AVS4YOU not found
C:\PROGRA~2\LogMeIn Hamachi not found
C:\PROGRA~2\MeteorEntertainment not found
C:\PROGRA~2\WinRAR not found
C:\PROGRA~2\ZD Soft not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Users\Max Wren\AppData\Roaming\.technic deleted
C:\Users\Max Wren\AppData\Roaming\discord deleted
C:\Users\Max Wren\.android deleted
C:\PFStaticIP Setter.exe deleted
C:\PFStaticIP.exe deleted
C:\found.000 deleted
C:\Users\Max Wren\AppData\Roaming\ANICONFIG_{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}.ini deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\{1983A45A-60BF-4D72-937F-E9C44B18E38E} deleted
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Max Wren\AppData\Local\BIT2664.tmp deleted
C:\Users\Max Wren\AppData\Local\BIT40A7.tmp deleted
C:\Users\Max Wren\AppData\Local\poetsch.bat deleted
C:\Users\Max Wren\AppData\Local\Unity deleted
C:\Users\Max Wren\AppData\LocalLow\Unity deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\REN69AB.tmp deleted
C:\Users\MAXWRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wRzGyHK7.default\extensions\abs@avira.com deleted
"C:\Users\Max Wren\AppData\Local\{8A7B47ED-4440-4A28-99C9-7A9075288D19}" deleted
"C:\Users\Max Wren\AppData\Local\{B2699164-49A2-4150-965F-869F3D737CB5}" deleted
"C:\Users\Max Wren\AppData\Roaming\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}" deleted
"C:\Users\Max Wren\AppData\Roaming\enchant\en_US.dic" deleted
"C:\Users\Max Wren\AppData\Roaming\enchant\en_US.exc" deleted
"C:\Users\Max Wren\AppData\Roaming\enchant" deleted
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\MAXWRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\mkqj4hq3.default-1493352591547
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
ProfilePath: C:\Users\MAXWRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\wRzGyHK7.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [10/20/2012 04:42 PM]
 
==== Firefox Extensions ======================
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\mkqj4hq3.default-1493352591547
2D45A8274592D965EDFB62ACCB1150B1 - C:\Users\Max Wren\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll - Google Update
20FF20FBC1F20ADEC0AD6AF98ABE9545 - C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
57D28190C994AD5E9B1007FB2259393A - C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
 
 
==== Chromium Look ======================
 
Google Chrome Version: 46.0.2490.86
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12/12/2011 06:13 AM]
 
Angry Birds - HiImMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
WOT - HiImMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
Bookmark Manager - HiImMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Chrome Hotword Shared Module - HiImMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Custom Deadmau5 Theme HD -DjZGFX - HiImMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmhidieinpomaopkbcpkgchbhihhpfd
Super Netflix - Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aioencjhbaolepcoappllicjebblphoc
Angry Birds - Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Web of Trust - Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
Deadmau5 Green Edition - Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphfjhmkmdjocaaopmgpeikabebejihc
Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
 
==== Chromium Startpages ======================
 
C:\Users\HiImMax\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "https://www.google.com/" ]
 
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
 
==== Reset Google Chrome ======================
 
C:\Users\HiImMax\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HiImMax\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HiImMax\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\HiImMax\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
 
==== Deleting Registry Keys ======================
 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Application Restart #0 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Max Wren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
C:\Users\Max Wren\AppData\Local\Mozilla\Firefox\Profiles\mkqj4hq3.default-1493352591547\cache2 emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\HiImMax\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=5523 folders=905 1822336372 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\HiImMax\AppData\Local\temp emptied successfully
C:\Users\Max Wren\AppData\Local\Temp will be emptied at reboot
C:\Users\Mcx1-MAXWREN-PC\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\MAXWRE~1\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== EOF on Tue 05/09/2017 at 16:03:28.35 ======================


#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,496 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 15 May 2017 - 10:04 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===

#10 TheRealSlimShady

TheRealSlimShady
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:12 AM

Posted 17 May 2017 - 06:17 PM

Hi, the start up time on my computer definitely has improved and while it is still slower than I would like, at this point I don't think there is anything that can be done besides me getting a SSD and transferring Windows to that. Thank you so much for all of your help, I appreciate it a ton!



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,496 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:12 AM

Posted 18 May 2017 - 07:22 AM


This may be caused by a 3rd party Driver. Check them out.

Navigate to this page.
http://learn.flexerasoftware.com/SVM-EVAL-Personal-Software-Inspector

Download and run the Flexera Software Personal Software Inspector.

Update all the 3rd party divers that are old.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users