Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Icons and Treeview not displaying: similar to previous user's symptoms


  • This topic is locked This topic is locked
5 replies to this topic

#1 MuPositive

MuPositive

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:14 AM

Posted 29 June 2017 - 06:33 PM

Hi, I am having trouble similar to the user who posted this topic:

 

https://www.bleepingcomputer.com/forums/t/563883/windows-explorer-not-showing-thumbnails/

 

Image/file thumbnails are not showing up in windows explorer, and the tree-view in the left pane has also mostly disappeared (the only remaining line is "libraries"). Green bar at the top of explorer never finishes loading. Low CPU usage, adequate disk space, all exactly as in the case of the person linked above. I have tried all normal fixes, such as trying to enable thumbnails at local and system level. The poster above was redirected to this forum: 

 

https://www.bleepingcomputer.com/forums/t/563877/keep-getting-a-script-error-pop-up/

 

complaining of a script error. I am not getting this error. But I thought I would post my FRST log here and see if anyone can get a sense of what might be wrong. I have run malwarebytes and hitman pro, and Bitdefender has been running at all times before and after the issue started occurring.

 

Two final points:

1.) when I first log in after rebooting the computer, icons display fine, and the tree view is visible in full. But very shortly afterwards it will resume the behavior I've described.

2.) I had failed to install windows updates for over a year until recently. I believe the problem started after I installed all those updates. But not fully sure.

 

This is windows 7, 64 bit on an ASUS laptop. I do not have the option of reformatting the OS since I did not get a windows CD with the laptop.

 

This may need to be moved to a different forum, I am posting here because the other user's symptoms are the only case report I could find that is similar to mine.

 

FRST and ADDITION logs follow. I downloaded FRST64, moved it to the desktop, and ran it with default options while in normal mode (not safe mode).

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by mu (administrator) on MUON (29-06-2017 18:58:51)
Running from C:\Users\mu\Desktop
Loaded Profiles: mu &  (Available Profiles: mu & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUS) C:\Program Files (x86)\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\nhsrvice.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUS) C:\Program Files (x86)\ATK Package\ATK Hotkey\ATKOSD.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ATK Package\ATK Hotkey\WDC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(SoftPerfect) C:\Program Files\NetWorx\networx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ATK Package\ATK Hotkey\HControlUser.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Elias Fotinis) C:\Program Files (x86)\OverDisk\OverDisk.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-17] (Alcor Micro Corp.)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [7161024 2015-10-30] (SoftPerfect)
HKLM\...\Run: [ASUSQuickGesture(x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [GwxControlPanelMonitor] => C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [4596296 2016-04-02] (UltimateOutsider)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1034752 2016-05-03] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: c:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\Run: [Google Update] => C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\Run: [ReadCube] => C:\Users\mu\AppData\Local\com.readcube.Desktop\application\ReadCube.exe [150800 2013-11-17] ()
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\MountPoints2: {70688bbd-3cf7-11e5-a81e-685d4382b48b} - H:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\MountPoints2: {7143bb54-d164-11e4-a7b1-685d4382b48b} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ReadCube] => C:\Users\mu\AppData\Local\com.readcube.Desktop\application\ReadCube.exe [150800 2013-11-17] ()
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {70688bbd-3cf7-11e5-a81e-685d4382b48b} - H:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7143bb54-d164-11e4-a7b1-685d4382b48b} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2484516791-2231546880-3200291594-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
GroupPolicy\User: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2486B496-B86D-477B-A5E2-804B8A2EDFDE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{599DBD71-2CB3-4B63-B7F7-50244CADA872}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{599DBD71-2CB3-4B63-B7F7-50244CADA872}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-16] (Oracle Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-16] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
 
FireFox:
========
FF DefaultProfile: hf91gg1h.default
FF ProfilePath: C:\Users\mu\AppData\Roaming\Zotero\Zotero\Profiles\hf91gg1h.default [2015-02-18]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2015-02-17] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2015-02-17] [not signed]
FF ProfilePath: C:\Users\mu\AppData\Roaming\Mozilla\Firefox\Profiles\bkhrh6pm.default [2017-06-29]
FF Extension: (Video DownloadHelper) - C:\Users\mu\AppData\Roaming\Mozilla\Firefox\Profiles\bkhrh6pm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-12]
FF Extension: (Adblock Plus) - C:\Users\mu\AppData\Roaming\Mozilla\Firefox\Profiles\bkhrh6pm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-17] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-17] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-02-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\mu\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000: @talk.google.com/O1DPlugin -> C:\Users\mu\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000: @tools.google.com/Google Update;version=3 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000: @tools.google.com/Google Update;version=9 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\mu\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\mu\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2017-02-23] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\mu\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\mu\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 
Chrome: 
=======
CHR DefaultProfile: Profile 7
CHR DefaultSearchURL: Profile 7 -> hxxps://mail.google.com/mail/u/0/#inbox
CHR Profile: C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default [2017-04-13]
CHR Extension: (Google Docs) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-03]
CHR Extension: (YouTube) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-03]
CHR Extension: (Adblock Plus) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-11]
CHR Extension: (Google Search) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-05]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-12-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-04-05]
CHR Extension: (feedly) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-09-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-09]
CHR Extension: (Gmail) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Profile: C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-04-13]
CHR Extension: (Google Slides) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-07]
CHR Extension: (Google Docs) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-07]
CHR Extension: (YouTube) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07]
CHR Extension: (Google Search) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-04-07]
CHR Extension: (Google Sheets) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-07]
CHR Extension: (Chrome Remote Desktop) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-04-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-07]
CHR Extension: (Google Wallet) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-07]
CHR Extension: (Gmail) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR Profile: C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6 [2017-04-13]
CHR Extension: (Google Slides) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-29]
CHR Extension: (Google Docs) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-29]
CHR Extension: (Google Drive) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-29]
CHR Extension: (YouTube) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-29]
CHR Extension: (Google Search) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-29]
CHR Extension: (Google Sheets) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-29]
CHR Extension: (Bookmark Manager) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-29]
CHR Extension: (Google Wallet) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-29]
CHR Extension: (Gmail) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-29]
CHR Profile: C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7 [2017-06-29]
CHR Extension: (Google Docs) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-29]
CHR Extension: (Google Drive) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-05-12]
CHR Extension: (Google Search) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Google Docs Offline) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Google Scholar Button) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Gmail) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR Profile: C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-13]
CHR Extension: (Google Slides) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-29]
CHR Extension: (Google Docs) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-29]
CHR Extension: (Google Drive) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-29]
CHR Extension: (YouTube) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-29]
CHR Extension: (Google Search) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-29]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-04-29]
CHR Extension: (Google Sheets) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-29]
CHR Extension: (Bookmark Manager) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-29]
CHR Extension: (Google Wallet) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-29]
CHR Extension: (Gmail) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-29]
CHR HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASLDRService; C:\Program Files (x86)\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512 2011-11-21] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files (x86)\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1648840 2016-08-05] (Foxit Software Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-05-19] (Bitdefender)
R2 HASP Loader; C:\Windows\SysWOW64\nhsrvice.exe [249856 2008-04-25] (Aladdin Knowledge Systems Ltd.) [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-03] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671000 2014-11-04] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-01] (SafeNet Inc.)
R2 ASMMAP64; C:\Program Files (x86)\ATK Package\ATKGFNEX\ASMMAP64.sys [15416 2009-07-02] (ASUS)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2016-02-07] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-25] (Disc Soft Ltd)
R3 GMLXD16Fltr; C:\Windows\System32\drivers\GMLXDFltr01.sys [19488 2016-05-27] (LXD Development, Inc.)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2014-01-15] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-06-29] (Malwarebytes)
R1 networx; C:\Windows\System32\drivers\networx.sys [70120 2015-10-02] (NetFilterSDK.com)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [314808 2017-01-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-29 18:58 - 2017-06-29 18:59 - 00039309 _____ C:\Users\mu\Desktop\FRST.txt
2017-06-29 18:57 - 2017-06-29 18:58 - 00000000 ____D C:\FRST
2017-06-29 18:57 - 2017-06-29 18:57 - 02440704 _____ (Farbar) C:\Users\mu\Desktop\FRST64.exe
2017-06-29 18:56 - 2017-06-29 18:56 - 01779712 _____ (Farbar) C:\Users\mu\Downloads\FRST.exe
2017-06-29 18:30 - 2017-06-29 18:30 - 00000440 __RSH C:\Users\mu\ntuser.pol
2017-06-29 18:20 - 2017-06-29 18:20 - 06761417 _____ C:\Users\mu\Desktop\brainsci-07-00058.pdf
2017-06-29 16:24 - 2017-06-29 16:24 - 13749588 _____ C:\Users\mu\Downloads\VID_20170609_233425.mp4
2017-06-27 12:48 - 2017-06-27 12:48 - 00000000 ____D C:\Users\mu\Desktop\Spider 1 _ Its body is less than 1_2 inch. _ Karam Jbara _ Flickr_files
2017-06-21 19:01 - 2017-06-29 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-21 17:27 - 2017-06-21 17:27 - 00075776 _____ C:\Users\mu\Downloads\{4C17F101-85C3-47DC-9EE4-41499BE47FD8}.pdf
2017-06-21 17:24 - 2017-06-21 17:24 - 00686295 _____ C:\Users\mu\Downloads\Student Loan Debt Burden Forbearance.pdf
2017-06-21 17:24 - 2017-06-21 17:24 - 00686295 _____ C:\Users\mu\Downloads\Student Loan Debt Burden Forbearance (1).pdf
2017-06-21 17:19 - 2017-06-21 17:19 - 00009841 _____ C:\Users\mu\Downloads\PATXJFS PARP30E 17171013652796790.pdf
2017-06-21 10:39 - 2017-06-21 10:39 - 00165591 _____ C:\Users\mu\Desktop\StudentLoans.pdf
2017-06-20 22:06 - 2017-06-20 22:08 - 00014956 _____ C:\Users\mu\Desktop\WeddingTransactions.xlsx
2017-06-20 20:11 - 2017-06-20 22:05 - 00005356 _____ C:\Users\mu\Downloads\transactions.csv
2017-06-20 09:54 - 2017-06-20 09:54 - 00196999 _____ C:\Users\mu\Downloads\reegdor comments on Russia 'actively involved' in French election, warns US Senate intelligence chief.pdf
2017-06-19 23:11 - 2017-06-19 23:11 - 08724531 _____ C:\Users\mu\Downloads\Erickson_thesis approval form 1 (1).pdf
2017-06-17 14:34 - 2017-06-17 14:34 - 00146937 _____ C:\Users\mu\Downloads\ImmenseBreakableAnemone-mobile.mp4
2017-06-08 20:18 - 2017-06-08 20:18 - 09617565 _____ C:\Users\mu\Downloads\KbedrL4.mp4
2017-06-07 14:12 - 2017-06-07 14:12 - 08318741 _____ C:\Users\mu\Downloads\f8eGwOV.mp4
2017-06-07 14:12 - 2017-06-07 14:12 - 00426167 _____ C:\Users\mu\Downloads\CA6SpfX.mp4
2017-06-06 23:50 - 2017-06-06 23:50 - 00813277 _____ C:\Users\mu\Downloads\GentleImpeccableAxolotl-mobile.mp4
2017-06-06 00:06 - 2017-06-06 00:06 - 00002976 _____ C:\Users\mu\AppData\Local\recently-used.xbel
2017-06-05 21:34 - 2017-06-05 21:34 - 01104368 _____ C:\Users\mu\Downloads\OHBNOvZ.mp4
2017-06-05 21:33 - 2017-06-05 21:33 - 00638905 _____ C:\Users\mu\Downloads\4w9JYfi.mp4
2017-06-05 18:56 - 2017-06-05 18:56 - 02068766 _____ C:\Users\mu\Downloads\BeautifulIllfatedAlaskajingle-mobile.mp4
2017-06-04 19:15 - 2017-06-04 19:15 - 10739373 _____ C:\Users\mu\Downloads\HcIfDBc.mp4
2017-06-04 14:19 - 2017-06-04 14:19 - 04310485 _____ C:\Users\mu\Downloads\OZZ8aRfciP2XxHtSUCAr5IR12oHR1m_EMD7kHh16WTA.mp4
2017-06-04 14:19 - 2017-06-04 14:19 - 00417679 _____ C:\Users\mu\Downloads\xAGcFIXxOzGt6SrwYL8knpy6dY0a-dr3eFNYk_EB_9M.mp4
2017-06-03 02:16 - 2017-06-03 02:16 - 00331155 _____ C:\Users\mu\Downloads\The Old Philippines_ Sangley Filipina.pdf
2017-06-01 15:51 - 2017-06-01 15:51 - 00078736 _____ C:\Users\mu\Downloads\Job Talk_2017 (1).pptx
2017-06-01 15:16 - 2017-06-01 15:16 - 00010240 _____ C:\Users\mu\Downloads\ExtractVals.tar
2017-06-01 14:50 - 2017-06-01 14:50 - 00002402 _____ C:\Users\mu\Downloads\fMRI_CheckSPMResults.m
2017-06-01 13:56 - 2017-06-01 13:56 - 00196910 _____ C:\Users\mu\Downloads\Completion_Form.pdf
2017-06-01 13:56 - 2017-06-01 13:56 - 00083690 _____ C:\Users\mu\Downloads\Thesis_Approval_Form.pdf
2017-06-01 12:27 - 2017-06-01 12:27 - 01222574 _____ C:\Users\mu\Downloads\Thesis_Manual_2016-17.pdf
2017-06-01 12:08 - 2017-06-01 12:08 - 00189152 _____ C:\Users\mu\Downloads\haney-caron-cv.pdf
2017-05-31 11:08 - 2017-06-29 17:39 - 00499258 _____ C:\Users\mu\Downloads\HbacY7Pb5tos8LutIHCPGdomFt-2XWw6PE8p_1B5gSQ.mp4
2017-05-30 13:47 - 2017-05-30 13:47 - 00886985 _____ C:\Users\mu\Downloads\HQ90a5x.mp4
2017-05-30 13:45 - 2017-05-30 13:45 - 01316561 _____ C:\Users\mu\Downloads\wRyfLInYPS-8PqdAJWR0jDQDnavHP9bTwqh7BvJVZTg.mp4
2017-05-30 11:11 - 2017-05-30 11:11 - 00452843 _____ C:\Users\mu\Downloads\93qapMA.mp4
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-29 18:56 - 2015-01-27 03:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-29 18:48 - 2009-07-14 00:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-29 18:48 - 2009-07-14 00:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-29 18:46 - 2009-07-14 01:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-29 18:46 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2017-06-29 18:44 - 2015-09-09 20:46 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-29 18:42 - 2016-04-27 09:48 - 00000000 ___RD C:\Users\mu\Google Drive
2017-06-29 18:42 - 2014-02-12 17:39 - 00000540 _____ C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job
2017-06-29 18:40 - 2014-11-03 14:42 - 00000012 _____ C:\Windows\SysWOW64\haspaddr.dat
2017-06-29 18:40 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-29 18:37 - 2015-01-26 23:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-29 18:30 - 2014-01-18 17:31 - 00000000 ____D C:\Users\mu
2017-06-29 18:29 - 2009-07-13 23:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-06-29 18:23 - 2016-09-23 15:53 - 00000000 ____D C:\ProgramData\Foxit Software
2017-06-29 18:23 - 2014-01-18 19:43 - 00000000 ____D C:\Users\mu\AppData\Roaming\vlc
2017-06-29 17:39 - 2017-05-26 13:32 - 00007366 _____ C:\Users\mu\Downloads\EBJImC1.gifv
2017-06-29 17:39 - 2017-05-22 10:53 - 04115206 _____ C:\Users\mu\Downloads\igesU8qMfBHQKZ73qC_pwHH0rGXhJKEjm8ZYcVczvzg.mp4
2017-06-29 17:39 - 2017-04-21 14:34 - 10374868 _____ C:\Users\mu\Downloads\3isyW1K.mp4
2017-06-29 17:39 - 2017-04-05 17:23 - 02087078 _____ C:\Users\mu\Downloads\esC9wq4.mp4
2017-06-29 17:39 - 2017-03-03 16:18 - 07199095 _____ C:\Users\mu\Downloads\sFSXgO7.mp4
2017-06-29 17:39 - 2017-02-16 09:22 - 09115680 _____ C:\Users\mu\Downloads\xn_o7tOYaBFTW2y2aVLrBbEnQj1vSDciaBocm7IATOw.mp4
2017-06-29 17:39 - 2017-01-02 11:49 - 02419409 _____ C:\Users\mu\Downloads\V6zyEUD.mp4
2017-06-29 17:39 - 2015-05-14 13:53 - 09273021 _____ C:\Users\mu\Downloads\urZG025.webm
2017-06-29 17:39 - 2015-05-13 22:12 - 01095465 _____ C:\Users\mu\Downloads\baJD1Mb.webm
2017-06-29 12:19 - 2016-12-19 17:49 - 00000000 ____D C:\Users\mu\AppData\LocalLow\Mozilla
2017-06-29 09:35 - 2015-04-28 20:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-27 15:11 - 2014-01-18 14:38 - 00002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-21 17:12 - 2016-09-23 15:54 - 00000000 ____D C:\Users\mu\AppData\Roaming\Foxit Software
2017-06-10 20:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-06 00:06 - 2015-01-05 22:32 - 00000000 ____D C:\Users\mu\.gimp-2.8
2017-06-04 10:51 - 2015-05-10 15:55 - 00000000 ____D C:\Users\mu\dwhelper
2017-06-01 14:51 - 2014-01-27 22:43 - 00000000 ____D C:\Users\mu\AppData\Roaming\gedit
2017-06-01 14:51 - 2014-01-27 22:43 - 00000000 ____D C:\Users\mu\.gconfd
2017-06-01 14:50 - 2014-01-27 22:43 - 00000000 ____D C:\Users\mu\.gconf
 
==================== Files in the root of some directories =======
 
2016-06-21 17:18 - 2016-06-21 17:18 - 0003584 _____ () C:\Users\mu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-06 00:06 - 2017-06-06 00:06 - 0002976 _____ () C:\Users\mu\AppData\Local\recently-used.xbel
2014-12-03 02:10 - 2017-05-22 18:47 - 0007636 _____ () C:\Users\mu\AppData\Local\Resmon.ResmonCfg
2015-04-27 21:42 - 2015-04-27 21:42 - 0201877 _____ () C:\ProgramData\1430181435.bdinstall.bin
2017-05-22 17:35 - 2017-05-22 17:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
2017-04-24 23:46 - 2017-06-29 18:42 - 0320272 _____ (Labtiva Inc.) C:\Users\mu\AppData\Local\Temp\ReadCubeTray64.exe
2017-05-03 00:04 - 2017-05-03 00:04 - 14456872 _____ (Microsoft Corporation) C:\Users\mu\AppData\Local\Temp\vc_redist.x86.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-05-13 09:36
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
 
Ran by mu (29-06-2017 19:00:08)
 
Running from C:\Users\mu\Desktop
 
Windows 7 Professional Service Pack 1 (X64) (2014-01-18 21:31:30)
 
Boot Mode: Normal
 
==========================================================
 
 
 
 
 
==================== Accounts: =============================
 
 
 
Administrator (S-1-5-21-2484516791-2231546880-3200291594-500 - Administrator - Disabled)
 
Guest (S-1-5-21-2484516791-2231546880-3200291594-501 - Limited - Disabled) => C:\Users\Guest
 
mu (S-1-5-21-2484516791-2231546880-3200291594-1000 - Administrator - Enabled) => C:\Users\mu
 
 
 
==================== Security Center ========================
 
 
 
(If an entry is included in the fixlist, it will be removed.)
 
 
 
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
 
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
 
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
 
 
==================== Installed Programs ======================
 
 
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 
 
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
 
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
 
Alcor Micro USB Card Reader (HKLM-x32\...\{7CFE1371-8710-4846-9772-1F9A09F8EF2F}) (Version: 1.2.0142.68441 - Alcor Micro Corp.) Hidden
 
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0142.68441 - Alcor Micro Corp.)
 
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
 
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
 
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
 
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
 
BrainVision Analyzer 2.0.4 (HKLM-x32\...\{E4AF7F35-2DC1-422A-9638-0842D99F58AA}) (Version: 2.0.4 - Brain Products GmbH)
 
calibre (HKLM-x32\...\{75EA944A-4C53-4A0A-8B3B-E195EDAA626C}) (Version: 2.12.0 - Kovid Goyal)
 
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
 
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.04018 - Cisco Systems, Inc.)
 
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{4FB7B4ED-3BB9-4722-B3BC-46AB45173F0E}) (Version: 4.2.04018 - Cisco Systems, Inc.) Hidden
 
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
 
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
 
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
 
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.2.805 - Foxit Software Inc.)
 
gedit 2.30.1 (HKLM-x32\...\gedit_is1) (Version: 2.30.1 - GNOME)
 
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
 
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
 
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
 
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
 
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
 
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
 
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
 
HASP License Manager (HKLM-x32\...\HASP License Manager) (Version:  - )
 
HFSExplorer 0.23 (HKLM-x32\...\HFSExplorer) (Version: 0.23 - Catacombae Software)
 
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
 
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
 
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
 
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
 
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
 
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
 
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
 
K-Lite Codec Pack 11.5.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
 
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
 
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
 
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
 
MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
 
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
 
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
 
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
 
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
 
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
 
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
 
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
 
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
 
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
 
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
 
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
 
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
 
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
 
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
 
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
 
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
 
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
 
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
 
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 
Mozilla Firefox 54.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 en-US)) (Version: 54.0 - Mozilla)
 
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla)
 
MusicBee 2.2 (HKLM-x32\...\MusicBee) (Version: 2.2 - Steven Mayall)
 
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
 
NetWorx 5.4.2 (HKLM\...\NetWorx_is1) (Version:  - Softperfect)
 
NVIDIA 3D Vision Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
 
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
 
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
 
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
 
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
 
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
 
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
 
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
 
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
 
OverDisk (remove only) (HKLM-x32\...\OverDisk) (Version:  - )
 
qBittorrent 3.1.5 (HKLM-x32\...\qbittorrent) (Version: 3.1.5 - The qBittorrent project)
 
Qiqqa (HKLM-x32\...\{99AF0582-482B-4E5E-BB11-675354BF5E77}_is1) (Version: 73 - Quantisle Ltd.)
 
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
 
R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team)
 
ReadCube (HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\ReadCube) (Version:  - Labtiva, Inc.)
 
ReadCube (HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ReadCube) (Version:  - Labtiva, Inc.)
 
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
 
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1025 - RStudio)
 
Sentinel Runtime (HKLM-x32\...\{2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5}) (Version: 6.60.1.36770 - SafeNet Inc.)
 
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
 
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
 
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
 
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
 
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
 
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.88 - NCH Software)
 
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.22.0 - 2BrightSparks)
 
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
 
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
 
Update for Skype for Business 2015 (KB3191873) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{15311040-9F9F-47CD-A027-4C26F3C55C82}) (Version:  - Microsoft)
 
Update for Skype for Business 2015 (KB3191876) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0FE3-809E-4D71-B5F6-3EFDAA93C2E6}) (Version:  - Microsoft)
 
Update for Skype for Business 2015 (KB3191876) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0C5B0FE3-809E-4D71-B5F6-3EFDAA93C2E6}) (Version:  - Microsoft)
 
Update for Skype for Business 2015 (KB3191876) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0FE3-809E-4D71-B5F6-3EFDAA93C2E6}) (Version:  - Microsoft)
 
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
 
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
 
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
 
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
 
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.10w2 - Wacom Technology Corp.)
 
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
 
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
 
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
 
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_EN_is1) (Version: 17.0.1.12 - ZONER software)
 
Zotero Standalone 4.0.26 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.26 (x86 en-US)) (Version: 4.0.26 - Zotero)
 
 
 
==================== Custom CLSID (Whitelisted): ==========================
 
 
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ChromeHTML: ->  <==== ATTENTION
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\ChromeHTML: ->  <==== ATTENTION
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
 
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
 
Task: {15B61755-3ED5-4298-B7BF-32A40726EB6B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
 
Task: {2BDC43FC-0C02-48B9-AE44-49627D4307B7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {4617F579-5FF8-4B2C-877E-DEBE53B920E0} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
 
Task: {4A42B77C-85EF-4518-8C1B-1E1C9407FC27} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor)
 
Task: {4B5F4445-A9C4-472C-AEFE-329D75583A40} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
 
Task: {4DCA14A0-C14F-44D4-BF14-DED02CE586FA} - System32\Tasks\{40B1D2A2-EEF5-4058-9429-9061BFC81F97} => pcalua.exe -a F:\setup.exe -d F:\
 
Task: {55ADA0B5-44FD-4304-B537-AF03D66FFA32} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor)
 
Task: {58783184-445E-4FDE-81D3-C2457A9E3FAF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {70C48636-191C-439A-AF3C-29365611D568} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {7A5D20B9-E8EB-41B7-AEB5-83EAADA83BB8} - System32\Tasks\MATLAB R2013a Startup Accelerator => C:\Program Files\MATLAB\R2013a\bin\win64\MATLABStartupAccelerator.exe [2013-01-16] ()
 
Task: {825885A0-3FD4-435F-BD1D-AAC6D971D462} - System32\Tasks\{805363E9-B791-4535-A452-D0BA8BE3CB6E} => pcalua.exe -a C:\Users\mu\Downloads\irfanview_plugins_438_setup.exe -d C:\Users\mu\Downloads
 
Task: {84B997B3-53E1-4B1A-A676-68B98E7915E7} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {85017FFD-DC73-4F34-84A7-61DDE611EE4A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d1e940b1dbeff3 => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
 
Task: {8E2EC059-5F5A-4BDC-B358-434B070ED54D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
 
Task: {9A5D869C-3EED-428D-844A-CB5EDC1A1308} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
 
Task: {9AC7AC45-8967-424E-8898-D28235921550} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
 
Task: {9B6034DE-EAC0-41E2-9C02-25CEDCCD08C4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {A09C8AEB-D1EB-4296-ACAD-5A399752309E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
 
Task: {A38FFC76-6DC7-4D6C-8D77-27668DECCDF7} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor)
 
Task: {B47F85B0-3AB2-44A9-982A-B2804A265279} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {CE7B1AA8-721F-46B2-BE6B-584F583FFBBE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {F1C5DB31-0466-4971-BBCD-C3C5B0F43B6A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
 
Task: {FCD1C7B0-2455-463B-9CA2-C1036FD1E238} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000UA => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
 
 
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
 
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
 
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1cf8a3518e722c2.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1cfea744904df94.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1cffed1e70fe871.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d0425249018ea7.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d08f88f73b266b.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d0bf58351f111a.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d0e30f7785e79d.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d0eef73b9263cb.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d12f1795c630cc.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d15d476c8e7052.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2484516791-2231546880-3200291594-1000Core1d1ab21c06ae94e.job => C:\Users\mu\AppData\Local\Google\Update\GoogleUpdate.exe
 
Task: C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job => C:\Program Files\MATLAB\R2013a\bin\win64\MATLABStartupAccelerator.exe
 
 
 
==================== Shortcuts & WMI ========================
 
 
 
(The entries could be listed to be restored or removed.)
 
 
 
 
 
Shortcut: C:\Users\mu\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
 
 
 
ShortcutWithArgument: C:\Users\mu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 7" --app-id=cnciopoikihiagdjbjpnocolokfelagl
 
ShortcutWithArgument: C:\Users\mu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7" "--high-dpi-support=1" "--force-device-scale-factor=1"
 
ShortcutWithArgument: C:\Users\mu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
 
ShortcutWithArgument: C:\Users\mu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "--high-dpi-support=1" "--force-device-scale-factor=1"
 
 
 
==================== Loaded Modules (Whitelisted) ==============
 
 
 
2016-05-19 19:24 - 2016-05-19 19:24 - 00712288 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
 
2016-05-19 19:24 - 2016-05-19 19:24 - 00111832 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
 
2017-05-15 10:15 - 2017-05-03 16:24 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
 
2015-09-09 20:06 - 2017-01-25 19:12 - 00027576 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
 
2015-09-09 20:46 - 2016-12-29 09:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
 
2017-02-23 08:29 - 2017-02-23 08:29 - 08909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
 
2012-04-02 20:27 - 2012-04-02 20:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
 
2014-12-28 18:04 - 2015-08-06 19:33 - 00791552 _____ () C:\Program Files\NetWorx\sqlite.dll
 
2014-12-28 18:04 - 2015-10-02 22:57 - 00175592 _____ () C:\Program Files\NetWorx\nfapi.dll
 
2015-01-04 15:31 - 2014-11-04 14:49 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
 
2017-06-27 15:11 - 2017-06-22 23:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
 
2017-06-27 15:11 - 2017-06-22 23:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
 
2016-05-03 14:17 - 2016-05-03 14:17 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
 
2015-09-09 20:06 - 2017-01-25 19:12 - 00027576 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
 
2017-05-15 10:15 - 2017-05-03 16:24 - 01040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
 
2015-04-30 01:28 - 2014-09-09 13:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00098816 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32api.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00110080 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\pywintypes27.dll
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00364544 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\pythoncom27.dll
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00320512 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32com.shell.shell.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00914432 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_hashlib.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 01176576 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._core_.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00806400 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._gdi_.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00816128 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._windows_.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 01067008 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._controls_.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00733184 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._misc_.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00682496 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\pysqlite2._sqlite.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00088064 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_ctypes.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00686080 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\unicodedata.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00119808 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32file.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00108544 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32security.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00007168 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\hashobjs_ext.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00017920 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\thumbnails_ext.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00088064 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\usb_ext.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00012800 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\common.time34.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00018432 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32event.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00167936 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32gui.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00046080 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_socket.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 01303552 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_ssl.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00128512 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_elementtree.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00127488 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\pyexpat.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00038912 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32inet.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00036864 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_psutil_windows.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00524248 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\windows._lib_cacheinvalidation.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00011264 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32crypt.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00123392 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._wizard.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00077312 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._html2.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00027648 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_multiprocessing.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00020480 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\_yappi.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00035840 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32process.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00078848 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\wx._animate.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00024064 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32pipe.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00010240 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\select.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00025600 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32pdh.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00017408 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32profile.pyd
 
2017-06-29 18:42 - 2017-06-29 18:42 - 00022528 ____R () C:\Users\mu\AppData\Local\Temp\_MEI29722\win32ts.pyd
 
2017-02-23 08:29 - 2017-02-23 08:29 - 08909512 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
 
 
 
==================== Alternate Data Streams (Whitelisted) =========
 
 
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
 
 
 
==================== Safe Mode (Whitelisted) ===================
 
 
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
 
 
 
==================== Association (Whitelisted) ===============
 
 
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
 
 
 
==================== Internet Explorer trusted/restricted ===============
 
 
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
 
 
 
==================== Hosts content: ===============================
 
 
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
 
 
2009-07-13 22:34 - 2015-09-26 13:19 - 00000827 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
 
 
 
 
 
==================== Other Areas ============================
 
 
 
(Currently there is no automatic fix for this section.)
 
 
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\mu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
 
DNS Servers: 8.8.4.4 - 8.8.8.8
 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 
Windows Firewall is enabled.
 
 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
 
 
 
==================== FirewallRules (Whitelisted) ===============
 
 
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
 
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
 
FirewallRules: [{0D8FFBDB-6408-47A0-90B6-CCA7964071B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
 
FirewallRules: [{A2AC842F-A871-4DB9-B439-A62B6E6CE9DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
 
FirewallRules: [{4A70E793-0984-4111-80E7-B03D3E4F9BB4}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
 
FirewallRules: [{CB9F8810-33F5-40E4-9886-6C534F25FE86}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
 
FirewallRules: [{F38C025C-4B24-45FF-83BA-48775B323864}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
 
FirewallRules: [{306EC964-4372-452C-B350-10CFB61EDAAA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
 
FirewallRules: [{61280837-15C1-48D0-8747-5D5508920E09}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
 
FirewallRules: [{120F8F05-BA85-4D90-8EE3-E2F297DACCE7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
 
FirewallRules: [TCP Query User{4064F3B0-0032-4B93-9DBC-D481A16FA282}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe
 
FirewallRules: [UDP Query User{F8962261-193C-4464-B4B9-5449F9E23171}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe
 
FirewallRules: [{C4D5DD00-C891-44B1-9B4F-E98E92987C0E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
 
FirewallRules: [{5D20A7AA-F8E0-4957-84F1-46B28395444F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
 
FirewallRules: [{E6E318E7-78AF-49A8-ADF7-D2CB09725C05}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
 
FirewallRules: [{616FE3EB-C7B1-46E9-BBAB-5DA6B0DA6B2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
 
FirewallRules: [{2C0B1066-26E5-44B0-882B-86C37EAC9F9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
 
FirewallRules: [{DE55FA9F-FE33-4753-8A2E-B34409ED89B8}] => (Allow) C:\Windows\system32\hasplms.exe
 
FirewallRules: [{E8254AA1-153B-44E8-B05C-35A7D057D66B}] => (Allow) LPort=475
 
FirewallRules: [{45469DF2-327D-4D7E-8927-A99F6E780F07}] => (Allow) LPort=475
 
FirewallRules: [{C0C4E996-6972-4578-BFF7-FCD570529FBE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
FirewallRules: [{211E8587-48F1-46CD-B08A-403B48F66F76}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
FirewallRules: [{D138A6F8-849F-47A8-9CC2-C4C4EFE137C2}] => (Allow) C:\Users\mu\AppData\Local\Apps\2.0\JLP9QCNP.MK1\T18Y8X5L.18E\blee..tion_77e1dafb7459f666_0001.0000_c94a3ae2a913d617\Bleep.exe
 
FirewallRules: [{90B6810A-4FF8-4B77-88D8-639F68359CE3}] => (Allow) C:\Program Files\NetWorx\networx.exe
 
FirewallRules: [{D7D6DE86-C03D-4BB8-9A1F-047C112435B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
FirewallRules: [{F0350520-C2F9-484D-9EC6-EE8DE79DFFAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
FirewallRules: [TCP Query User{A3D3C81F-3DD8-4003-8422-82B62BB64AA6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
 
FirewallRules: [UDP Query User{435E9848-696A-47BA-B895-920C6A2D396C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
 
FirewallRules: [{09D7536F-D127-4382-9D96-DFCD8DB24124}] => (Allow) C:\Program Files\NetWorx\networx.exe
 
FirewallRules: [{F8A7CE1D-7390-40E0-A744-74170EAC0FDD}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
 
FirewallRules: [{2386ECBB-7985-4F20-AEBA-355540C0D144}] => (Allow) C:\Program Files\NetWorx\networx.exe
 
FirewallRules: [{E3A84CD1-BC1B-414E-82D5-EBDADD507E52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
FirewallRules: [{D4CE664D-ED52-48F8-854F-8149AE5231A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
FirewallRules: [{7B042D6B-100C-4ED5-B902-F1D85F84D755}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
 
FirewallRules: [{2B200991-9D9D-49A3-845E-8613888D3F91}] => (Allow) LPort=2869
 
FirewallRules: [{24AC16C6-7E4E-4CDD-B74A-7059183BC824}] => (Allow) LPort=1900
 
FirewallRules: [{D09BEBE5-F837-489A-AEEF-DC711A1077A2}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
 
FirewallRules: [{A9F12ED4-D001-420E-8E60-46EB81A40A2E}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
 
FirewallRules: [{FD2726DB-D41E-40BC-B897-7AB214D2B128}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
 
FirewallRules: [{71CB530A-9ED4-430F-940C-BE8BB2A7ECB1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
 
FirewallRules: [{3B159052-CA38-4DF2-B9E9-D51ED4C514B7}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
 
FirewallRules: [{8DF24939-2121-497E-A14E-9A5CC8ADF852}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
 
FirewallRules: [{D0FF963E-7475-4E3B-AAC4-9631CF65A48C}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
 
FirewallRules: [{ED6E7D8B-2EAA-419D-8B26-2028051FF83F}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
 
FirewallRules: [{D15A7D47-A2EB-43E9-ACF6-7C1EE995DE54}] => (Allow) LPort=5558
 
FirewallRules: [{1A8932F0-E4FC-4BA1-B2DB-7CDC6C87CEAE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
 
FirewallRules: [{879AB825-B806-4116-9D8E-F282E65DE92A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
 
FirewallRules: [{F2B86C16-494C-42F9-A38E-E537AE718BBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
 
FirewallRules: [{828A5715-3E2D-4344-B651-546F9A3F8DB8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
FirewallRules: [{C0FB8CCC-3188-4684-90C6-1329444C49E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
FirewallRules: [{474B29F8-9E08-4A92-BE65-A1DAC92167A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 
FirewallRules: [{608FAFC0-B955-4373-87CF-8E37EA2C856A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 
FirewallRules: [{C84769E9-4C9C-47B5-87DF-B151C995A5F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
 
FirewallRules: [{53FDAF79-1FFF-45B7-8CC0-9CF677577F93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
 
FirewallRules: [{5F282871-581F-40E2-AA4D-E24AFF3633E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
 
FirewallRules: [{301BDC8F-F9A1-46B7-9DE8-C867CB33263E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
 
==================== Restore Points =========================
 
 
 
22-05-2017 17:33:15 Windows Update
 
 
 
==================== Faulty Device Manager Devices =============
 
 
 
Name: Bluetooth Peripheral Device
 
Description: Bluetooth Peripheral Device
 
Class Guid: 
 
Manufacturer: 
 
Service: 
 
Problem: : The drivers for this device are not installed. (Code 28)
 
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
 
Name: Bluetooth Peripheral Device
 
Description: Bluetooth Peripheral Device
 
Class Guid: 
 
Manufacturer: 
 
Service: 
 
Problem: : The drivers for this device are not installed. (Code 28)
 
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
 
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
 
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
 
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
 
Manufacturer: Cisco Systems
 
Service: vpnva
 
Problem: : This device is disabled. (Code 22)
 
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
 
Name: SM Bus Controller
 
Description: SM Bus Controller
 
Class Guid: 
 
Manufacturer: 
 
Service: 
 
Problem: : The drivers for this device are not installed. (Code 28)
 
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
 
Name: Bluetooth Peripheral Device
 
Description: Bluetooth Peripheral Device
 
Class Guid: 
 
Manufacturer: 
 
Service: 
 
Problem: : The drivers for this device are not installed. (Code 28)
 
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
 
Name: Bluetooth Peripheral Device
 
Description: Bluetooth Peripheral Device
 
Class Guid: 
 
Manufacturer: 
 
Service: 
 
Problem: : The drivers for this device are not installed. (Code 28)
 
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
 
 
 
==================== Event log errors: =========================
 
 
 
Application errors:
 
==================
 
Error: (06/29/2017 06:40:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
 
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
 
Error: (06/29/2017 06:37:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
 
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
 
Error: (06/29/2017 09:43:59 AM) (Source: SideBySide) (EventID: 63) (User: )
 
Description: Activation context generation failed for "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll".Error in manifest or policy file "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll" on line 9.
 
The value "x64" of attribute "processorArchitecture" in element "assemblyIdentity" is invalid.
 
 
 
Error: (06/29/2017 09:39:37 AM) (Source: SideBySide) (EventID: 35) (User: )
 
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\Office15\UccApi.DLL" on line 1.
 
Component identity found in manifest does not match the identity of the component requested.
 
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
 
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
 
Please use sxstrace.exe for detailed diagnosis.
 
 
 
Error: (06/28/2017 07:17:59 AM) (Source: SideBySide) (EventID: 63) (User: )
 
Description: Activation context generation failed for "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll".Error in manifest or policy file "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll" on line 9.
 
The value "x64" of attribute "processorArchitecture" in element "assemblyIdentity" is invalid.
 
 
 
Error: (06/28/2017 07:14:05 AM) (Source: SideBySide) (EventID: 35) (User: )
 
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\Office15\UccApi.DLL" on line 1.
 
Component identity found in manifest does not match the identity of the component requested.
 
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
 
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
 
Please use sxstrace.exe for detailed diagnosis.
 
 
 
Error: (06/27/2017 03:03:55 AM) (Source: SideBySide) (EventID: 63) (User: )
 
Description: Activation context generation failed for "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll".Error in manifest or policy file "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll" on line 9.
 
The value "x64" of attribute "processorArchitecture" in element "assemblyIdentity" is invalid.
 
 
 
Error: (06/27/2017 03:00:56 AM) (Source: SideBySide) (EventID: 35) (User: )
 
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\Office15\UccApi.DLL" on line 1.
 
Component identity found in manifest does not match the identity of the component requested.
 
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
 
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
 
Please use sxstrace.exe for detailed diagnosis.
 
 
 
Error: (06/25/2017 09:07:32 PM) (Source: SideBySide) (EventID: 63) (User: )
 
Description: Activation context generation failed for "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll".Error in manifest or policy file "c:\program files\R\r-3.1.1\Tcl\bin64\tk85.dll" on line 9.
 
The value "x64" of attribute "processorArchitecture" in element "assemblyIdentity" is invalid.
 
 
 
Error: (06/25/2017 09:06:44 PM) (Source: SideBySide) (EventID: 35) (User: )
 
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\Office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\Office15\UccApi.DLL" on line 1.
 
Component identity found in manifest does not match the identity of the component requested.
 
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
 
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
 
Please use sxstrace.exe for detailed diagnosis.
 
 
 
 
 
System errors:
 
=============
 
Error: (06/29/2017 06:39:55 PM) (Source: DCOM) (EventID: 10010) (User: )
 
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
 
Error: (06/29/2017 06:36:20 PM) (Source: DCOM) (EventID: 10010) (User: )
 
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
 
Error: (06/11/2017 09:08:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
 
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
 
 
 
Error: (06/10/2017 08:11:16 PM) (Source: DCOM) (EventID: 10010) (User: )
 
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
 
Error: (06/10/2017 08:11:09 PM) (Source: DCOM) (EventID: 10010) (User: )
 
Description: The server {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} did not register with DCOM within the required timeout.
 
 
 
Error: (05/31/2017 09:34:58 PM) (Source: Disk) (EventID: 11) (User: )
 
Description: The driver detected a controller error on \Device\Harddisk2\DR3.
 
 
 
Error: (05/31/2017 09:34:58 PM) (Source: Disk) (EventID: 11) (User: )
 
Description: The driver detected a controller error on \Device\Harddisk2\DR3.
 
 
 
Error: (05/22/2017 06:16:38 PM) (Source: DCOM) (EventID: 10010) (User: )
 
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
 
Error: (05/22/2017 05:48:56 PM) (Source: DCOM) (EventID: 10010) (User: )
 
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
 
Error: (05/22/2017 05:15:24 PM) (Source: DCOM) (EventID: 10010) (User: )
 
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
 
 
 
==================== Memory info =========================== 
 
 
 
Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
 
Percentage of memory in use: 81%
 
Total physical RAM: 6029.86 MB
 
Available physical RAM: 1104.44 MB
 
Total Virtual: 12057.9 MB
 
Available Virtual: 6282.06 MB
 
 
 
==================== Drives ================================
 
 
 
Drive c: (MU_SYSTEM) (Fixed) (Total:111.57 GB) (Free:9.96 GB) NTFS
 
Drive d: (MU_LOCAL) (Fixed) (Total:698.63 GB) (Free:169.99 GB) NTFS
 
Drive g: (EXT_MAIN) (Fixed) (Total:931.48 GB) (Free:92.57 GB) NTFS
 
 
 
==================== MBR & Partition Table ==================
 
 
 
========================================================
 
Disk: 0 (Size: 111.8 GB) (Disk ID: A456E85E)
 
 
 
Partition: GPT.
 
 
 
========================================================
 
Disk: 1 (Size: 698.6 GB) (Disk ID: 527CD163)
 
 
 
Partition: GPT.
 
 
 
========================================================
 
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
 
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
 
 
==================== End of Addition.txt ============================
 


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:14 AM

Posted 01 July 2017 - 07:22 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
Toolbar: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Check the integrity of the operating system files.
How to run sfc /Scannow
http://support.microsoft.com/kb/929833

When completed refer to the Microsoft article again and follow the instructions to view details of the System File Checker process

Post the contents of the sfcdetails.txt file for my review.

Please post the logs and let me know if the problem persists.
<<<>>>

#3 MuPositive

MuPositive
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:14 AM

Posted 05 July 2017 - 05:58 PM

Nasdaq, thanks for helping me. I've done as you instructed. The FRST Fixlog.txt is attached. The SFC details file is also attached. The problem unfortunately persists.
 
Mu

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
 
Ran by mu (01-07-2017 13:13:22) Run:1
 
Running from C:\Users\mu\Desktop
 
Loaded Profiles: mu (Available Profiles: mu & Guest)
 
Boot Mode: Normal
 
==============================================
 
 
 
fixlist content:
 
*****************
 
start
 
 
 
CreateRestorePoint:
 
EmptyTemp:
 
CloseProcesses:
 
 
 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
 
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
 
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
 
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
 
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
 
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
 
ShellIconOverlayIdentifiers-x32:
 
[DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
 
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
 
Toolbar: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
 
Toolbar: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
 
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
 
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
 
CHR Extension: (Chrome Web Store Payments) - C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
 
CHR Extension: (Chrome Media Router) -
 
C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ChromeHTML: ->  <==== ATTENTION
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 ->
 
C:\Users\mu\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\...\ChromeHTML: ->  <==== ATTENTION
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
 
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
 
Task: C:\Windows\Tasks\0814avUpdateInfo.job =>
 
C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
 
 
 
End
 
*****************
 
 
 
Restore point was successfully created.
 
Processes closed successfully.
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
 
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => key removed successfully
 
HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => key removed successfully
 
HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => key removed successfully
 
HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4 => key removed successfully
 
HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => key removed successfully
 
HKLM\Software\Wow6432Node\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: => key not found. 
 
HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers-x32: => key not found. 
 
[DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File => Error: No automatic fix found for this entry.
 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => key removed successfully
 
HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
 
HKLM\Software\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. 
 
Toolbar: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File => Error: No automatic fix found for this entry.
 
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
 
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
 
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
 
C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
 
CHR Extension: (Chrome Media Router) - => not found
 
"C:\Users\mu\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]" => not found.
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ChromeHTML: ->  <==== ATTENTION => Error: No automatic fix found for this entry.
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File => Error: No automatic fix found for this entry.
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\mu\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File => Error: No automatic fix found for this entry.
 
CustomCLSID: HKU\S-1-5-21-2484516791-2231546880-3200291594-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> => Error: No automatic fix found for this entry.
 
"C:\Users\mu\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File" => not found.
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\ChromeHTML => key removed successfully
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => key removed successfully
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => key removed successfully
 
HKU\S-1-5-21-2484516791-2231546880-3200291594-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => key removed successfully
 
C:\Windows\Tasks\0414bUpdateInfo.job => moved successfully
 
C:\Windows\Tasks\0814avUpdateInfo.job => moved successfully
 
C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe => moved successfully
 
 
 
=========== EmptyTemp: ==========
 
 
 
BITS transfer queue => 8388608 B
 
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4034031 B
 
Java, Flash, Steam htmlcache => 12940236 B
 
Windows/system/drivers => 23106015 B
 
Edge => 0 B
 
Chrome => 646095055 B
 
Firefox => 37893814 B
 
Opera => 0 B
 
 
 
Temp, IE cache, history, cookies, recent:
 
Users => 0 B
 
Default => 0 B
 
Public => 0 B
 
ProgramData => 0 B
 
systemprofile => 83519 B
 
systemprofile32 => 66356 B
 
LocalService => 66228 B
 
NetworkService => 66228 B
 
mu => 187697555 B
 
Guest => 3603801 B
 
 
 
RecycleBin => 3778779854 B
 
EmptyTemp: => 4.4 GB temporary data Removed.
 
 
 
================================
 
 
 
 
 
The system needed a reboot.
 
 
 
==== End of Fixlog 13:14:36 ====
 
 
 
 
 
 
 
 
 
2017-07-01 13:18:52, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:52, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:52, Info                  CSI    0000000c [SR] Verify complete
 
2017-07-01 13:18:53, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:53, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:53, Info                  CSI    00000010 [SR] Verify complete
 
2017-07-01 13:18:53, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:53, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:53, Info                  CSI    00000014 [SR] Verify complete
 
2017-07-01 13:18:53, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:53, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:53, Info                  CSI    00000018 [SR] Verify complete
 
2017-07-01 13:18:53, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:53, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:53, Info                  CSI    0000001c [SR] Verify complete
 
2017-07-01 13:18:54, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:54, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:54, Info                  CSI    00000020 [SR] Verify complete
 
2017-07-01 13:18:54, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:54, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:54, Info                  CSI    00000024 [SR] Verify complete
 
2017-07-01 13:18:54, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:54, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:54, Info                  CSI    00000028 [SR] Verify complete
 
2017-07-01 13:18:54, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:54, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:54, Info                  CSI    0000002c [SR] Verify complete
 
2017-07-01 13:18:55, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:55, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:55, Info                  CSI    00000030 [SR] Verify complete
 
2017-07-01 13:18:55, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:55, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:55, Info                  CSI    00000034 [SR] Verify complete
 
2017-07-01 13:18:55, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:55, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:55, Info                  CSI    00000038 [SR] Verify complete
 
2017-07-01 13:18:55, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:55, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:55, Info                  CSI    0000003c [SR] Verify complete
 
2017-07-01 13:18:55, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:55, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:56, Info                  CSI    00000040 [SR] Verify complete
 
2017-07-01 13:18:56, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:56, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:56, Info                  CSI    00000044 [SR] Verify complete
 
2017-07-01 13:18:56, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:56, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:56, Info                  CSI    00000048 [SR] Verify complete
 
2017-07-01 13:18:56, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:56, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:56, Info                  CSI    0000004c [SR] Verify complete
 
2017-07-01 13:18:56, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:56, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:57, Info                  CSI    00000050 [SR] Verify complete
 
2017-07-01 13:18:57, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:57, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:57, Info                  CSI    00000054 [SR] Verify complete
 
2017-07-01 13:18:57, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:57, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:58, Info                  CSI    00000058 [SR] Verify complete
 
2017-07-01 13:18:58, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:58, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:58, Info                  CSI    0000005c [SR] Verify complete
 
2017-07-01 13:18:58, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:58, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:58, Info                  CSI    00000060 [SR] Verify complete
 
2017-07-01 13:18:58, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:58, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:58, Info                  CSI    00000064 [SR] Verify complete
 
2017-07-01 13:18:59, Info                  CSI    00000065 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:59, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:59, Info                  CSI    00000068 [SR] Verify complete
 
2017-07-01 13:18:59, Info                  CSI    00000069 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:59, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:59, Info                  CSI    0000006c [SR] Verify complete
 
2017-07-01 13:18:59, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:59, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:18:59, Info                  CSI    00000070 [SR] Verify complete
 
2017-07-01 13:18:59, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:18:59, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:00, Info                  CSI    00000074 [SR] Verify complete
 
2017-07-01 13:19:00, Info                  CSI    00000075 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:00, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:00, Info                  CSI    00000078 [SR] Verify complete
 
2017-07-01 13:19:00, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:00, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:01, Info                  CSI    0000007c [SR] Verify complete
 
2017-07-01 13:19:01, Info                  CSI    0000007d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:01, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:02, Info                  CSI    00000080 [SR] Verify complete
 
2017-07-01 13:19:02, Info                  CSI    00000081 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:02, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:02, Info                  CSI    00000084 [SR] Verify complete
 
2017-07-01 13:19:02, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:02, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:03, Info                  CSI    00000088 [SR] Verify complete
 
2017-07-01 13:19:03, Info                  CSI    00000089 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:03, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:04, Info                  CSI    0000008d [SR] Verify complete
 
2017-07-01 13:19:05, Info                  CSI    0000008e [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:05, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:06, Info                  CSI    00000094 [SR] Verify complete
 
2017-07-01 13:19:06, Info                  CSI    00000095 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:06, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:07, Info                  CSI    00000099 [SR] Verify complete
 
2017-07-01 13:19:07, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:07, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:08, Info                  CSI    0000009d [SR] Verify complete
 
2017-07-01 13:19:08, Info                  CSI    0000009e [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:08, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:10, Info                  CSI    000000b1 [SR] Verify complete
 
2017-07-01 13:19:10, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:10, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:12, Info                  CSI    000000c8 [SR] Verify complete
 
2017-07-01 13:19:12, Info                  CSI    000000c9 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:12, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:13, Info                  CSI    000000cc [SR] Verify complete
 
2017-07-01 13:19:13, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:13, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:14, Info                  CSI    000000d0 [SR] Verify complete
 
2017-07-01 13:19:14, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:14, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:15, Info                  CSI    000000d4 [SR] Verify complete
 
2017-07-01 13:19:16, Info                  CSI    000000d5 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:16, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:16, Info                  CSI    000000d8 [SR] Verify complete
 
2017-07-01 13:19:17, Info                  CSI    000000d9 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:17, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:17, Info                  CSI    000000dc [SR] Verify complete
 
2017-07-01 13:19:17, Info                  CSI    000000dd [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:17, Info                  CSI    000000de [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:20, Info                  CSI    000000e2 [SR] Verify complete
 
2017-07-01 13:19:20, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:20, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:22, Info                  CSI    00000105 [SR] Verify complete
 
2017-07-01 13:19:22, Info                  CSI    00000106 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:22, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:25, Info                  CSI    00000109 [SR] Verify complete
 
2017-07-01 13:19:25, Info                  CSI    0000010a [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:25, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:27, Info                  CSI    0000010d [SR] Verify complete
 
2017-07-01 13:19:28, Info                  CSI    0000010e [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:28, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:28, Info                  CSI    00000113 [SR] Verify complete
 
2017-07-01 13:19:28, Info                  CSI    00000114 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:28, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:29, Info                  CSI    00000117 [SR] Verify complete
 
2017-07-01 13:19:29, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:29, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:29, Info                  CSI    0000011b [SR] Verify complete
 
2017-07-01 13:19:29, Info                  CSI    0000011c [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:29, Info                  CSI    0000011d [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:31, Info                  CSI    0000011f [SR] Verify complete
 
2017-07-01 13:19:31, Info                  CSI    00000120 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:31, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:34, Info                  CSI    00000134 [SR] Verify complete
 
2017-07-01 13:19:34, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:34, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:34, Info                  CSI    00000138 [SR] Verify complete
 
2017-07-01 13:19:34, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:34, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:35, Info                  CSI    0000013c [SR] Verify complete
 
2017-07-01 13:19:35, Info                  CSI    0000013d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:35, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:36, Info                  CSI    00000140 [SR] Verify complete
 
2017-07-01 13:19:36, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:36, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:39, Info                  CSI    00000145 [SR] Verify complete
 
2017-07-01 13:19:39, Info                  CSI    00000146 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:39, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:41, Info                  CSI    0000014a [SR] Verify complete
 
2017-07-01 13:19:41, Info                  CSI    0000014b [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:41, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:41, Info                  CSI    0000014e [SR] Verify complete
 
2017-07-01 13:19:41, Info                  CSI    0000014f [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:41, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:42, Info                  CSI    00000152 [SR] Verify complete
 
2017-07-01 13:19:42, Info                  CSI    00000153 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:42, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:43, Info                  CSI    00000156 [SR] Verify complete
 
2017-07-01 13:19:43, Info                  CSI    00000157 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:43, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:44, Info                  CSI    0000015a [SR] Verify complete
 
2017-07-01 13:19:44, Info                  CSI    0000015b [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:44, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:46, Info                  CSI    0000015e [SR] Verify complete
 
2017-07-01 13:19:46, Info                  CSI    0000015f [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:46, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:50, Info                  CSI    00000178 [SR] Verify complete
 
2017-07-01 13:19:50, Info                  CSI    00000179 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:50, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:51, Info                  CSI    0000017c [SR] Verify complete
 
2017-07-01 13:19:52, Info                  CSI    0000017d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:52, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:57, Info                  CSI    00000180 [SR] Verify complete
 
2017-07-01 13:19:57, Info                  CSI    00000181 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:57, Info                  CSI    00000182 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:19:59, Info                  CSI    00000185 [SR] Verify complete
 
2017-07-01 13:19:59, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:19:59, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:01, Info                  CSI    00000189 [SR] Verify complete
 
2017-07-01 13:20:01, Info                  CSI    0000018a [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:01, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:02, Info                  CSI    0000018d [SR] Verify complete
 
2017-07-01 13:20:02, Info                  CSI    0000018e [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:02, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:03, Info                  CSI    00000191 [SR] Verify complete
 
2017-07-01 13:20:04, Info                  CSI    00000192 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:04, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:05, Info                  CSI    00000195 [SR] Verify complete
 
2017-07-01 13:20:05, Info                  CSI    00000196 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:05, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:05, Info                  CSI    0000019b [SR] Verify complete
 
2017-07-01 13:20:06, Info                  CSI    0000019c [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:06, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:06, Info                  CSI    0000019f [SR] Verify complete
 
2017-07-01 13:20:06, Info                  CSI    000001a0 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:06, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:11, Info                  CSI    000001a3 [SR] Verify complete
 
2017-07-01 13:20:11, Info                  CSI    000001a4 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:11, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:13, Info                  CSI    000001a8 [SR] Verify complete
 
2017-07-01 13:20:13, Info                  CSI    000001a9 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:13, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:14, Info                  CSI    000001ac [SR] Verify complete
 
2017-07-01 13:20:14, Info                  CSI    000001ad [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:14, Info                  CSI    000001ae [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:15, Info                  CSI    000001b1 [SR] Verify complete
 
2017-07-01 13:20:15, Info                  CSI    000001b2 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:15, Info                  CSI    000001b3 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:17, Info                  CSI    000001b6 [SR] Verify complete
 
2017-07-01 13:20:17, Info                  CSI    000001b7 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:17, Info                  CSI    000001b8 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:19, Info                  CSI    000001ba [SR] Verify complete
 
2017-07-01 13:20:19, Info                  CSI    000001bb [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:19, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:20, Info                  CSI    000001be [SR] Verify complete
 
2017-07-01 13:20:20, Info                  CSI    000001bf [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:20, Info                  CSI    000001c0 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:21, Info                  CSI    000001c2 [SR] Verify complete
 
2017-07-01 13:20:21, Info                  CSI    000001c3 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:21, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:22, Info                  CSI    000001c7 [SR] Verify complete
 
2017-07-01 13:20:22, Info                  CSI    000001c8 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:22, Info                  CSI    000001c9 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:23, Info                  CSI    000001cb [SR] Verify complete
 
2017-07-01 13:20:23, Info                  CSI    000001cc [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:23, Info                  CSI    000001cd [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:24, Info                  CSI    000001d0 [SR] Verify complete
 
2017-07-01 13:20:24, Info                  CSI    000001d1 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:24, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:25, Info                  CSI    000001d5 [SR] Verify complete
 
2017-07-01 13:20:26, Info                  CSI    000001d6 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:26, Info                  CSI    000001d7 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:27, Info                  CSI    000001da [SR] Verify complete
 
2017-07-01 13:20:27, Info                  CSI    000001db [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:27, Info                  CSI    000001dc [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:28, Info                  CSI    000001df [SR] Verify complete
 
2017-07-01 13:20:29, Info                  CSI    000001e0 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:29, Info                  CSI    000001e1 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:30, Info                  CSI    000001e3 [SR] Verify complete
 
2017-07-01 13:20:30, Info                  CSI    000001e4 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:30, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:32, Info                  CSI    000001e8 [SR] Verify complete
 
2017-07-01 13:20:32, Info                  CSI    000001e9 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:32, Info                  CSI    000001ea [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:33, Info                  CSI    000001ec [SR] Verify complete
 
2017-07-01 13:20:33, Info                  CSI    000001ed [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:33, Info                  CSI    000001ee [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:33, Info                  CSI    000001f0 [SR] Verify complete
 
2017-07-01 13:20:33, Info                  CSI    000001f1 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:33, Info                  CSI    000001f2 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:34, Info                  CSI    000001f4 [SR] Verify complete
 
2017-07-01 13:20:34, Info                  CSI    000001f5 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:34, Info                  CSI    000001f6 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:35, Info                  CSI    000001f8 [SR] Verify complete
 
2017-07-01 13:20:35, Info                  CSI    000001f9 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:35, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:37, Info                  CSI    000001fc [SR] Verify complete
 
2017-07-01 13:20:37, Info                  CSI    000001fd [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:37, Info                  CSI    000001fe [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:37, Info                  CSI    00000200 [SR] Verify complete
 
2017-07-01 13:20:37, Info                  CSI    00000201 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:37, Info                  CSI    00000202 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:38, Info                  CSI    00000204 [SR] Verify complete
 
2017-07-01 13:20:38, Info                  CSI    00000205 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:38, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:40, Info                  CSI    00000208 [SR] Verify complete
 
2017-07-01 13:20:40, Info                  CSI    00000209 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:40, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:44, Info                  CSI    0000020c [SR] Verify complete
 
2017-07-01 13:20:44, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:44, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:45, Info                  CSI    00000210 [SR] Verify complete
 
2017-07-01 13:20:45, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:45, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:46, Info                  CSI    00000214 [SR] Verify complete
 
2017-07-01 13:20:46, Info                  CSI    00000215 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:46, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:46, Info                  CSI    00000218 [SR] Verify complete
 
2017-07-01 13:20:46, Info                  CSI    00000219 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:46, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:47, Info                  CSI    0000021c [SR] Verify complete
 
2017-07-01 13:20:47, Info                  CSI    0000021d [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:47, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:48, Info                  CSI    00000220 [SR] Verify complete
 
2017-07-01 13:20:48, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:48, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:48, Info                  CSI    00000224 [SR] Verify complete
 
2017-07-01 13:20:48, Info                  CSI    00000225 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:48, Info                  CSI    00000226 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:49, Info                  CSI    00000228 [SR] Verify complete
 
2017-07-01 13:20:49, Info                  CSI    00000229 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:49, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:50, Info                  CSI    00000232 [SR] Verify complete
 
2017-07-01 13:20:51, Info                  CSI    00000233 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:51, Info                  CSI    00000234 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:51, Info                  CSI    00000236 [SR] Verify complete
 
2017-07-01 13:20:51, Info                  CSI    00000237 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:51, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:52, Info                  CSI    0000023a [SR] Verify complete
 
2017-07-01 13:20:52, Info                  CSI    0000023b [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:52, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:53, Info                  CSI    0000023e [SR] Verify complete
 
2017-07-01 13:20:53, Info                  CSI    0000023f [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:53, Info                  CSI    00000240 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:54, Info                  CSI    00000242 [SR] Verify complete
 
2017-07-01 13:20:54, Info                  CSI    00000243 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:54, Info                  CSI    00000244 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:55, Info                  CSI    00000247 [SR] Verify complete
 
2017-07-01 13:20:55, Info                  CSI    00000248 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:55, Info                  CSI    00000249 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:57, Info                  CSI    0000024b [SR] Verify complete
 
2017-07-01 13:20:57, Info                  CSI    0000024c [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:57, Info                  CSI    0000024d [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:58, Info                  CSI    0000024f [SR] Verify complete
 
2017-07-01 13:20:58, Info                  CSI    00000250 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:58, Info                  CSI    00000251 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:20:59, Info                  CSI    00000253 [SR] Verify complete
 
2017-07-01 13:20:59, Info                  CSI    00000254 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:20:59, Info                  CSI    00000255 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:03, Info                  CSI    0000025a [SR] Verify complete
 
2017-07-01 13:21:03, Info                  CSI    0000025b [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:03, Info                  CSI    0000025c [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:04, Info                  CSI    00000261 [SR] Verify complete
 
2017-07-01 13:21:04, Info                  CSI    00000262 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:04, Info                  CSI    00000263 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:06, Info                  CSI    00000265 [SR] Verify complete
 
2017-07-01 13:21:06, Info                  CSI    00000266 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:06, Info                  CSI    00000267 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:08, Info                  CSI    00000275 [SR] Verify complete
 
2017-07-01 13:21:08, Info                  CSI    00000276 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:08, Info                  CSI    00000277 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:10, Info                  CSI    0000027d [SR] Verify complete
 
2017-07-01 13:21:10, Info                  CSI    0000027e [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:10, Info                  CSI    0000027f [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:11, Info                  CSI    00000281 [SR] Verify complete
 
2017-07-01 13:21:11, Info                  CSI    00000282 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:11, Info                  CSI    00000283 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:12, Info                  CSI    00000287 [SR] Verify complete
 
2017-07-01 13:21:12, Info                  CSI    00000288 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:12, Info                  CSI    00000289 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:13, Info                  CSI    0000028b [SR] Verify complete
 
2017-07-01 13:21:14, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:14, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:16, Info                  CSI    000002b2 [SR] Verify complete
 
2017-07-01 13:21:16, Info                  CSI    000002b3 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:16, Info                  CSI    000002b4 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:17, Info                  CSI    000002b6 [SR] Verify complete
 
2017-07-01 13:21:17, Info                  CSI    000002b7 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:17, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:18, Info                  CSI    000002ba [SR] Verify complete
 
2017-07-01 13:21:18, Info                  CSI    000002bb [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:18, Info                  CSI    000002bc [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:19, Info                  CSI    000002be [SR] Verify complete
 
2017-07-01 13:21:19, Info                  CSI    000002bf [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:19, Info                  CSI    000002c0 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:20, Info                  CSI    000002ce [SR] Verify complete
 
2017-07-01 13:21:20, Info                  CSI    000002cf [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:20, Info                  CSI    000002d0 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:20, Info                  CSI    000002d2 [SR] Verify complete
 
2017-07-01 13:21:20, Info                  CSI    000002d3 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:20, Info                  CSI    000002d4 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:23, Info                  CSI    000002e2 [SR] Verify complete
 
2017-07-01 13:21:23, Info                  CSI    000002e3 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:23, Info                  CSI    000002e4 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:23, Info                  CSI    000002e6 [SR] Verify complete
 
2017-07-01 13:21:23, Info                  CSI    000002e7 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:23, Info                  CSI    000002e8 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:25, Info                  CSI    000002eb [SR] Verify complete
 
2017-07-01 13:21:25, Info                  CSI    000002ec [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:25, Info                  CSI    000002ed [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:25, Info                  CSI    000002ef [SR] Verify complete
 
2017-07-01 13:21:25, Info                  CSI    000002f0 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:25, Info                  CSI    000002f1 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:26, Info                  CSI    000002f3 [SR] Verify complete
 
2017-07-01 13:21:26, Info                  CSI    000002f4 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:26, Info                  CSI    000002f5 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:27, Info                  CSI    000002f7 [SR] Verify complete
 
2017-07-01 13:21:27, Info                  CSI    000002f8 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:27, Info                  CSI    000002f9 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:28, Info                  CSI    000002fb [SR] Verify complete
 
2017-07-01 13:21:28, Info                  CSI    000002fc [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:28, Info                  CSI    000002fd [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:31, Info                  CSI    00000317 [SR] Verify complete
 
2017-07-01 13:21:31, Info                  CSI    00000318 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:31, Info                  CSI    00000319 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:32, Info                  CSI    0000031b [SR] Verify complete
 
2017-07-01 13:21:32, Info                  CSI    0000031c [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:32, Info                  CSI    0000031d [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:37, Info                  CSI    0000031f [SR] Verify complete
 
2017-07-01 13:21:37, Info                  CSI    00000320 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:37, Info                  CSI    00000321 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:38, Info                  CSI    00000323 [SR] Verify complete
 
2017-07-01 13:21:38, Info                  CSI    00000324 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:38, Info                  CSI    00000325 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:38, Info                  CSI    00000328 [SR] Verify complete
 
2017-07-01 13:21:39, Info                  CSI    00000329 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:39, Info                  CSI    0000032a [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:39, Info                  CSI    0000032d [SR] Verify complete
 
2017-07-01 13:21:39, Info                  CSI    0000032e [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:39, Info                  CSI    0000032f [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:40, Info                  CSI    00000331 [SR] Verify complete
 
2017-07-01 13:21:40, Info                  CSI    00000332 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:40, Info                  CSI    00000333 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:41, Info                  CSI    00000335 [SR] Verify complete
 
2017-07-01 13:21:41, Info                  CSI    00000336 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:41, Info                  CSI    00000337 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:42, Info                  CSI    0000033a [SR] Verify complete
 
2017-07-01 13:21:42, Info                  CSI    0000033b [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:42, Info                  CSI    0000033c [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:43, Info                  CSI    0000033e [SR] Verify complete
 
2017-07-01 13:21:43, Info                  CSI    0000033f [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:43, Info                  CSI    00000340 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:44, Info                  CSI    00000342 [SR] Verify complete
 
2017-07-01 13:21:44, Info                  CSI    00000343 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:44, Info                  CSI    00000344 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:45, Info                  CSI    00000346 [SR] Verify complete
 
2017-07-01 13:21:45, Info                  CSI    00000347 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:45, Info                  CSI    00000348 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:46, Info                  CSI    0000034b [SR] Verify complete
 
2017-07-01 13:21:46, Info                  CSI    0000034c [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:46, Info                  CSI    0000034d [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:47, Info                  CSI    0000034f [SR] Verify complete
 
2017-07-01 13:21:47, Info                  CSI    00000350 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:47, Info                  CSI    00000351 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:48, Info                  CSI    00000353 [SR] Verify complete
 
2017-07-01 13:21:48, Info                  CSI    00000354 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:48, Info                  CSI    00000355 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:49, Info                  CSI    00000357 [SR] Verify complete
 
2017-07-01 13:21:49, Info                  CSI    00000358 [SR] Verifying 100 (0x0000000000000064) components
 
2017-07-01 13:21:49, Info                  CSI    00000359 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:50, Info                  CSI    0000035b [SR] Verify complete
 
2017-07-01 13:21:51, Info                  CSI    0000035c [SR] Verifying 42 (0x000000000000002a) components
 
2017-07-01 13:21:51, Info                  CSI    0000035d [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:51, Info                  CSI    0000035f [SR] Verify complete
 
2017-07-01 13:21:51, Info                  CSI    00000360 [SR] Repairing 0 components
 
2017-07-01 13:21:51, Info                  CSI    00000361 [SR] Beginning Verify and Repair transaction
 
2017-07-01 13:21:51, Info                  CSI    00000363 [SR] Repair complete


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:14 AM

Posted 06 July 2017 - 07:20 AM

Hi,

Repair these services.

Please Download Tweaking.com - Windows Repair from Here
  • Install and then run the program
  • Execute the instructions on Step 1 Important
  • Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
  • On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
  • Click Repairs - Open Repairs in the bottom right corner
  • Uncheck the All repair button then select just the item(s) listed below

  • 01 - Repair Registry Permissions
    03 - Reset Service permissions
    04 - Register System Files
    05 - Repair WMI
    10 - Remove Policies Set By Infections
    11 - Repair Start Menu Icons Removed by Infections
    12 - Repair Icons
    17 - Repair Windows Updates
    21 - Repair MSI (Windows Installer)
    26 - Restore Important Windows Services
    27 - Set Windows Service to Default Startup
  • Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
  • Please copy and paste the Contents of this file on your next reply.
===

Restart the computer normally.

How is the computer running now?

#5 MuPositive

MuPositive
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:02:14 AM

Posted 09 July 2017 - 10:49 PM

Hello Nasdaq,

 

Tweaker appears to have fixed my problem. I am very grateful for your help.

 

The Tweaker log files are attached. I'd be interested to know if you can diagnose what was wrong.

 

My appreciation for your time,

Mu

 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:14 AM

Posted 10 July 2017 - 07:24 AM

Glad we could help.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users