Virus_Victim
-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Virus_Victim
-
-
Auto reply ?
There is NOTHING wrong just seeking advice about Avast.
Please advise.
-
I would like to thank U for all the HELP !!!
Link worked !!!
Please advise if Avast is competent Virus Protection.
Suggestion for BEST FREE Virus Protection.
Thank U again !!! Best Wishes.
-
Scan indicated Avast as MALWARE.
Question: Is Avast competent & acceptable virus protection ?
Thank U
-
1. Scan activated.
2. Problems were cleaned - system rebooted
3. Re scanning to conform corrections.
4. Confirmed NO problems detected by 2nd scan.
Awaiting further instructions.
Confirming with WINDOWS UPDATE. 2017-09 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4038782).
Thank U.
-
1. Scan activated.
2. Problems were cleaned - system rebooted
3. Re scanning to conform corrections.
Please await results.
-
I am unable to enter REACH Recovery Environment.
Please post Boot to Advanced Startup Options from Command and I will run the fix again if shutdown /r /o /f /t 00 is wrong.
Which if the 1-9 Options do I choose once in Recovery Environment.
-
I am unable to enter REACH Recovery Environment.
Please post Boot to Advanced Startup Options from Command and I will run the fix again.
-
Boot to Advanced Startup Options from Settings in Windows 10
Please post Boot to Advanced Startup Options from Command if shutdown /r /o /f /t 00 does NOT work.
-
Please instruct step by step to REACH Recovery Environment. I do NOT see the option/choice at 1-9 in Startup Setting.
Shift Restart method was used that created the
Boot Mode: Safe Mode (with Networking) -
Requested fixlog.txt from USB FLASH DRIVE in SAFE MODE posted & attached.
Please instruct further.
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-09-2017
Ran by JK (12-09-2017 21:52:53) Run:2
Running from e:\
Loaded Profiles: JK (Available Profiles: JK & Jack__000 & Administrator)
Boot Mode: Safe Mode (with Networking)
==============================================fixlist content:
*****************
S4 xqmlt; System32\drivers\tyugu.sys [X]C:\Program Files (x86)\jf9z5vq2eu.dat
C:\Users\J\AppData\Local\{B5EA83B6-9142-EF0E-FCDA-CAE6D8B2367E}
C:\Users\J\AppData\Local\{5F9469C8-7B3C-0570-16A4-209832CCDC00}
C:\Users\J\AppData\Local\ctfardb
C:\Users\J\AppData\Local\utceazy
C:\Users\J\AppData\Roaming\et
C:\WINDOWS\system32\vmaxzpm
C:\WINDOWS\SysWOW64\vmaxzpm
C:\Windows\Temp\msciugdsrv.exe
C:\WINDOWS\system32\Drivers\srvilpsv.sys
C:\Windows\System32\drivers\msidntfs.sys
2017-09-11 06:46 - 2017-09-11 06:46 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7DE75172.sys
2017-09-11 06:46 - 2017-09-11 06:46 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-11 06:36 - 2017-09-11 06:36 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\165449CA.sys
2017-09-11 06:35 - 2017-09-11 06:35 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5EF2493B.sys
2017-09-11 06:35 - 2017-09-11 06:35 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3F2B4906.sys
2017-09-11 05:49 - 2017-09-11 05:49 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0BB42602.sys
2017-09-11 05:49 - 2017-09-11 05:49 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0388262A.sys
2017-09-11 05:36 - 2017-09-11 05:36 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\37281B9A.sys
2017-09-11 03:02 - 2017-09-11 03:02 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\648E2604.sys
2017-09-11 03:02 - 2017-09-11 03:02 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\32662628.sys
2017-09-11 02:26 - 2017-09-11 02:26 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\50F20A66.sys
2017-09-11 02:26 - 2017-09-11 02:26 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\031A0A42.sys
2017-09-11 01:39 - 2017-09-11 01:39 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\184066AE.sys
2017-09-11 01:22 - 2017-09-11 01:22 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\60F35953.sys
2017-09-11 01:22 - 2017-09-11 01:22 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5CDD5967.sys
2017-09-10 05:26 - 2017-09-10 05:26 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4BF94639.sys
2017-09-05 07:14 - 2017-09-05 07:14 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\6102126C.sys
2017-09-05 07:14 - 2017-09-05 07:14 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3D26124B.sys
*****************HKLM\System\CurrentControlSet\Services\xqmlt => key removed successfully
xqmlt => service removed successfully
C:\Program Files (x86)\jf9z5vq2eu.dat => moved successfully
C:\Users\J\AppData\Local\{B5EA83B6-9142-EF0E-FCDA-CAE6D8B2367E} => moved successfully
C:\Users\J\AppData\Local\{5F9469C8-7B3C-0570-16A4-209832CCDC00} => moved successfully"C:\Users\J\AppData\Local\ctfardb" folder move:
Could not move "C:\Users\J\AppData\Local\ctfardb" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Safe Mode (with Networking)) (Date&Time: 12-09-2017 21:54:07)"C:\Users\J\AppData\Local\ctfardb" => Could not move
==== End of Fixlog 21:54:10 ====
-
In the process of instructions Posted Monday at 07:39 AM
Please await fixlog.txt saved on USB Flash Drive attached in next reply. ( approx.: under 30 minutes )
-
Do U favor Flash Drive approach or Windows 10 reinstall ?"
Major Concerns:
1. Windows10Upgrade9252.exe will not run.
2. Windows update will NOT run. 2017-09 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4038782) FAIL.
Any services to check if running ? Which services would be a good idea to restart ?
Please suggest Microsoft site OEM reinstall method.
Thank U.
-
Thank U for all the help. This seems so complicated
Please answer the folo questions.
Preparing the USB Flash Drive
1. Can I use a NON empty USB Flash Drive ? Will the progress delete data already on the USB Flash Drive ?
Boot in the Recovery Environment
2. Can I use shutdown /r /o /f /t 00 ? or <Shift> Restart ? Confirm please.
Reinstalling Windows 10
3. Would Reinstalling Windows 10 fix the issue ? Does reinstalling Windows 10 remove ALL inflects & malware ?
I appreciate all the help but I need time to comprehend the instructions.
Thank U.
-
What if I do NOT have a flash drive ?
-
1. Recovery Environment ? Is there a way to avoid that procedure without USB Flash Drive ?
2. Fixlog.txt below
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-09-2017
Ran by JK (11-09-2017 07:29:31) Run:1
Running from V:\
Loaded Profiles: JK (Available Profiles: JK & Jack__000 & Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================fixlist content:
*****************
CMD: bcdedit.exe /set {default} recoveryenabled yes
CMD: dir C:\Windows
CMD: dir C:\Windows\system32\drivers
*****************
========= bcdedit.exe /set {default} recoveryenabled yes =========The operation completed successfully.
========= End of CMD: =========
========= dir C:\Windows =========Volume in drive C is Windows
Volume Serial Number is 2AE1-EB40Directory of C:\Windows
09/11/2017 06:57 AM <DIR> .
09/11/2017 06:57 AM <DIR> ..
07/16/2016 06:47 AM <DIR> addins
10/23/2016 11:46 AM <DIR> appcompat
06/15/2017 02:05 AM <DIR> AppPatch
09/11/2017 05:14 AM <DIR> AppReadiness
08/26/2017 06:20 AM <DIR> assembly
05/14/2016 10:52 AM <DIR> AUInstallAgent
08/29/2016 11:20 AM 53,208 avastSS.scr
08/26/2017 06:06 AM <DIR> bcastdvr
07/16/2016 06:42 AM 61,440 bfsvc.exe
07/16/2016 06:47 AM <DIR> Boot
07/16/2016 06:47 AM <DIR> Branding
09/11/2017 04:02 AM <DIR> CbsTemp
07/16/2016 06:43 AM 33,498 Core.xml
09/11/2013 01:32 PM 10 csup.txt
07/16/2016 06:47 AM <DIR> Cursors
09/11/2017 05:24 AM <DIR> debug
10/22/2016 02:35 PM 15,243 diagerr.xml
07/16/2016 06:47 AM <DIR> diagnostics
10/22/2016 02:35 PM 15,243 diagwrn.xml
03/15/2017 07:46 PM <DIR> DigitalLocker
07/16/2016 09:14 AM <DIR> en-US
10/05/2016 02:35 PM 2,259 epplauncher.mif
07/12/2017 12:55 AM 4,674,872 explorer.exe
07/16/2016 06:47 AM <DIR> GameBarPresenceWriter
07/16/2016 06:47 AM <DIR> Globalization
09/28/2005 12:29 PM 585,728 Halloween.scr
10/22/2016 02:10 PM <DIR> Help
06/03/2017 03:52 AM 975,872 HelpPane.exe
06/17/2017 06:54 AM <DIR> Hewlett-Packard
07/16/2016 06:42 AM 18,432 hh.exe
07/16/2016 09:14 AM <DIR> IME
08/26/2017 06:06 AM <DIR> ImmersiveControlPanel
09/05/2017 11:53 PM <DIR> INF
07/16/2016 06:47 AM <DIR> InfusedApps
10/22/2016 02:10 PM <DIR> InputMethod
04/25/2017 06:16 PM <DIR> IObit
07/16/2016 06:47 AM <DIR> L2Schemas
07/10/2017 05:33 AM <DIR> LiveKernelReports
09/10/2017 04:08 AM <DIR> Logs
01/19/2017 02:54 PM <DIR> MediaViewer
07/16/2016 06:42 AM 43,131 mib.bin
09/10/2017 10:39 PM <DIR> Microsoft.NET
07/16/2016 06:47 AM <DIR> Migration
10/22/2016 02:03 PM <DIR> MiracastView
04/20/2017 05:49 PM <DIR> ModemLogs
11/03/2005 02:20 PM 647,168 Night Before Christmas.scr
07/16/2016 06:43 AM 243,200 notepad.exe
07/18/2017 05:54 PM 1,951 NvContainerRecovery.bat
06/20/2017 03:58 PM 1,951 NvTelemetryContainerRecovery.bat
07/16/2016 09:15 AM <DIR> OCR
07/16/2016 06:47 AM <DIR> Offline Web Pages
11/19/2016 07:27 AM <DIR> Panther
07/16/2016 06:47 AM <DIR> Performance
09/11/2017 05:34 AM 512 PFRO.log
07/16/2016 06:47 AM <DIR> PLA
05/14/2017 06:39 PM <DIR> PolicyDefinitions
09/11/2017 07:17 AM <DIR> Prefetch
03/18/2017 08:16 PM <DIR> PrintDialog
08/26/2017 06:06 AM <DIR> Provisioning
03/04/2017 01:18 AM 320,512 regedit.exe
11/03/2016 05:39 PM <DIR> registration
11/13/2016 12:21 AM <DIR> rescache
07/16/2016 06:47 AM <DIR> Resources
07/16/2016 06:47 AM <DIR> SchCache
07/16/2016 06:47 AM <DIR> schemas
07/16/2016 06:47 AM <DIR> security
10/22/2016 01:59 PM <DIR> ServiceProfiles
12/11/2016 06:01 AM <DIR> servicing
07/16/2016 06:49 AM <DIR> Setup
08/26/2017 06:06 AM <DIR> ShellExperiences
07/16/2016 09:14 AM <DIR> SKB
09/10/2017 05:55 AM <DIR> SoftwareDistribution
07/16/2016 06:47 AM <DIR> Speech
07/16/2016 06:47 AM <DIR> Speech_OneCore
10/14/2016 10:59 PM 130,560 splwow64.exe
07/16/2016 06:47 AM <DIR> System
08/22/2013 08:25 AM 219 system.ini
09/11/2017 06:40 AM <DIR> System32
07/16/2016 09:29 AM <DIR> SystemApps
07/16/2016 06:47 AM <DIR> SystemResources
09/07/2017 08:46 AM <DIR> SysWOW64
07/16/2016 06:47 AM <DIR> TAPI
09/10/2017 03:27 AM <DIR> Tasks
09/11/2017 07:17 AM <DIR> Temp
05/14/2016 02:38 PM <DIR> ToastData
07/16/2016 06:47 AM <DIR> tracing
07/16/2016 06:47 AM <DIR> twain_32
07/16/2016 06:43 AM 66,560 twain_32.dll
09/11/2017 04:43 AM 0 unlocker.log
08/22/2013 10:36 AM <DIR> vpnplugins
07/16/2016 06:47 AM <DIR> Vss
12/09/2016 12:27 PM <DIR> Web
08/04/2017 11:18 PM 197 win.ini
09/11/2017 06:34 AM 275 WindowsUpdate.log
07/16/2016 06:42 AM 10,240 winhlp32.exe
09/11/2017 02:37 AM 85 wininit.ini
08/31/2017 06:06 AM <DIR> WinSxS
07/16/2016 06:43 AM 316,640 WMSysPr9.prx
07/16/2016 06:42 AM 11,264 write.exe
28 File(s) 8,230,270 bytes
73 Dir(s) 6,651,662,336 bytes free========= End of CMD: =========
========= dir C:\Windows\system32\drivers =========Volume in drive C is Windows
Volume Serial Number is 2AE1-EB40Directory of C:\Windows\system32\drivers
09/11/2017 07:16 AM <DIR> .
09/11/2017 07:16 AM <DIR> ..
09/11/2017 02:26 AM 253,888 031A0A42.sys
09/11/2017 05:49 AM 253,888 0388262A.sys
09/11/2017 07:14 AM 253,888 044766EA.sys
09/11/2017 05:49 AM 253,888 0BB42602.sys
07/16/2016 06:41 AM 235,520 1394ohci.sys
09/11/2017 07:09 AM 253,888 162B6361.sys
09/11/2017 06:36 AM 253,888 165449CA.sys
09/11/2017 01:39 AM 253,888 184066AE.sys
09/05/2017 10:53 PM 253,888 2EB96091.sys
09/11/2017 03:02 AM 253,888 32662628.sys
09/11/2017 05:36 AM 253,888 37281B9A.sys
09/05/2017 07:14 AM 253,888 3D26124B.sys
09/11/2017 06:35 AM 253,888 3F2B4906.sys
07/16/2016 06:41 AM 107,360 3ware.sys
09/10/2017 05:26 AM 253,888 4BF94639.sys
09/09/2017 03:56 AM 253,888 4D0432D9.sys
09/11/2017 02:26 AM 253,888 50F20A66.sys
09/11/2017 01:22 AM 253,888 5CDD5967.sys
09/05/2017 10:49 PM 253,888 5D725E18.sys
09/11/2017 06:35 AM 253,888 5EF2493B.sys
09/11/2017 01:22 AM 253,888 60F35953.sys
09/05/2017 07:14 AM 253,888 6102126C.sys
09/11/2017 03:02 AM 253,888 648E2604.sys
09/11/2017 05:45 AM 253,888 6D7A2294.sys
09/11/2017 06:46 AM 253,888 7DE75172.sys
09/09/2017 03:55 AM 253,888 7F2B32B5.sys
07/16/2016 06:41 AM 705,888 acpi.sys
07/16/2016 06:41 AM 18,432 AcpiDev.sys
07/16/2016 06:42 AM 126,816 acpiex.sys
07/16/2016 06:41 AM 12,288 acpipagr.sys
07/16/2016 06:41 AM 14,336 acpipmi.sys
07/16/2016 06:41 AM 13,312 acpitime.sys
07/16/2016 06:41 AM 1,135,456 adp80xx.sys
10/14/2016 11:21 PM 584,032 afd.sys
07/16/2016 06:42 AM 107,520 agilevpn.sys
10/14/2016 10:31 PM 227,328 ahcache.sys
07/16/2016 06:41 AM 123,392 amdk8.sys
07/16/2016 06:41 AM 120,832 amdppm.sys
07/16/2016 06:41 AM 83,296 amdsata.sys
07/16/2016 06:41 AM 259,424 amdsbs.sys
07/16/2016 06:41 AM 26,976 amdxata.sys
07/16/2016 06:42 AM 172,896 appid.sys
07/16/2016 06:42 AM 15,360 applockerfltr.sys
07/16/2016 06:41 AM 131,936 arcsas.sys
08/31/2017 11:08 PM 320,528 aswbidsdrivera.sys
08/31/2017 11:08 PM 198,976 aswbidsha.sys
08/31/2017 11:08 PM 343,296 aswbloga.sys
08/31/2017 11:08 PM 57,736 aswbuniva.sys
08/31/2017 11:09 PM 47,016 aswHwid.sys
08/31/2017 11:08 PM 41,832 aswKbd.sys
08/31/2017 11:09 PM 147,784 aswMonFlt.sys
07/01/2017 04:23 AM 146,664 aswmonflt.sys.150043549378103
08/31/2017 11:09 PM 110,376 aswRdr2.sys
08/31/2017 11:09 PM 84,416 aswRvrt.sys
08/31/2017 11:08 PM 1,016,384 aswSnx.sys
08/31/2017 11:09 PM 590,880 aswSP.sys
07/10/2016 05:41 PM 473,592 aswsp.sys.146819051778102
08/31/2017 11:09 PM 199,312 aswStm.sys
05/15/2017 01:50 PM 158,368 aswstm.sys.149487423759302
08/31/2017 11:09 PM 361,336 aswVmm.sys
02/10/2017 09:52 AM 337,080 aswvmm.sys.148673840507804
07/01/2017 04:23 AM 360,792 aswvmm.sys.149890102287506
07/16/2016 06:42 AM 28,160 asyncmac.sys
07/16/2016 06:41 AM 28,512 atapi.sys
07/16/2016 06:41 AM 191,840 ataport.sys
12/14/2015 06:20 PM 21,048 awealloc.sys
03/28/2017 12:36 AM 56,320 BasicDisplay.sys
06/03/2017 04:15 AM 41,472 BasicRender.sys
07/16/2016 06:41 AM 36,192 battc.sys
07/16/2016 06:41 AM 9,728 bcmfn.sys
07/16/2016 06:41 AM 9,728 bcmfn2.sys
07/16/2016 06:42 AM 9,728 beep.sys
03/30/2015 01:01 AM 17,600 BootDefragDriver.sys
11/08/2016 01:40 PM 101,888 bowser.sys
07/07/2017 01:49 AM 115,200 bridge.sys
07/16/2016 06:41 AM 22,016 BtaMPM.sys
07/16/2016 06:41 AM 43,008 BthAvrcpTg.sys
07/16/2016 06:41 AM 65,536 bthhfenum.sys
07/16/2016 06:41 AM 31,232 BthhfHid.sys
07/16/2016 06:41 AM 66,048 bthmodem.sys
07/16/2016 06:41 AM 38,912 buttonconverter.sys
07/16/2016 06:41 AM 533,856 bxvbda.sys
09/10/2016 08:21 AM 118,272 capimg.sys
07/16/2016 06:42 AM 92,160 cdfs.sys
07/16/2016 06:41 AM 173,056 cdrom.sys
07/16/2016 06:42 AM 76,640 CEA.sys
07/16/2016 06:41 AM 102,752 cht4dx64.sys
07/16/2016 06:41 AM 346,976 cht4sx64.sys
07/16/2016 06:41 AM 2,104,160 cht4vx64.sys
07/16/2016 06:41 AM 48,640 circlass.sys
03/04/2017 02:20 AM 379,744 Classpnp.sys
08/01/2017 02:29 PM 376,672 clfs.sys
09/07/2016 12:33 AM 681,304 ClipSp.sys
06/25/2012 12:24 PM 92,536 CLVirtualDrive.sys
07/16/2016 06:41 AM 29,696 CmBatt.sys
09/15/2016 12:29 PM 23,392 cmimcext.sys
08/01/2017 02:21 PM 624,048 cng.sys
07/16/2016 06:42 AM 38,752 cnghwassist.sys
07/16/2016 06:42 AM 53,088 condrv.sys
05/29/2012 05:53 PM 27,456 cpqdfw.sys
10/14/2016 11:29 PM 79,200 crashdmp.sys
03/04/2017 02:15 AM 63,328 dam.sys
07/16/2016 06:41 AM 44,032 devauthe.sys
06/21/2017 01:58 AM 144,896 dfsc.sys
07/16/2016 06:41 AM 101,720 disk.sys
07/16/2016 06:42 AM 38,240 Diskdump.sys
07/16/2016 06:42 AM 14,336 Dmpusbstor.sys
07/16/2016 06:41 AM 35,840 dmvsc.sys
07/16/2016 06:41 AM 97,280 drmk.sys
07/16/2016 06:41 AM 16,168 drmkaud.sys
07/16/2016 06:42 AM 35,680 Dumpata.sys
07/16/2016 06:44 AM 89,560 dumpfve.sys
06/03/2017 04:54 AM 187,232 dumpsd.sys
07/16/2016 06:42 AM 31,744 dumpsdport.sys
07/12/2017 01:02 AM 2,186,592 dxgkrnl.sys
07/12/2017 01:02 AM 402,776 dxgmms1.sys
03/04/2017 02:09 AM 658,784 dxgmms2.sys
07/16/2016 06:42 AM 88,416 EhStorClass.sys
09/07/2016 12:29 AM 118,112 EhStorTcgDrv.sys
08/26/2017 06:06 AM <DIR> en-US
07/16/2016 06:41 AM 13,312 errdev.sys
12/23/2016 02:33 AM <DIR> etc
07/16/2016 06:41 AM 3,418,976 evbda.sys
07/16/2016 06:42 AM 334,848 exfat.sys
11/11/2016 05:13 AM 352,096 fastfat.sys
07/16/2016 06:41 AM 32,256 fdc.sys
07/16/2016 06:42 AM 88,576 filecrypt.sys
07/16/2016 06:42 AM 85,344 fileinfo.sys
07/16/2016 06:42 AM 35,840 filetrace.sys
07/16/2016 06:41 AM 26,112 flpydisk.sys
07/16/2016 06:42 AM 377,696 fltMgr.sys
04/27/2017 07:44 PM 62,816 fsdepends.sys
07/16/2016 06:42 AM 31,584 fs_rec.sys
09/15/2016 12:15 PM 649,568 fvevol.sys
03/04/2017 02:17 AM 409,952 FWPKCLNT.SYS
07/16/2016 06:41 AM 20,480 genericusbfn.sys
07/16/2016 06:42 AM 3,440,660 gm.dls
07/16/2016 06:42 AM 646 gmreadme.txt
07/16/2016 06:42 AM 8,192 gpuenergydrv.sys
12/16/2015 09:17 PM 20,160 GUBootStartup.sys
07/16/2016 06:41 AM 83,456 hdaudbus.sys
07/18/2012 03:46 AM 62,784 HECIx64.sys
07/16/2016 06:41 AM 36,704 hidbatt.sys
07/16/2016 06:41 AM 108,032 hidbth.sys
10/14/2016 10:55 PM 156,672 hidclass.sys
07/16/2016 06:41 AM 51,200 hidi2c.sys
07/16/2016 06:41 AM 50,016 hidinterrupt.sys
07/16/2016 06:41 AM 46,592 hidir.sys
08/05/2016 10:46 PM 40,960 hidparse.sys
08/05/2016 10:47 PM 38,400 hidusb.sys
07/16/2016 06:41 AM 64,352 HpSAMD.sys
08/01/2017 02:13 PM 1,102,176 http.sys
08/05/2016 11:16 PM 73,568 hvservice.sys
03/04/2017 02:07 AM 110,944 hvsocket.sys
07/16/2016 06:42 AM 29,536 hwpolicy.sys
07/16/2016 06:41 AM 16,384 hyperkbd.sys
07/16/2016 06:41 AM 114,176 i8042prt.sys
07/16/2016 06:41 AM 33,280 iagpio.sys
07/16/2016 06:41 AM 81,408 iai2c.sys
07/16/2016 06:41 AM 64,512 iaLPSS2i_GPIO2.sys
07/16/2016 06:41 AM 176,384 iaLPSS2i_I2C.sys
07/16/2016 06:41 AM 38,128 iaLPSSi_GPIO.sys
07/16/2016 06:41 AM 113,152 iaLPSSi_I2C.sys
07/31/2015 11:58 PM 680,832 iaStorA.sys
07/16/2016 06:41 AM 673,120 iaStorAV.sys
07/16/2016 06:41 AM 412,000 iaStorV.sys
07/16/2016 06:41 AM 526,176 ibbus.sys
12/14/2015 06:20 PM 48,704 imdisk.sys
03/17/2017 12:57 AM 44,096 IMFCameraProtect.sys
07/16/2016 06:42 AM 35,840 IndirectKmd.sys
07/16/2016 06:41 AM 19,296 intelide.sys
07/18/2012 03:47 AM 15,168 IntelMEFWVer.dll
07/16/2016 06:41 AM 48,152 intelpep.sys
07/16/2016 06:41 AM 134,144 intelppm.sys
11/08/2016 01:40 PM 48,992 iorate.sys
07/16/2016 06:42 AM 85,504 ipfltdrv.sys
03/04/2017 02:24 AM 90,976 IPMIDrv.sys
07/16/2016 06:42 AM 212,480 ipnat.sys
07/16/2016 06:42 AM 120,320 irda.sys
07/16/2016 06:42 AM 19,456 irenum.sys
07/16/2016 06:41 AM 22,880 isapnp.sys
07/16/2016 06:41 AM 62,304 kbdclass.sys
09/15/2016 11:43 AM 39,424 kbdhid.sys
07/16/2016 06:41 AM 25,088 kdnic.sys
03/04/2017 01:28 AM 394,752 ks.sys
08/01/2017 02:32 PM 133,984 ksecdd.sys
08/01/2017 02:25 PM 168,800 ksecpkg.sys
07/16/2016 06:42 AM 26,112 ksthunk.sys
06/16/2016 10:59 PM 161,864 L1C63x64.sys
07/16/2016 06:42 AM 66,048 lltdio.sys
08/31/2017 11:09 PM 61,304 lpsport.sys
07/16/2016 06:41 AM 108,896 lsi_sas.sys
07/16/2016 06:41 AM 105,824 lsi_sas2i.sys
07/16/2016 06:41 AM 101,216 lsi_sas3i.sys
07/16/2016 06:41 AM 82,776 lsi_sss.sys
07/16/2016 06:42 AM 125,952 luafv.sys
09/11/2017 06:45 AM 77,440 mbae64.sys
09/11/2017 06:46 AM 45,472 mbam.sys
09/11/2017 06:46 AM 192,960 MBAMChameleon.sys
09/11/2017 05:38 AM 253,888 MBAMSwissArmy.sys
07/16/2016 06:42 AM 22,528 mcd.sys
07/16/2016 06:41 AM 59,744 megasas.sys
10/05/2016 05:09 AM 64,352 MegaSas2i.sys
07/16/2016 06:41 AM 575,840 megasr.sys
07/16/2016 06:41 AM 842,584 mlx4_bus.sys
07/16/2016 06:42 AM 48,128 mmcss.sys
11/11/2016 04:26 AM 42,496 modem.sys
07/16/2016 06:41 AM 38,400 monitor.sys
07/16/2016 06:41 AM 59,232 mouclass.sys
07/16/2016 06:41 AM 32,256 mouhid.sys
07/16/2016 06:42 AM 104,800 mountmgr.sys
07/16/2016 06:42 AM 75,776 mpsdrv.sys
10/05/2016 04:20 AM 143,872 mrxdav.sys
03/04/2017 02:08 AM 450,400 mrxsmb.sys
07/07/2017 01:39 AM 282,624 mrxsmb10.sys
07/12/2017 01:00 AM 223,072 mrxsmb20.sys
07/16/2016 06:42 AM 31,232 msfs.sys
07/16/2016 06:42 AM 3 MsftWdf_Kernel_01019_Inbox_Critical.Wdf
07/16/2016 06:42 AM 3 MsftWdf_User_01_11_00_Inbox_Critical.Wdf
07/16/2016 06:42 AM 168,800 msgpioclx.sys
07/16/2016 06:41 AM 50,528 msgpiowin32.sys
07/16/2016 06:42 AM 8,704 mshidkmdf.sys
07/16/2016 06:42 AM 11,776 mshidumdf.sys
09/11/2017 06:33 AM 81,696 msidntfs.sys
07/16/2016 06:41 AM 18,784 msisadrv.sys
07/12/2017 12:56 AM 277,856 msiscsi.sys
03/04/2017 01:36 AM 27,136 mskssrv.sys
07/16/2016 06:42 AM 78,336 mslldp.sys
07/16/2016 06:42 AM 10,752 mspclock.sys
07/16/2016 06:42 AM 10,752 mspqm.sys
07/16/2016 06:42 AM 361,312 msrpc.sys
07/16/2016 06:41 AM 43,360 mssmbios.sys
07/16/2016 06:42 AM 12,800 mstee.sys
07/16/2016 06:41 AM 15,872 MTConfig.sys
06/21/2017 02:50 AM 126,304 mup.sys
07/16/2016 06:41 AM 63,840 mvumis.sys
09/11/2017 06:39 AM 94,144 mwac.sys
07/16/2016 06:41 AM 108,896 ndfltr.sys
07/12/2017 01:09 AM 1,181,024 ndis.sys
07/16/2016 06:42 AM 50,176 ndiscap.sys
07/16/2016 06:42 AM 126,464 NdisImPlatform.sys
07/16/2016 06:42 AM 26,112 ndistapi.sys
07/16/2016 06:42 AM 63,488 ndisuio.sys
07/16/2016 06:42 AM 20,480 NdisVirtualBus.sys
07/16/2016 06:42 AM 189,440 ndiswan.sys
07/16/2016 06:42 AM 60,928 ndproxy.sys
07/16/2016 06:42 AM 125,440 Ndu.sys
07/16/2016 06:42 AM 90,624 NetAdapterCx.sys
07/16/2016 06:42 AM 57,184 netbios.sys
07/16/2016 06:42 AM 279,040 netbt.sys
07/07/2017 02:37 AM 468,320 netio.sys
06/12/2015 04:59 AM 2,554,528 netr28x.sys
02/11/2011 04:23 PM 35,344 npf.sys
07/16/2016 06:42 AM 68,608 npfs.sys
07/16/2016 06:41 AM 26,624 npsvctrig.sys
07/16/2016 06:42 AM 41,984 nsiproxy.sys
07/12/2017 01:13 AM 2,253,664 ntfs.sys
07/16/2016 06:43 AM 19,296 ntosext.sys
07/16/2016 06:42 AM 7,168 null.sys
07/08/2017 08:49 PM 218,712 nvhda64v.sys
07/19/2017 03:13 PM 15,668,664 nvlddmkm.sys
07/16/2016 06:41 AM 150,368 nvraid.sys
07/16/2016 06:41 AM 166,240 nvstor.sys
06/21/2017 02:07 AM 48,248 nvvad64v.sys
07/18/2017 07:40 PM 57,792 nvvhci.sys
03/04/2017 01:30 AM 535,552 nwifi.sys
07/12/2017 01:00 AM 160,608 pacer.sys
07/16/2016 06:41 AM 96,768 parport.sys
03/04/2017 02:20 AM 128,352 partmgr.sys
12/14/2016 12:18 AM 335,712 pci.sys
07/16/2016 06:41 AM 16,224 pciide.sys
07/16/2016 06:41 AM 52,576 pciidex.sys
07/16/2016 06:41 AM 118,112 pcmcia.sys
07/16/2016 06:42 AM 51,552 pcw.sys
07/07/2017 02:44 AM 108,896 pdc.sys
07/16/2016 06:42 AM 723,968 PEAuth.sys
07/16/2016 06:41 AM 58,720 percsas2i.sys
07/16/2016 06:41 AM 61,792 percsas3i.sys
07/16/2016 06:41 AM 366,592 portcls.sys
07/16/2016 06:41 AM 119,808 processr.sys
07/16/2016 06:42 AM 48,640 qwavedrv.sys
07/16/2016 06:42 AM 17,408 rasacd.sys
07/16/2016 06:42 AM 104,960 rasl2tp.sys
04/27/2017 07:03 PM 81,408 raspppoe.sys
07/16/2016 06:42 AM 96,256 raspptp.sys
07/16/2016 06:42 AM 77,824 rassstp.sys
02/24/2016 02:08 PM 41,576 rawdsk3.sys
04/27/2017 07:38 PM 431,968 rdbss.sys
07/16/2016 09:27 AM 26,112 rdpbus.sys
07/16/2016 09:27 AM 177,152 rdpdr.sys
07/16/2016 09:27 AM 29,536 rdpvideominiport.sys
07/16/2016 06:42 AM 267,104 rdyboost.sys
07/16/2016 06:42 AM 928,608 refsv1.sys
07/16/2016 06:42 AM 70,144 registry.sys
07/16/2016 06:41 AM 39,936 RfxVmt.sys
07/16/2016 06:42 AM 147,968 rmcast.sys
07/16/2016 06:42 AM 34,304 RNDISMP.sys
06/21/2017 02:03 AM 13,312 rootmdm.sys
07/16/2016 06:42 AM 81,408 rspndr.sys
05/13/2016 10:54 AM 407,768 RtsUer.sys
07/16/2016 06:41 AM 110,432 sbp2port.sys
07/16/2016 06:42 AM 43,008 scfilter.sys
06/21/2017 02:52 AM 88,416 scmbus.sys
07/12/2017 12:24 AM 124,928 scmdisk0101.sys
07/16/2016 06:42 AM 173,408 scsiport.sys
06/03/2017 05:16 AM 279,904 sdbus.sys
07/16/2016 06:42 AM 95,584 sdport.sys
07/12/2017 01:00 AM 95,584 sdstor.sys
07/16/2016 06:42 AM 74,592 SerCx.sys
07/16/2016 06:42 AM 151,904 SerCx2.sys
07/16/2016 06:41 AM 25,088 serenum.sys
07/16/2016 06:41 AM 83,968 serial.sys
07/16/2016 06:41 AM 27,648 sermouse.sys
07/16/2016 06:41 AM 18,432 sfloppy.sys
07/16/2016 06:41 AM 44,896 sisraid2.sys
07/16/2016 06:41 AM 81,760 sisraid4.sys
07/16/2016 06:42 AM 22,016 smclib.sys
08/01/2017 02:20 PM 557,408 spaceport.sys
07/16/2016 06:42 AM 79,200 SpbCx.sys
04/27/2017 06:51 PM 409,600 srv.sys
04/27/2017 06:51 PM 713,216 srv2.sys
09/11/2017 05:43 AM 113,488 srvilpsv.sys
09/06/2016 11:45 PM 248,320 srvnet.sys
07/16/2016 06:41 AM 31,072 stexstor.sys
03/04/2017 02:08 AM 130,912 storahci.sys
07/12/2017 01:17 AM 81,760 stornvme.sys
06/03/2017 04:49 AM 509,280 storport.sys
07/16/2016 06:42 AM 78,336 storqosflt.sys
07/16/2016 06:41 AM 32,096 storufs.sys
07/16/2016 06:41 AM 36,192 storvsc.sys
07/16/2016 06:42 AM 74,240 stream.sys
06/16/2016 10:58 PM 561,672 stwrt64.sys
07/16/2016 06:41 AM 17,760 swenum.sys
07/16/2016 06:41 AM 64,000 Synth3dVsc.sys
07/16/2016 06:42 AM 30,720 tape.sys
07/16/2016 06:42 AM 26,976 tbs.sys
08/01/2017 02:13 PM 2,532,192 tcpip.sys
07/07/2017 01:46 AM 52,224 tcpipreg.sys
07/16/2016 06:42 AM 40,288 tdi.sys
08/01/2017 02:27 PM 118,112 tdx.sys
10/10/2016 03:28 AM 186,424 TeeDriverW8x64.sys
07/16/2016 09:27 AM 38,752 terminpt.sys
06/03/2017 05:11 AM 128,864 tm.sys
11/11/2016 05:00 AM 219,488 tpm.sys
12/05/2016 03:32 PM 520,032 trufos.sys
07/16/2016 06:42 AM 61,440 TsUsbFlt.sys
07/16/2016 06:41 AM 34,304 TsUsbGD.sys
07/16/2016 06:42 AM 158,208 tunnel.sys
07/16/2016 06:41 AM 77,152 uaspstor.sys
07/16/2016 06:42 AM 95,744 UcmCx.sys
07/16/2016 06:42 AM 108,544 UcmTcpciCx.sys
07/16/2016 06:41 AM 50,688 UcmUcsi.sys
07/16/2016 06:42 AM 210,272 Ucx01000.sys
07/16/2016 06:42 AM 45,568 Udecx.sys
07/16/2016 06:42 AM 320,000 udfs.sys
07/16/2016 06:41 AM 28,512 uefi.sys
07/16/2016 06:42 AM 263,008 ufx01000.sys
07/16/2016 06:41 AM 96,608 UfxChipidea.sys
07/16/2016 06:41 AM 137,056 ufxsynopsys.sys
07/16/2016 06:41 AM 56,832 umbus.sys
07/16/2016 09:14 AM <DIR> UMDF
07/16/2016 06:41 AM 13,824 umpass.sys
07/16/2016 06:41 AM 28,512 urschipidea.sys
07/16/2016 06:42 AM 57,696 urscx01000.sys
07/16/2016 06:41 AM 27,488 urssynopsys.sys
07/16/2016 06:42 AM 23,040 usb8023.sys
07/16/2016 06:42 AM 36,864 USBCAMD2.sys
07/16/2016 06:41 AM 169,312 usbccgp.sys
07/16/2016 06:41 AM 102,400 usbcir.sys
07/16/2016 06:41 AM 32,608 usbd.sys
07/16/2016 06:41 AM 96,096 usbehci.sys
07/16/2016 06:41 AM 501,088 usbhub.sys
07/16/2016 06:41 AM 535,904 USBHUB3.SYS
07/16/2016 06:41 AM 30,208 usbohci.sys
07/16/2016 06:41 AM 455,520 usbport.sys
07/16/2016 06:41 AM 27,648 usbprint.sys
07/16/2016 06:43 AM 32,256 usbrpm.sys
07/16/2016 06:41 AM 69,120 usbser.sys
06/21/2017 02:36 AM 129,888 USBSTOR.SYS
07/16/2016 06:41 AM 35,328 usbuhci.sys
06/03/2017 04:50 AM 381,792 USBXHCI.SYS
07/16/2016 06:41 AM 53,088 vdrvroot.sys
07/16/2016 06:42 AM 201,056 VerifierExt.sys
07/12/2017 01:01 AM 715,104 vhdmp.sys
07/16/2016 06:42 AM 32,256 vhf.sys
07/16/2016 06:42 AM 50,176 videoprt.sys
08/01/2017 02:20 PM 79,712 vmbkmcl.sys
08/01/2017 01:52 PM 80,896 vmbkmclr.sys
07/16/2016 06:41 AM 104,288 vmbus.sys
07/16/2016 06:41 AM 25,088 VMBusHID.sys
07/16/2016 06:41 AM 13,312 vmgencounter.sys
07/16/2016 06:41 AM 10,240 vmgid.sys
07/16/2016 06:41 AM 9,216 vms3cap.sys
07/16/2016 06:41 AM 46,944 vmstorfl.sys
07/16/2016 06:41 AM 80,224 volmgr.sys
07/16/2016 06:42 AM 367,456 volmgrx.sys
07/16/2016 06:42 AM 391,520 volsnap.sys
07/16/2016 06:41 AM 16,224 volume.sys
09/15/2016 12:29 PM 74,080 vpci.sys
07/16/2016 06:41 AM 166,752 vsmraid.sys
07/16/2016 06:41 AM 305,504 VSTXRAID.SYS
07/16/2016 06:42 AM 26,624 vwifibus.sys
07/16/2016 06:42 AM 73,216 vwififlt.sys
04/27/2017 07:02 PM 40,448 vwifimp.sys
07/16/2016 06:41 AM 30,208 wacompen.sys
07/16/2016 06:42 AM 79,872 wanarp.sys
07/16/2016 06:42 AM 56,320 watchdog.sys
09/15/2016 12:14 PM 119,648 wcifs.sys
07/12/2017 12:25 AM 66,560 wcnfs.sys
07/16/2016 06:43 AM 44,056 WdBoot.sys
07/16/2016 06:42 AM 861,296 Wdf01000.sys
07/16/2016 06:43 AM 290,144 WdFilter.sys
07/16/2016 06:42 AM 61,040 WdfLdr.sys
06/21/2017 01:56 AM 719,872 WdiWiFi.sys
07/16/2016 06:43 AM 123,232 WdNisDrv.sys
07/16/2016 06:42 AM 39,776 werkernel.sys
07/12/2017 01:01 AM 156,000 wfplwfs.sys
07/16/2016 06:42 AM 35,680 wimmount.sys
07/16/2016 06:42 AM 107,032 WindowsTrustedRT.sys
07/16/2016 06:41 AM 17,944 WindowsTrustedRTProxy.sys
07/16/2016 06:42 AM 31,584 winhv.sys
09/15/2016 11:42 AM 51,712 winhvr.sys
07/16/2016 06:41 AM 32,096 winmad.sys
12/21/2016 05:59 AM 14,544 WinRing0.sys
07/16/2016 06:41 AM 89,088 winusb.sys
07/16/2016 06:41 AM 64,864 winverbs.sys
07/16/2016 06:41 AM 18,432 wmiacpi.sys
07/16/2016 06:42 AM 20,320 wmilib.sys
10/22/2016 04:52 PM 199,008 wof.sys
07/16/2016 06:44 AM 30,560 WpdUpFltr.sys
07/16/2016 06:42 AM 31,584 WppRecorder.sys
07/16/2016 06:42 AM 22,528 ws2ifsl.sys
07/16/2016 06:42 AM 99,328 WUDFPf.sys
07/16/2016 06:42 AM 216,064 WUDFRd.sys
03/04/2017 01:34 AM 258,560 xboxgip.sys
08/20/2016 12:20 AM 43,520 xinputhid.sys
06/06/2015 05:16 AM 63,840 XtuAcpiDriver.sys
434 File(s) 99,725,584 bytes
5 Dir(s) 6,651,637,760 bytes free========= End of CMD: =========
==== End of Fixlog 07:29:32 ==== -
Was still finishing post
with files. Did not except such quick reply. Attached files in reply as instructed.
Please inform how to delete files that system does NOT allow ( access denied ) and how to start WEB PROTECTION.
Thank U.
-
1. Did not detect.
C:\Users\J\AppData\Local\ctfardb\ctfardb.exe detected: Gen:Variant.Zusy.255923 (B) [krnl.xmd]
C:\Users\J\AppData\Local\ctfardb\winvfdq.exe detected: Gen:Variant.Mikey.69550 (B) [krnl.xmd]2. Unable to turn on Web Protection
Please advise.
with files. Did not except such quick reply. Attached files in reply as instructed.
~ Keep Avast ? ~
in Resolved Malware Removal Logs
Posted
thank U
Please thank the engineer that designed the root-kit !!! The guys is a genius !!!
Best wishes !!!