Jump to content

Seriously need help here!


Recommended Posts

Hello. I seem to be in a pinch here. My PC is loaded with malware and SpyHunter 4 is doing everything in its power to drive these viruses out. I'm afraid its at its limit. It managed to get rid of about 400+ infections with about 125+ leftover. It's so bad, I cannot install Google Chrome [i get a no internet connection warning even though there is a connection]. Malwarebytes will no longer run [it says that the application was unable to start correctly]. It refuses to uninstall [i get a Runtime Error]]. And loads of other stuff including pop-ups and webpage redirects.... Please help me!

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Settings.JPG
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Change default download folder location in Edge:

Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....

Next,

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…




If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...



Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach those logs to your reply.



Let me see those logs in your next reply...

Thank you,

Kevin...
 

Link to post
Share on other sites

Ok. Here's the Adwcleaner log:

# AdwCleaner v5.037 - Logfile created 05/03/2016 at 17:32:55# Updated 28/02/2016 by Xplode# Database : 2016-02-28.2 [Local]# Operating system : Windows 10 Enterprise  (x64)# Username : Lagann - DESKTOP-T9EVTT2# Running from : C:\Users\Lagann\Desktop\AdwCleaner.exe# Option : Clean# Support : http://toolslib.net/forum***** [ Services ] ********** [ Folders ] ********** [ Files ] ********** [ DLLs ] ********** [ Shortcuts ] ********** [ Scheduled tasks ] ********** [ Registry ] ********** [ Web browsers ] ******************************:: "Tracing" keys removed:: Winsock settings cleared*************************C:\AdwCleaner\AdwCleaner[C1].txt - [3876 bytes] - [05/03/2016 16:48:38]C:\AdwCleaner\AdwCleaner[C2].txt - [768 bytes] - [05/03/2016 17:32:55]C:\AdwCleaner\AdwCleaner[S1].txt - [3474 bytes] - [05/03/2016 16:46:32]C:\AdwCleaner\AdwCleaner[S2].txt - [902 bytes] - [05/03/2016 17:30:50]########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [985 bytes] ##########
Link to post
Share on other sites

Yes. FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01Ran by Lagann (administrator) on DESKTOP-T9EVTT2 (05-03-2016 17:44:26)Running from C:\Users\Lagann\DesktopLoaded Profiles: Lagann (Available Profiles: Lagann)Platform: Windows 10 Enterprise (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: IE)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Scarlet.Crush Productions) C:\Program Files (x86)\Scarlet.Crush Productions\bin\ScpService.exe(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe() C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe(Microsoft Corporation) C:\Windows\System32\browser_broker.exe(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe==================== Registry (Whitelisted) ===========================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-22] (NVIDIA Corporation)HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation)HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntryHKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2012-01-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [815512 2012-01-03] (Adobe Systems Inc.)HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)HKLM-x32\...\Run: [DNS7reminder] => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [949960 2015-06-07] (CyberLink Corp.)HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.)HKLM-x32\...\Run: [DocFetcher-Daemon] => C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe [563621 2015-01-14] ()HKU\S-1-5-21-1944114367-1499729980-2533702647-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-13] (Flexera Software LLC.)HKU\S-1-5-21-1944114367-1499729980-2533702647-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)HKU\S-1-5-21-1944114367-1499729980-2533702647-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)HKU\S-1-5-21-1944114367-1499729980-2533702647-1001\...\Run: [dbahal] => rundll32.exe "C:\Users\Lagann\AppData\Local\dbahal.dll",dbahal <===== ATTENTIONHKU\S-1-5-21-1944114367-1499729980-2533702647-1001\...\MountPoints2: {4d946c14-841d-11e5-9c2a-e0cb4e0e18d1} - "D:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-1944114367-1499729980-2533702647-1001\...\MountPoints2: {599bb877-33b6-11e5-9bc6-e0cb4e0e18d1} - "G:\HTC_Sync_Manager_PC.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No FileGroupPolicy: Restriction - Chrome <======= ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{1f994439-ba5b-4a5a-a53f-532910a6c2e3}: [DhcpNameServer] 192.168.1.1Internet Explorer:==================BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-04] (Microsoft Corporation)BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-11-10] (Oracle Corporation)BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-11-10] (Oracle Corporation)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2016-02-21] (Oracle Corporation)BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03] (Adobe Systems Incorporated)BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03] (Adobe Systems Incorporated)Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No FileToolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03] (Adobe Systems Incorporated)Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)FireFox:========FF ProfilePath: C:\Users\Lagann\AppData\Roaming\Mozilla\Firefox\Profiles\fbtfdeb4.defaultFF Homepage: hxxp://www.google.comFF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-11-10] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-11-10] (Oracle Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll [2012-07-19] (Nuance Communications Inc.)FF user.js: detected! => C:\Users\Lagann\AppData\Roaming\Mozilla\Firefox\Profiles\fbtfdeb4.default\user.js [2016-03-04]FF Extension: 1-Click YouTube Video Downloader - C:\Users\Lagann\AppData\Roaming\Mozilla\Firefox\Profiles\fbtfdeb4.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-12-21]FF Extension: YouTube Video and Audio Downloader - C:\Users\Lagann\AppData\Roaming\Mozilla\Firefox\Profiles\fbtfdeb4.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-12-21]FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-07-26] [not signed]FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpiFF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18] [not signed]Chrome: =======CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]==================== Services (Whitelisted) ========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [97704 2015-04-11] (Alcohol Soft Development Team)S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.)S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.)S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.)R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)R2 Ds3Service; C:\Program Files (x86)\Scarlet.Crush Productions\bin\ScpService.exe [388352 2015-12-09] (Scarlet.Crush Productions)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-22] (NVIDIA Corporation)R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2940704 2015-12-28] (IObit)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-22] (NVIDIA Corporation)R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-22] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-22] (NVIDIA Corporation)R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [887352 2016-01-28] (Bitdefender)R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [737184 2012-05-04] (Enigma Software Group USA, LLC.)S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-07-26] (VIA Technologies, Inc.)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [256912 2015-05-27] (Wondershare)===================== Drivers (Whitelisted) ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems)S3 esgiguard; C:\Users\Lagann\AppData\Local\Temp\RarSFX0\esgiguard.sys [16432 2015-04-16] (Enigma Software Group USA, LLC.)R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2016-03-05] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2015-07-26] ()R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-22] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162960 2015-07-26] (Duplex Secure Ltd)S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-06-07] (CyberLink Corp.)S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]S0 b06bdrv; System32\drivers\bxvbda.sys [X]S1 bsxgnfms; \??\C:\Windows\system32\drivers\bsxgnfms.sys [X]S2 spd3ssl; \??\C:\Program Files (x86)\Spyware Process Detector\spd324.sys [X]S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2016-03-05 17:44 - 2016-03-05 17:44 - 00019315 _____ C:\Users\Lagann\Desktop\FRST.txt2016-03-05 17:43 - 2016-03-05 17:44 - 00000000 ____D C:\FRST2016-03-05 17:43 - 2016-03-05 17:43 - 02374144 _____ (Farbar) C:\Users\Lagann\Desktop\FRST64.exe2016-03-05 17:35 - 2016-03-05 17:35 - 00016148 _____ C:\Windows\system32\DESKTOP-T9EVTT2_Lagann_HistoryPrediction.bin2016-03-05 17:30 - 2016-03-05 17:30 - 01518592 _____ C:\Users\Lagann\Desktop\AdwCleaner.exe2016-03-05 17:28 - 2016-03-05 17:29 - 22908888 _____ (Malwarebytes ) C:\Users\Lagann\Desktop\mbam-setup-2.2.0.1024.exe2016-03-05 17:23 - 2016-03-05 17:23 - 00000000 ____D C:\Users\Lagann\Desktop\Stardock2016-03-05 17:23 - 2016-03-05 16:46 - 01518592 _____ C:\Users\Lagann\Desktop\adwcleaner_5.037.exe2016-03-05 17:23 - 2016-03-05 16:42 - 00987728 _____ (Google Inc.) C:\Users\Lagann\Desktop\ChromeSetup (2).exe2016-03-05 17:23 - 2016-03-05 16:38 - 02686232 _____ (Microsoft Corporation) C:\Users\Lagann\Desktop\vcredist_x86 (1).exe2016-03-05 17:23 - 2016-03-05 16:37 - 02686232 _____ (Microsoft Corporation) C:\Users\Lagann\Desktop\vcredist_x86.exe2016-03-05 17:23 - 2016-03-05 16:21 - 00242080 _____ C:\Users\Lagann\Desktop\Firefox Setup Stub 44.0.2.exe2016-03-05 17:23 - 2016-03-05 15:35 - 00987728 _____ (Google Inc.) C:\Users\Lagann\Desktop\ChromeSetup (1).exe2016-03-05 17:23 - 2016-03-05 15:34 - 00987728 _____ (Google Inc.) C:\Users\Lagann\Desktop\ChromeSetup.exe2016-03-05 16:46 - 2016-03-05 17:32 - 00000000 ____D C:\AdwCleaner2016-03-05 16:24 - 2016-03-05 16:24 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job2016-03-05 15:26 - 2016-03-05 15:26 - 103301120 _____ C:\Windows\system32\config\SOFTWARE.iobit2016-03-05 15:26 - 2016-03-05 15:26 - 05287936 _____ C:\Windows\system32\config\drivers.iobit2016-03-05 15:26 - 2016-03-05 15:26 - 00212992 _____ C:\Windows\system32\config\DEFAULT.iobit2016-03-05 15:26 - 2016-03-05 15:26 - 00069632 _____ C:\Windows\system32\config\SAM.iobit2016-03-05 15:26 - 2016-03-05 15:26 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit2016-03-05 14:44 - 2016-03-05 14:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2016-03-05 14:44 - 2016-03-05 14:44 - 00001191 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2016-03-05 14:44 - 2016-03-05 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2016-03-05 14:44 - 2016-03-05 14:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware2016-03-05 14:44 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2016-03-05 14:44 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2016-03-05 14:44 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2016-03-04 20:02 - 2016-03-04 20:02 - 00003314 _____ C:\Windows\System32\Tasks\{F67F759C-45EE-4384-8854-C1DEB88A204F}2016-03-04 20:01 - 2016-03-04 20:01 - 00003248 _____ C:\Windows\System32\Tasks\{66F56DCE-CD2D-4BD7-8972-62BA898CF3BE}2016-03-04 19:37 - 2016-03-04 19:37 - 00001008 __RSH C:\ProgramData\ntuser.pol2016-03-04 19:37 - 2016-03-04 19:37 - 00000258 __RSH C:\Users\Lagann\ntuser.pol2016-03-04 19:35 - 2016-03-05 15:56 - 00000000 ____D C:\Windows\system32\dina2016-03-04 19:33 - 2016-03-04 19:33 - 00011264 ____N C:\Users\Lagann\AppData\Local\dbahal.dll2016-03-04 19:32 - 2016-03-04 19:33 - 00000000 ____D C:\Users\Lagann\AppData\Local\Tempfolder2016-03-04 19:32 - 2016-03-04 19:32 - 00000000 ____D C:\Users\Lagann\AppData\LocalLow\Company2016-03-04 19:32 - 2016-03-04 19:32 - 00000000 ____D C:\uninst2016-03-04 19:28 - 2016-03-04 19:28 - 06427620 _____ C:\Users\Lagann\Desktop\ES File Explorer File Manager v4.0.4.5 Mod - android-zone.ws.apk2016-03-04 19:26 - 2016-03-04 19:27 - 07713871 _____ C:\Users\Lagann\Desktop\Titanium Backup-Pro-7.3.0.1 - android-zone.ws.apk2016-03-04 18:59 - 2016-03-04 18:59 - 00000000 ____D C:\Users\Public\Documents\Halfpricesoft2016-03-02 19:57 - 2016-03-02 19:58 - 00000000 ____D C:\360 Controller APPs2016-03-02 17:26 - 2016-03-02 17:45 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin2016-03-02 17:26 - 2016-03-02 17:45 - 00000000 ____D C:\Program Files (x86)\ChequePro2016-03-02 17:17 - 2016-03-02 17:17 - 00000000 ____D C:\Users\Lagann\Documents\IDAutomation Labels2016-03-02 17:00 - 2016-03-02 17:00 - 00000000 ___SD C:\Users\Lagann\Documents\My Data Sources2016-02-29 19:17 - 2016-02-29 19:17 - 00014620 _____ C:\1.txt2016-02-29 19:16 - 2016-03-05 15:40 - 00000272 _____ C:\Windows\Tasks\ASC9_SkipUac_Lagann.job2016-02-29 19:16 - 2016-02-29 19:16 - 00002502 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Lagann2016-02-29 19:16 - 2016-02-29 19:16 - 00002448 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_Lagann2016-02-29 19:16 - 2016-02-29 19:16 - 00000312 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Lagann.job2016-02-29 19:16 - 2016-02-29 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller2016-02-29 19:16 - 2016-02-29 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare2016-02-29 19:16 - 2016-02-29 19:16 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}2016-02-29 19:01 - 2016-02-29 19:01 - 00000000 ____D C:\Users\Lagann\AppData\Local\IsolatedStorage2016-02-29 18:52 - 2016-02-29 19:05 - 00000000 ____D C:\Users\Lagann\AppData\Local\Intuit2016-02-29 18:52 - 2016-02-29 18:52 - 00000000 ____D C:\Windows\Intuit2016-02-29 18:52 - 2016-02-29 18:52 - 00000000 ____D C:\Users\Lagann\AppData\Roaming\SQL Anywhere 162016-02-29 18:48 - 2012-01-05 12:43 - 04218880 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll2016-02-29 18:45 - 2016-02-29 19:10 - 00000111 _____ C:\Windows\QBChanUtil_Trigger.ini2016-02-29 18:45 - 2016-02-29 19:10 - 00000000 ____D C:\ProgramData\Intuit2016-02-29 18:44 - 2016-02-29 19:10 - 00000000 ____D C:\Program Files (x86)\Intuit2016-02-29 16:43 - 2016-02-29 16:47 - 00000000 ____D C:\Users\Lagann\Documents\VCheck2016-02-29 16:42 - 2016-02-29 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VersaCheck Platinum 20072016-02-29 16:42 - 2016-02-29 16:47 - 00000036 _____ C:\Windows\iltwain.ini2016-02-28 19:06 - 2016-01-22 21:54 - 01542600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2016-02-28 19:06 - 2016-01-22 21:53 - 01859936 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2016-02-28 19:05 - 2016-02-09 00:29 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2016-02-28 19:05 - 2016-02-09 00:04 - 00111672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2016-02-28 19:03 - 2016-02-28 19:06 - 00000000 ____D C:\Windows\LastGood.Tmp2016-02-28 19:01 - 2016-02-10 01:28 - 00047040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys2016-02-28 19:01 - 2016-02-10 01:27 - 12478528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2016-02-28 19:01 - 2016-02-09 03:25 - 42983480 _____ C:\Windows\system32\nvcompiler.dll2016-02-28 19:01 - 2016-02-09 03:25 - 37616184 _____ C:\Windows\SysWOW64\nvcompiler.dll2016-02-28 19:01 - 2016-02-09 03:25 - 31119296 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2016-02-28 19:01 - 2016-02-09 03:25 - 24944064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2016-02-28 19:01 - 2016-02-09 03:25 - 21201784 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2016-02-28 19:01 - 2016-02-09 03:25 - 20741880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2016-02-28 19:01 - 2016-02-09 03:25 - 19779648 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2016-02-28 19:01 - 2016-02-09 03:25 - 17631304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2016-02-28 19:01 - 2016-02-09 03:25 - 17224664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2016-02-28 19:01 - 2016-02-09 03:25 - 17175248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2016-02-28 19:01 - 2016-02-09 03:25 - 17116936 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2016-02-28 19:01 - 2016-02-09 03:25 - 14115136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2016-02-28 19:01 - 2016-02-09 03:25 - 03649576 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2016-02-28 19:01 - 2016-02-09 03:25 - 03231544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2016-02-28 19:01 - 2016-02-09 03:25 - 02541504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2016-02-28 19:01 - 2016-02-09 03:25 - 02187712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2016-02-28 19:01 - 2016-02-09 03:25 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436191.dll2016-02-28 19:01 - 2016-02-09 03:25 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436191.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00950328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00882232 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00745408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00541000 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00445728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2016-02-28 19:01 - 2016-02-09 03:25 - 00035832 _____ C:\Windows\system32\nvinfo.pb2016-02-28 19:01 - 2015-12-18 01:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2016-02-28 19:01 - 2015-12-18 01:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll2016-02-28 19:01 - 2015-12-18 01:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2016-02-28 18:56 - 2016-02-28 18:56 - 00003028 _____ C:\Windows\System32\Tasks\klcp_update2016-02-28 18:40 - 2016-02-28 18:40 - 00335520 _____ C:\Windows\Minidump\022816-42296-01.dmp2016-02-27 17:34 - 2016-02-27 17:34 - 00001155 _____ C:\Users\Lagann\AppData\Roaming\SAS7_000.DAT2016-02-23 20:42 - 2016-02-28 18:40 - 505139922 _____ C:\Windows\MEMORY.DMP2016-02-22 17:15 - 2016-02-23 20:42 - 00108544 ____N C:\Windows\Minidump\022316-23156-01.dmp2016-02-21 12:51 - 2016-02-21 14:31 - 00000000 ____D C:\Users\Lagann\AppData\Roaming\DocFetcher2016-02-21 12:51 - 2016-02-21 12:51 - 00000000 ____D C:\Users\Lagann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocFetcher2016-02-21 12:51 - 2016-02-21 12:51 - 00000000 ____D C:\Program Files (x86)\DocFetcher2016-02-21 12:50 - 2016-02-21 12:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2016-02-21 12:50 - 2016-02-21 12:50 - 00000000 ____D C:\Program Files (x86)\Java2016-02-21 12:10 - 2016-02-21 12:10 - 00002589 _____ C:\Users\Lagann\Desktop\Microsoft PowerPoint Viewer .lnk2016-02-21 11:47 - 2016-02-21 11:47 - 00002589 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk2016-02-21 11:47 - 2016-02-21 11:47 - 00000000 ____D C:\Program Files (x86)\MSECache2016-02-20 18:03 - 2016-02-20 18:03 - 00000000 ____D C:\Users\Lagann\AppData\Local\StreetFighterV2016-02-16 20:19 - 2016-02-22 17:15 - 00087552 ____N C:\Windows\Minidump\022216-44046-01.dmp2016-02-14 14:04 - 2015-02-21 21:42 - 00000058 _____ C:\Users\Lagann\Desktop\ExtraTorrent.url2016-02-11 22:21 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll2016-02-11 22:09 - 2016-02-11 22:23 - 00000000 ___HD C:\Program Files (x86)\Temp2016-02-11 22:09 - 2016-02-11 22:09 - 00000000 ____D C:\Program Files (x86)\Realtek2016-02-10 22:42 - 2016-02-02 17:47 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2016-02-10 22:42 - 2016-02-02 17:47 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2016-02-09 20:44 - 2016-01-31 01:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll2016-02-09 20:44 - 2016-01-31 01:04 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll2016-02-09 20:43 - 2016-01-31 01:25 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2016-02-09 20:43 - 2016-01-31 01:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll2016-02-09 20:43 - 2016-01-31 01:24 - 01824880 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2016-02-09 20:43 - 2016-01-31 01:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll2016-02-09 20:43 - 2016-01-31 01:06 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2016-02-09 20:43 - 2016-01-31 01:06 - 01531368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2016-02-09 20:43 - 2016-01-31 01:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll2016-02-09 20:43 - 2016-01-31 01:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll2016-02-09 20:43 - 2016-01-31 00:38 - 21873152 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll2016-02-09 20:43 - 2016-01-31 00:33 - 24593920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2016-02-09 20:43 - 2016-01-31 00:29 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll2016-02-09 20:43 - 2016-01-31 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll2016-02-09 20:43 - 2016-01-31 00:26 - 06787072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll2016-02-09 20:43 - 2016-01-31 00:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2016-02-09 20:43 - 2016-01-31 00:25 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2016-02-09 20:43 - 2016-01-31 00:25 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2016-02-09 20:43 - 2016-01-31 00:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2016-02-09 20:43 - 2016-01-31 00:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2016-02-09 20:43 - 2016-01-31 00:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll2016-02-09 20:43 - 2016-01-31 00:20 - 02849792 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2016-02-09 20:43 - 2016-01-31 00:19 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2016-02-09 20:43 - 2016-01-31 00:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll2016-02-09 20:43 - 2016-01-31 00:18 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll2016-02-09 20:43 - 2016-01-31 00:17 - 19324928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2016-02-09 20:43 - 2016-01-31 00:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll2016-02-09 20:43 - 2016-01-31 00:16 - 09889280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll2016-02-09 20:43 - 2016-01-31 00:14 - 07525376 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll2016-02-09 20:43 - 2016-01-31 00:14 - 03588096 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys2016-02-09 20:43 - 2016-01-31 00:13 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2016-02-09 20:43 - 2016-01-31 00:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll2016-02-09 20:43 - 2016-01-31 00:11 - 05156352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll2016-02-09 20:43 - 2016-01-31 00:11 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll2016-02-09 20:43 - 2016-01-31 00:07 - 18802176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll2016-02-09 20:43 - 2016-01-31 00:06 - 02316800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2016-02-09 20:43 - 2016-01-31 00:05 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll2016-02-09 20:43 - 2016-01-31 00:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll2016-02-09 20:43 - 2016-01-31 00:02 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2016-02-09 20:43 - 2016-01-31 00:02 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2016-02-09 20:43 - 2016-01-31 00:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2016-02-09 20:43 - 2016-01-30 23:59 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll2016-02-09 20:42 - 2016-01-31 00:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll2016-02-09 20:42 - 2016-01-31 00:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll2016-02-09 20:42 - 2016-01-31 00:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll2016-02-09 20:42 - 2016-01-31 00:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2016-02-09 20:42 - 2016-01-31 00:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2016-02-09 20:42 - 2016-01-31 00:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2016-02-09 20:42 - 2016-01-31 00:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll2016-02-09 20:42 - 2016-01-31 00:18 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll2016-02-09 20:42 - 2016-01-31 00:16 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2016-02-09 20:42 - 2016-01-31 00:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll2016-02-09 20:42 - 2016-01-31 00:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2016-02-09 20:42 - 2016-01-31 00:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll2016-02-09 20:42 - 2016-01-31 00:05 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2016-02-09 20:42 - 2016-01-31 00:05 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll2016-02-09 20:42 - 2016-01-30 23:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll2016-02-07 15:57 - 2015-05-12 11:36 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus64.sys2016-02-07 13:57 - 2016-02-07 13:57 - 00466400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys2016-02-07 13:56 - 2016-02-20 17:36 - 00000000 ____D C:\ProgramData\AVAST Software2016-02-07 13:25 - 2016-02-07 13:25 - 00003794 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD398642016-02-07 13:23 - 2016-02-07 13:23 - 00000385 _____ C:\Windows\system32\user_gensett.xml2016-02-07 13:23 - 2016-02-07 13:23 - 00000385 _____ C:\Users\Lagann\AppData\Roaminguser_gensett.xml2016-02-07 13:12 - 2016-03-05 14:30 - 00000000 ____D C:\Program Files\Bitdefender Agent2016-02-07 13:12 - 2016-02-07 13:12 - 00000000 ____D C:\ProgramData\Bitdefender Agent2016-02-05 20:36 - 2016-02-05 20:36 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk2016-02-05 20:36 - 2016-02-05 20:36 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk2016-02-05 20:36 - 2016-02-05 20:36 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk2016-02-05 20:36 - 2016-02-05 20:36 - 00002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk2016-02-05 20:36 - 2016-02-05 20:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk2016-02-05 20:36 - 2016-02-05 20:36 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk2016-02-05 20:36 - 2016-02-05 20:36 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk2016-02-05 20:34 - 2016-02-05 20:36 - 00000000 ____D C:\Program Files\Microsoft Office 152016-02-05 19:27 - 2016-02-05 19:27 - 00000127 _____ C:\Users\Lagann\Desktop\Android Zone.url2016-02-05 19:25 - 2010-11-30 00:48 - 00000110 _____ C:\Users\Lagann\Desktop\GameFAQs.URL2016-02-05 19:22 - 2015-04-26 09:22 - 00000061 _____ C:\Users\Lagann\Desktop\Play Store.url==================== One Month Modified files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2016-03-05 17:44 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps2016-03-05 17:44 - 2015-07-10 06:04 - 00000000 ____D C:\Windows\AppReadiness2016-03-05 17:40 - 2015-07-28 14:09 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job2016-03-05 17:34 - 2015-11-10 21:27 - 00000091 _____ C:\HaxLogs.txt2016-03-05 17:34 - 2015-07-26 11:03 - 00000000 ____D C:\ProgramData\NVIDIA2016-03-05 17:34 - 2015-07-10 07:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT2016-03-05 17:33 - 2015-07-10 04:05 - 00524288 ___SH C:\Windows\system32\config\BBI2016-03-05 17:23 - 2015-07-26 10:35 - 00000000 ____D C:\Users\Lagann2016-03-05 17:18 - 2015-10-10 12:57 - 00000000 ____D C:\Users\Lagann\AppData\Local\CrashDumps2016-03-05 17:00 - 2015-07-26 10:44 - 00000000 ___RD C:\Users\Lagann\Desktop\Blue Pegasus2016-03-05 16:58 - 2015-07-26 12:02 - 00000000 ____D C:\Program Files (x86)\Google2016-03-05 16:56 - 2015-07-28 14:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2016-03-05 16:33 - 2015-07-28 13:58 - 00004170 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D939BC69-C68B-464C-99FC-34B5AB87AA8C}2016-03-05 16:03 - 2015-12-27 20:42 - 00000000 ____D C:\Users\Lagann\AppData\Roaming\MPC-HC2016-03-05 15:56 - 2015-07-26 12:17 - 00000000 ____D C:\Users\Lagann\AppData\Local\Microsoft Help2016-03-05 15:56 - 2015-07-26 12:08 - 00000000 ____D C:\RealTemp_3702016-03-05 15:56 - 2015-07-26 11:57 - 00000000 ____D C:\ProgramData\Alcohol Soft2016-03-05 15:56 - 2015-07-26 11:56 - 00000000 ____D C:\Users\Lagann\AppData\Roaming\ProductData2016-03-05 15:56 - 2015-07-26 11:55 - 00000000 ____D C:\Users\Lagann\AppData\LocalLow\IObit2016-03-05 15:56 - 2015-07-26 11:55 - 00000000 ____D C:\ProgramData\ProductData2016-03-05 15:56 - 2015-07-26 11:55 - 00000000 ____D C:\ProgramData\IObit2016-03-05 15:56 - 2015-07-10 06:04 - 00000000 ___HD C:\Windows\system32\GroupPolicy2016-03-05 15:49 - 2015-07-10 06:04 - 00000000 ____D C:\Windows\registration2016-03-05 15:32 - 2015-07-10 06:02 - 00000000 ____D C:\Windows\INF2016-03-05 15:23 - 2015-07-26 10:41 - 00000000 ____D C:\Users\Lagann\Desktop\ToolBox2016-03-05 15:22 - 2015-07-26 12:01 - 00000000 ____D C:\Users\Lagann\AppData\Local\Google2016-03-05 15:09 - 2015-12-25 20:45 - 03054541 _____ C:\spyhunter.fix2016-03-05 14:38 - 2015-07-26 12:00 - 00000000 ____D C:\Users\Lagann\Desktop\Download2016-03-04 19:36 - 2015-07-26 11:55 - 00000000 ____D C:\Program Files (x86)\IObit2016-03-04 19:36 - 2015-07-10 07:20 - 00353568 _____ C:\Windows\system32\FNTCACHE.DAT2016-02-29 19:43 - 2015-07-26 12:17 - 00002106 _____ C:\Users\Lagann\AppData\Roaming\Microsoft\Windows\Start Menu\ScreenHunter 6.0 Pro.lnk2016-02-29 19:43 - 2015-07-26 12:17 - 00000000 ____D C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Pro2016-02-29 19:16 - 2015-07-26 11:55 - 00000000 ____D C:\Users\Lagann\AppData\Roaming\IObit2016-02-29 19:10 - 2015-07-26 12:57 - 00000000 ____D C:\ProgramData\Nuance2016-02-29 19:06 - 2015-07-26 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2016-02-29 18:45 - 2015-07-26 13:09 - 00000000 ____D C:\ProgramData\Package Cache2016-02-29 16:43 - 2015-08-07 20:38 - 00000124 _____ C:\Users\Lagann\Documents\ax_files.xml2016-02-28 19:06 - 2015-07-27 13:17 - 00000000 ____D C:\temp2016-02-28 19:06 - 2015-07-26 11:00 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2016-02-28 19:03 - 2015-07-26 10:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation2016-02-28 18:56 - 2015-12-27 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack2016-02-28 18:56 - 2015-12-27 20:40 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack2016-02-28 18:40 - 2015-08-04 13:26 - 00000000 ____D C:\Windows\Minidump2016-02-23 21:37 - 2015-07-10 06:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft2016-02-23 21:35 - 2016-01-30 15:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Office2016-02-22 21:10 - 2015-12-24 20:51 - 00000000 ____D C:\Users\Lagann\Documents\My Kindle Content2016-02-22 17:15 - 2015-07-10 06:04 - 00000000 ___RD C:\Windows\MiracastView2016-02-22 17:15 - 2015-07-10 06:04 - 00000000 ____D C:\Windows\Branding2016-02-17 21:04 - 2015-12-24 20:51 - 00002319 _____ C:\Users\Lagann\Desktop\Kindle.lnk2016-02-12 21:46 - 2015-07-10 06:04 - 00000000 ____D C:\Windows\rescache2016-02-11 22:21 - 2015-07-26 13:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2016-02-11 04:01 - 2015-07-10 08:29 - 00000000 ____D C:\Program Files\Windows Journal2016-02-11 02:56 - 2015-07-28 14:09 - 00004032 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier2016-02-10 22:42 - 2015-07-10 05:55 - 00000000 ____D C:\Windows\CbsTemp2016-02-10 22:41 - 2015-08-11 15:12 - 00000000 ____D C:\Windows\system32\MRT2016-02-10 22:35 - 2015-08-11 15:12 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2016-02-09 00:29 - 2015-07-26 11:02 - 06368824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2016-02-09 00:29 - 2015-07-26 11:02 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2016-02-09 00:29 - 2015-07-26 11:02 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll2016-02-09 00:29 - 2015-07-26 11:02 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2016-02-09 00:29 - 2015-07-26 11:02 - 00530368 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll2016-02-09 00:29 - 2015-07-26 11:02 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2016-02-09 00:29 - 2015-07-26 11:02 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll2016-02-08 18:04 - 2015-07-10 06:04 - 00000000 ____D C:\Windows\ELAMBKUP2016-02-07 15:57 - 2015-11-28 12:37 - 00000000 ____D C:\Program Files (x86)\LG Electronics2016-02-07 13:29 - 2015-11-08 10:47 - 00002361 _____ C:\bdlog.txt2016-02-07 12:45 - 2015-11-08 11:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab2016-02-07 12:45 - 2015-07-10 04:05 - 00032768 ___SH C:\Windows\system32\config\ELAM2016-02-06 09:58 - 2015-07-26 11:02 - 06154909 _____ C:\Windows\system32\nvcoproc.bin2016-02-05 20:36 - 2015-08-29 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools2016-02-05 19:55 - 2015-07-26 10:39 - 00005388 _____ C:\Windows\system32\PerfStringBackup.INI==================== Files in the root of some directories =======2016-01-24 11:57 - 2016-01-24 11:58 - 0099384 _____ () C:\Users\Lagann\AppData\Roaming\inst.exe2016-01-24 11:57 - 2016-01-24 11:58 - 0007859 _____ () C:\Users\Lagann\AppData\Roaming\pcouffin.cat2016-01-24 11:57 - 2016-01-24 11:58 - 0001167 _____ () C:\Users\Lagann\AppData\Roaming\pcouffin.inf2016-01-24 11:57 - 2016-01-24 11:58 - 0000055 _____ () C:\Users\Lagann\AppData\Roaming\pcouffin.log2016-01-24 11:57 - 2016-01-24 11:58 - 0082816 _____ (VSO Software) C:\Users\Lagann\AppData\Roaming\pcouffin.sys2016-02-27 17:34 - 2016-02-27 17:34 - 0001155 _____ () C:\Users\Lagann\AppData\Roaming\SAS7_000.DAT2015-07-26 12:00 - 2016-01-24 11:56 - 0001057 _____ () C:\Users\Lagann\AppData\Roaming\vso_ts_preview.xml2016-03-04 19:33 - 2016-03-04 19:33 - 0011264 ____N () C:\Users\Lagann\AppData\Local\dbahal.dllSome files in TEMP:====================C:\Users\Lagann\AppData\Local\Temp\component.exeC:\Users\Lagann\AppData\Local\Temp\sqlite3.dllC:\Users\Lagann\AppData\Local\Temp\ucbrabs.exeC:\Users\Lagann\AppData\Local\Temp\vk_ok_adblock.exe==================== Bamital & volsnap =================(There is no automatic fix for files that do not pass verification.)C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2016-03-02 07:25==================== End of FRST.txt ============================

Addition txt attached!

Addition.txt

Link to post
Share on other sites

Select the Windows key and X key together, from the menu select "Command prompt (Admin)"

 

Copy the following command at the prompt:

 

Licensingdiag.exe -report %userprofile%\desktop\report.txt -log %userprofile%\desktop\repfiles.cab

 

put cursor at the command prompt then Right click and select paste, hit enter. Two files will be saved to your Desktop.

 

Attach the "report.txt" file to your reply. - you can ignore the repfiles.cab file, it's only backup data

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.