Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C0000135 The program can't start because %hs is missing


  • This topic is locked This topic is locked
2 replies to this topic

#1 JohnyR

JohnyR

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:05 PM

Posted 10 November 2014 - 07:32 PM

Hey guys, sisters system has been recently failing to boot. I'm assuming from some sort of trojan/virus/malware that malwarebytes deleted, and is causing the system to try to load files that don't exist.

 

Here's the logs f rom FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by SYSTEM on MININT-B7DHVL0 on 10-11-2014 19:18:30
Running from G:\
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-01] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [LogMeIn GUI] => c:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-11-05] (LogMeIn, Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-08-23] (Power Software Ltd)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Default\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] ()
HKU\Default User\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-12] ()
HKU\Jessica\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Jessica\...\Run: [AdobeBridge] => [X]
HKU\Jessica\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\Jessica\...\Run: [Facebook Update] => C:\Users\Jessica\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-16] (Facebook Inc.)
Startup: C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET)
S2 HPSLPSVC; C:\Users\Jessica\AppData\Local\Temp\7zS389E\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-16] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-16] (Intel Corporation)
S2 LMIGuardianSvc; c:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376168 2014-10-23] (LogMeIn, Inc.)
S2 LMIMaint; c:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-10-23] (LogMeIn, Inc.)
S2 LogMeIn; c:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-11-05] (LogMeIn, Inc.)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [76960 2012-02-27] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
S1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET)
S2 LMIInfo; c:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-11-05] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\btath_flt.sys 78B183A794A08978EA0A8D017054352B
C:\Windows\System32\DRIVERS\athrx.sys 4EF8D5C1C0A02A9D1C2C465BA730EE69
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrSerId.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\drivers\btath_a2dp.sys 3E352B570E9CD1047A596927896D6F7C
C:\Windows\System32\drivers\btath_avdt.sys AF715C0F2A656BDA9D4AF470224325C7
C:\Windows\System32\DRIVERS\btath_bus.sys D438A33D568C76C24E8D7394981F42DC
C:\Windows\System32\DRIVERS\btath_hcrp.sys 6EFA8C93009E0BE0886C2422C7D20BC5
C:\Windows\System32\DRIVERS\btath_lwflt.sys 168506D0F0C8DF588F8A7E25C58A2DE6
C:\Windows\System32\DRIVERS\btath_rcp.sys 7C8FB1D73BD279DD914CCA6ED0F4F62B
C:\Windows\System32\DRIVERS\btfilter.sys 4F6EA72C82C05C8C67643C9E0585108A
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys F59E2FE2687A5C30598F9099F318EB73
C:\Windows\System32\DRIVERS\eamonm.sys D00EAE9C735A7DEE8049E50D73D25434
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys E5EDDE3C8158DD0CBC5812F201DCDED0
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfw.sys 587F0F4145A1536A6E37EFD769B7665F
C:\Windows\System32\DRIVERS\EpfwLWF.sys D2F812358EE8EE23CBB5C4DAFFB5B819
C:\Windows\System32\DRIVERS\epfwwfp.sys 34BF55D69AB74D14C7E7A17259CB7DF8
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys C224331A54571C8C9162F7714400BBBD
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 3FB253E8059A1AAC3A8B83A31D094CC5
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 112A84BD9A31C59826AC2979D451F0DA
C:\Windows\System32\DRIVERS\IntcDAud.sys 6C9FFFECA9FED31347D211C5D1FFBD2D
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\iusb3hcs.sys 846354992EBB373F452EB9182D501B08
C:\Windows\System32\DRIVERS\iusb3hub.sys 1D88A23853387D34D52CC8F9DDBFC56C
C:\Windows\System32\DRIVERS\iusb3xhc.sys FC5EFD7C797DF19DFB999F0605A7924E
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
c:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 0F28935ECF1FBDEC22BAF720A5A94564
C:\Windows\System32\DRIVERS\lmimirr.sys 413ECDCFAD9A82804D3674C8D7EEC24E
C:\Windows\system32\drivers\LMIRfsDriver.sys C57D3FAA50E6F395759FFB7C709BD944
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lvrs64.sys 0C85B2B6FB74B36A251792D45E0EF860
C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 6B01B7414A105B9E51652089A03027CF
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mwlPSDFilter.sys C009123B206C56854F4E88596035231D
C:\Windows\System32\DRIVERS\mwlPSDNServ.sys BF3739EEB9F008B1DEBAC115089A53F8
C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys 38DD143D95E7A01B86F219DDA9C28779
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\system32\drivers\NTIDrvr.sys EE3BA1024594D5D09E314F206B94069E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys BC08F7F3C53CBEE68670ED1314E290FD
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RtsBaStor.sys 7D9A999CCBB82020321BCCFEB9BB3C91
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys C5CD940EFFADE1F6246730BCA14E9FE6
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SCDEmu.sys 3A09F31454DFEFBB124BAF378F90B636
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 0A535B4F638D5BBCF3EE6C997BF33892
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys A17D5E1A6DF4EAB0A480F2C490DE4C9D
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 19:18 - 2014-11-10 19:18 - 00000000 ____D () C:\FRST
2014-10-23 13:29 - 2014-10-23 13:29 - 00000000 ___RD () C:\Users\Jessica\AppData\Roaming\Brother
2014-10-20 19:52 - 2014-10-23 10:11 - 00000000 ____D () C:\Users\Jessica\Documents\UNIGE Université de Genève - Mobilité universitaire - General procedure_files
2014-10-20 19:52 - 2014-10-20 19:52 - 00033023 _____ () C:\Users\Jessica\Documents\UNIGE Université de Genève - Mobilité universitaire - General procedure.htm
2014-10-15 16:13 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-10-15 16:13 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2014-10-15 16:13 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-10-15 16:13 - 2014-10-06 18:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-10-15 16:13 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 16:13 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-10-15 16:13 - 2014-09-25 14:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-10-15 16:13 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 16:13 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 16:13 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 16:13 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 16:13 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 16:13 - 2014-09-25 14:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-10-15 16:13 - 2014-09-18 17:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-10-15 16:13 - 2014-09-18 17:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-10-15 16:13 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 16:13 - 2014-09-18 17:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-10-15 16:13 - 2014-09-18 17:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-10-15 16:13 - 2014-09-18 17:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-10-15 16:13 - 2014-09-18 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-10-15 16:13 - 2014-09-18 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-10-15 16:13 - 2014-09-18 17:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-10-15 16:13 - 2014-09-18 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-10-15 16:13 - 2014-09-18 17:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-10-15 16:13 - 2014-09-18 17:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-10-15 16:13 - 2014-09-18 17:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-10-15 16:13 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 16:13 - 2014-09-18 17:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-10-15 16:13 - 2014-09-18 17:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-10-15 16:13 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 16:13 - 2014-09-18 17:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-10-15 16:13 - 2014-09-18 17:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-10-15 16:13 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 16:13 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 16:13 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 16:13 - 2014-09-18 17:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-10-15 16:13 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 16:13 - 2014-09-18 16:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-10-15 16:13 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 16:13 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 16:13 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 16:13 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 16:13 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 16:13 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 16:13 - 2014-09-18 16:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-10-15 16:13 - 2014-09-18 16:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-10-15 16:13 - 2014-09-18 16:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-10-15 16:13 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 16:13 - 2014-09-18 16:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-10-15 16:13 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 16:13 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 16:13 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 16:13 - 2014-09-18 16:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-10-15 16:13 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 16:13 - 2014-09-18 15:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-10-15 16:13 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 16:13 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 16:13 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2014-10-15 16:13 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 16:13 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 16:13 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2014-10-15 16:13 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 16:13 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\System32\mscories.dll
2014-10-15 16:12 - 2014-09-18 18:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-10-15 16:12 - 2014-09-18 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-10-15 16:12 - 2014-09-18 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-10-15 16:10 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-10-15 16:10 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 16:10 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll
2014-10-15 16:10 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 16:10 - 2014-07-16 18:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-10-15 16:10 - 2014-07-16 18:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2014-10-15 16:10 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2014-10-15 16:10 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-10-15 16:10 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\winsta.dll
2014-10-15 16:10 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2014-10-15 16:10 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-10-15 16:10 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-10-15 16:10 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 16:10 - 2014-07-16 17:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 16:10 - 2014-07-16 17:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 16:10 - 2014-07-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 16:10 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 16:10 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 16:10 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2014-10-15 16:10 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-10-15 16:09 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll
2014-10-15 16:09 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 13:24 - 2014-10-15 13:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 15:54 - 2009-07-13 20:51 - 00109073 _____ () C:\Windows\setupact.log
2014-11-06 20:21 - 2009-07-13 21:13 - 00782510 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-11-06 19:30 - 2014-09-18 12:23 - 00000000 ____D () C:\Users\Jessica\Documents\FR 3380
2014-11-06 09:05 - 2012-07-12 01:53 - 01738451 _____ () C:\Windows\WindowsUpdate.log
2014-11-06 08:51 - 2012-09-02 18:14 - 00000000 ____D () C:\Users\Jessica\AppData\Roaming\Skype
2014-11-06 08:23 - 2013-04-16 15:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-06 08:16 - 2012-12-19 15:22 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-06 07:31 - 2014-05-16 09:17 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3147186438-2853973931-675725717-1000UA.job
2014-11-06 07:15 - 2012-12-19 15:22 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-06 05:58 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-06 05:58 - 2009-07-13 20:45 - 00031472 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-06 05:51 - 2012-07-12 01:59 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-11-06 05:50 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-05 21:54 - 2013-12-23 11:15 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-11-05 21:54 - 2013-01-06 21:25 - 00000000 ___RD () C:\Users\Jessica\Dropbox
2014-11-05 19:11 - 2014-09-10 14:42 - 00000000 ____D () C:\Users\Jessica\Documents\CRIM 3655
2014-11-05 19:11 - 2014-09-08 10:33 - 00000000 ____D () C:\Users\Jessica\Documents\CRIM 3652
2014-11-05 15:58 - 2012-07-12 01:59 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-11-05 15:20 - 2014-05-16 09:17 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3147186438-2853973931-675725717-1000Core.job
2014-11-03 11:47 - 2013-01-06 21:23 - 00000000 ____D () C:\Users\Jessica\AppData\Roaming\Dropbox
2014-11-02 12:58 - 2014-09-06 08:28 - 00000000 ____D () C:\Users\Jessica\Documents\FR 2100
2014-11-01 05:56 - 2014-09-06 08:30 - 00000000 ____D () C:\Users\Jessica\Documents\FR 2081
2014-10-30 13:46 - 2013-02-28 10:59 - 00000000 ____D () C:\Users\Jessica\Documents\Zumba
2014-10-29 10:30 - 2014-05-15 07:41 - 00000000 ____D () C:\Users\Jessica\Documents\FR 4000 level
2014-10-28 02:34 - 2010-11-20 19:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-10-26 16:14 - 2010-11-20 19:47 - 00179418 _____ () C:\Windows\PFRO.log
2014-10-25 06:10 - 2012-12-19 15:22 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-25 06:10 - 2012-12-19 15:22 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-23 13:29 - 2014-09-21 19:47 - 00000426 _____ () C:\Windows\BRWMARK.INI
2014-10-23 09:55 - 2013-12-23 11:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-10-23 09:54 - 2013-12-23 11:15 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll
2014-10-23 09:54 - 2013-12-23 11:15 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll
2014-10-23 09:54 - 2013-12-23 11:15 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll
2014-10-20 05:01 - 2013-12-23 11:15 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll.001.bak
2014-10-18 16:11 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 19:32 - 2013-07-29 19:52 - 00012288 _____ () C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-17 19:02 - 2009-07-13 20:45 - 05030712 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-10-17 19:01 - 2012-08-31 16:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-17 19:00 - 2014-05-06 11:35 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-10-17 15:07 - 2013-04-01 19:26 - 00000000 ____D () C:\Users\Jessica\Documents\Salsa Club at York

Some content of TEMP:
====================
C:\Users\Jessica\AppData\Local\Temp\AVG.exe
C:\Users\Jessica\AppData\Local\Temp\chatzum_aff50_nt_s.exe
C:\Users\Jessica\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpatqd7c.dll
C:\Users\Jessica\AppData\Local\Temp\HPInstaller.exe
C:\Users\Jessica\AppData\Local\Temp\mcgfd93o.dll
C:\Users\Jessica\AppData\Local\Temp\PicasaUpdater_465c.exe
C:\Users\Jessica\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jessica\AppData\Local\Temp\yontoo-c3.exe
C:\Users\Jessica\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Jessica\AppData\Local\Temp\_TinDel.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2014-10-15 16:10] - [2014-07-16 18:07] - 0455168 ____A (Microsoft Corporation) 8CEBD9D0A0A879CDE9F36F4383B7CAEA

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-10-15 16:03:05
Restore point made on: 2014-10-17 14:32:39
Restore point made on: 2014-10-21 09:14:10
Restore point made on: 2014-10-24 18:21:02
Restore point made on: 2014-10-28 12:11:09
Restore point made on: 2014-11-04 15:30:21

==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 5937.6 MB
Available physical RAM: 5190.35 MB
Total Pagefile: 5935.75 MB
Available Pagefile: 5189.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:449.06 GB) (Free:146.86 GB) NTFS
Drive e: (PQSERVICE) (Fixed) (Total:16.6 GB) (Free:0.89 GB) NTFS
Drive g: (Johny-USB) (Removable) (Total:14.72 GB) (Free:11.6 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3C69E0C0)
Partition 1: (Not Active) - (Size=16.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.7 GB) (Disk ID: 39FFFCD6)
Partition 1: (Active) - (Size=14.7 GB) - (Type=07 NTFS)


LastRegBack: 2014-11-05 18:09

==================== End Of Log ============================

and search.txt

Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by SYSTEM at 2014-11-10 19:21:08
Running from G:\
Boot Mode: Recovery

================== Search Files: "services.exe;winsrv.*" =============

C:\Windows\winsxs\wow64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a412dbba527dc14e\winsrv.dll.mui
[2010-11-20 23:06][2010-11-20 23:06] 0008192 ____A (Microsoft Corporation) 9848765E88322400BDC710A76ADEA841

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22653_none_1501e21acc33cfc4\winsrv.dll
[2014-05-14 13:22][2014-04-11 18:32] 0215552 ____A (Microsoft Corporation) BDADDE9AD8DD2BF67426C23A8874D776

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22616_none_153022a8cc10ac05\winsrv.dll
[2014-04-09 07:40][2014-03-04 03:08] 0215552 ____A (Microsoft Corporation) 9A1BEE89214174AC2862344670C42B5A

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22436_none_151a7f04cc20e999\winsrv.dll
[2013-10-09 04:37][2013-08-28 18:21] 0215040 ____A (Microsoft Corporation) 516D82106CAFAE156C61C5AB627A6409

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22411_none_152b1d6acc153304\winsrv.dll
[2013-09-10 18:47][2013-08-01 22:23] 0215040 ____A (Microsoft Corporation) 99AACC82C6B8A8E976CA59CFD3C322EF

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22379_none_14f23e4ccc3ea83b\winsrv.dll
[2013-08-14 11:25][2013-07-07 21:18] 0215040 ____A (Microsoft Corporation) 1F1DA89B6582F8728ECEB1C35438C1E7

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22209_none_153debdacc05e77d\winsrv.dll
[2013-02-13 05:09][2013-01-03 21:43] 0215040 ____A (Microsoft Corporation) 5F38CFC96BCA5DD462E2B243B6E31849

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22177_none_14f039eccc407b3f\winsrv.dll
[2013-01-09 11:59][2012-11-29 21:55] 0215040 ____A (Microsoft Corporation) C2B1F6196C7FE1EA1BF827312B095D06

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22125_none_152448f4cc19bcdc\winsrv.dll
[2012-12-12 15:57][2012-10-04 09:43] 0215040 ____A (Microsoft Corporation) CC44EBC3E04E76AABE19EB4A16663E4A

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22091_none_14d49672cc561df0\winsrv.dll
[2012-10-10 13:24][2012-08-20 10:27] 0215040 ____A (Microsoft Corporation) 111AFE35DD2D423EE8E176CA7B2BBDC7

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll
[2012-04-03 23:32][2011-06-23 21:27] 0214528 ____A (Microsoft Corporation) C13D05A015346DED3D722BE285814495

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2012-04-03 23:29][2011-06-02 23:01] 0214528 ____A (Microsoft Corporation) 5AA1C7B5F471C4657BE38447BC397665

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_15276bfecc16de2a\winsrv.dll
[2012-04-03 23:28][2011-05-13 23:11] 0214528 ____A (Microsoft Corporation) 1A589228B6DC007120F877DBBD6CB79D

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18229_none_149eb11db2f87cbc\winsrv.dll
[2013-09-10 18:47][2013-08-01 18:14] 0215040 ____A (Microsoft Corporation) 88EDD0B34EED542745931E581AD21A32

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2013-02-13 05:09][2013-01-03 21:46] 0215040 ____A (Microsoft Corporation) 0C27239FEA4DB8A2AAC9E502186B7264

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18015_none_14a57c15b2f40121\winsrv.dll
[2013-01-09 11:59][2012-11-29 21:45] 0215040 ____A (Microsoft Corporation) 9E479C2B605C25DA4971ABA36250FAEF

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17965_none_146f9457b31c5994\winsrv.dll
[2012-12-12 15:57][2012-10-04 09:45] 0215040 ____A (Microsoft Corporation) 72CC564BBC70DE268784BCE91EB8A28F

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17932_none_148d033db306b9bc\winsrv.dll
[2012-10-10 13:24][2012-08-20 10:48] 0215040 ____A (Microsoft Corporation) F46BBAAC1C4980F4D0DD463F190A42D3

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll
[2012-04-03 23:32][2011-06-23 21:34] 0214528 ____A (Microsoft Corporation) EB6A48CC998E1090E44E8E7F1009A640

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2012-04-03 23:29][2011-06-02 22:57] 0214528 ____A (Microsoft Corporation) 9F761CE1C6C013120B2F0DB27D48C06F

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_14a79ed5b2f20918\winsrv.dll
[2012-04-03 23:28][2011-05-13 23:24] 0214528 ____A (Microsoft Corporation) 3A8135A7DED2FA0DAD3BDE1B14865A8A

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2010-11-20 19:24][2010-11-20 19:24] 0214016 ____N (Microsoft Corporation) E0406AEF04B088D1C49FC78D0546F689

C:\Windows\winsxs\amd64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_99be31681e1cff53\winsrv.dll.mui
[2010-11-20 23:06][2010-11-20 23:06] 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA

C:\Windows\winsxs\amd64_microsoft-windows-winsrv-adm_31bf3856ad364e35_6.1.7600.16385_none_74fe9f3a6d505307\Winsrv.admx
[2009-06-10 12:42][2009-06-10 12:42] 0001342 ____A () B28573159BDEA736F3BDFF16604A4AD3

C:\Windows\winsxs\amd64_microsoft-windows-winsrv-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c01e7ca36d3191ee\Winsrv.adml
[2010-11-20 23:06][2010-11-20 23:06] 0001453 ____A () 76D4B8899387BCD0C081D4301E1B18DE

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19][2009-07-13 17:39] 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\SysWOW64\en-US\winsrv.dll.mui
[2010-11-20 23:06][2010-11-20 23:06] 0008192 ____A (Microsoft Corporation) 9848765E88322400BDC710A76ADEA841

C:\Windows\System32\services.exe
[2009-07-13 15:19][2009-07-13 17:39] 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\winsrv.dll
[2013-09-10 18:47][2013-08-01 18:14] 0215040 ____A (Microsoft Corporation) 88EDD0B34EED542745931E581AD21A32

C:\Windows\System32\en-US\winsrv.dll.mui
[2010-11-20 23:06][2010-11-20 23:06] 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA

X:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_12738849b6063c52\winsrv.dll
[2009-07-13 15:38][2009-07-13 17:41] 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C

X:\Windows\winsxs\amd64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_en-us_99be31681e1cff53\winsrv.dll.mui
[2009-07-13 19:03][2009-07-13 19:03] 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA

X:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19][2009-07-13 17:39] 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

X:\Windows\System32\services.exe
[2009-07-13 15:19][2009-07-13 17:39] 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

X:\Windows\System32\winsrv.dll
[2009-07-13 15:38][2009-07-13 17:41] 0214016 ____A (Microsoft Corporation) 457B44AB6D502E55F64A867D4F35C76C

X:\Windows\System32\en-US\winsrv.dll.mui
[2009-07-13 19:03][2009-07-13 19:03] 0008192 ____A (Microsoft Corporation) 0E4E26AF593AC5023E55333096DDD9EA

====== End Of Search ======

Thanks!


Edited by JohnyR, 10 November 2014 - 07:54 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,669 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:05 PM

Posted 15 November 2014 - 07:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/555624 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,669 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:05 PM

Posted 15 November 2014 - 08:46 PM

You have stated that you no longer need help with this issue, therefore I am closing this topic. If that is not the case and you need or wish to continue with this topic, please send any Moderator a Personal Message (PM) that you would like this topic re-opened.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users