Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help resolve internet connection issues


  • Please log in to reply
10 replies to this topic

#1 Hacked072

Hacked072

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Melbourne, Australia
  • Local time:08:51 AM

Posted 23 December 2015 - 07:33 AM

Hello everyone, I've been having issues connecting to the internet through a wired Ethernet cable directly connected to my modem. I recently removed malware that has made my 'network and sharing center' display "Identifying" on my Local Area Connection making me unable to connect to the internet. I've been trying online help forums but haven't been able to resolve the problem, all drivers are up to date and IPV4 has been checked to automatically obtain IP. I then scanned my computer with 'Farbar' for errors and was generated this log:

 

Farbar Service Scanner Version: 10-06-2014
Ran by Owner (administrator) on 23-12-2015 at 22:40:09
Running from "F:\"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.
 
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.
 
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
Dnscache Service and Dhcp Service are not running, how would I be able to repair/reinstall/enable these services? Any help is greatly appreciated.

Attached Files


Edited by hamluis, 24 December 2015 - 06:23 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 23 December 2015 - 07:51 AM

Open your device manager.SoAuhSB.png hit the start button then copy and paste devmgmt.msc into the start search box hit enter.

Left click the + next to network adapters, right click and un-install your wireless driver.

Then your ethernet driver, make sure and do not tick the box that says delete driver.

7MdsWTd.png

Then, click the View menu and select Show hidden devices

Then click on hHcYBqj.png

Then scroll down right click and uninstall the drivers listed below, don’t worry these will be reinstalled upon reboot by windows.

  • Ancillary Function Driver for Winsock
  • Net BT
  • Http
  • Net Io Legacy Support Driver
  • Tcp/ip Protical Driver
  • Tcp/ip Registry Compatibility
  • NSI proxy Service
  • ide channel
  • Nd Proxy
  • Security Driver
  • Security Processor Loader Driver
  • Windows Firewall Authorization Driver

Each of these files will request a reboot after uninstall.

qKpTWAq.png

Select no until you uninstall the Windows Firewall Authorization Driver then select Yes to reboot your machine.


Edited by InadequateInfirmity, 23 December 2015 - 07:54 AM.


#3 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 23 December 2015 - 08:21 AM

If that fails, then I would like to see the logs from the two programs below.

 

 

 

Minitoolbox scan.

 

 

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Security Check Scan.

 

Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.



#4 Hacked072

Hacked072
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Melbourne, Australia
  • Local time:08:51 AM

Posted 23 December 2015 - 06:28 PM

Thanks for the response, I uninstalled the network adapter and drivers from the list on your first post and rebooted. It didn't resolve the issue, it still displayed "Identifying" on the network. I then downloaded the two programs and these are the results:

 

MiniToolBox:

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Owner (administrator) on 24-12-2015 at 10:21:20
Running from "F:\"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: H81M-D2V Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Could not flush the DNS Resolver Cache: Function failed during execution.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
127.0.0.1       localhost127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
 
There are 5 entries.
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 74-D4-35-D2-F0-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c086:ed4a:3a90:5d7f%11(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.93.127(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  fec0:0:0:ffff::1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  fec0:0:0:ffff::1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...74 d4 35 d2 f0 55 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    169.254.93.127    276
   169.254.93.127  255.255.255.255         On-link    169.254.93.127    276
  169.254.255.255  255.255.255.255         On-link    169.254.93.127    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    169.254.93.127    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    169.254.93.127    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::c086:ed4a:3a90:5d7f/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/24/2015 10:07:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:05:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:04:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:02:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:01:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:00:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 09:58:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 09:57:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 09:55:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 09:54:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/24/2015 10:08:25 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:08:19 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:08:17 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:08:13 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:08:13 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:07:23 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:07:23 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:07:21 AM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 10:07:13 AM) (Source: Service Control Manager) (User: )
Description: The Logitech CPU Core Tempurature service failed to start due to the following error: 
%%577
 
Error: (12/24/2015 10:06:57 AM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service terminated with the following error: 
%%5
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-12-24 10:07:13.731
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:07:13.718
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:06:46.685
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:06:46.685
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:31.115
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:31.100
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:04.059
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:04.059
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:03:48.865
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:03:48.865
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 10%
Total physical RAM: 16269.48 MB
Available physical RAM: 14530.07 MB
Total Virtual: 32537.15 MB
Available Virtual: 30662.39 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:95.14 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1011.13 GB) NTFS
4 Drive f: (USB) (Removable) (Total:14.92 GB) (Free:14.62 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\OWNER-PC
 
Administrator            Guest                    Owner                    
 
 
**** End of log ****
 
Security Check Scan:
 
SecurityCheck by glax24 v.1.4.0.32 [01.11.15]
WebSite: www.safezone.cc
DateLog: 24.12.2015 10:22:13
Path starting: C:\Users\Owner\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Owner
VersionXML: 1.99s-01.11.2015
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) Professional Lang: English(0409)
Installation date OS: 10.04.2015 00:57:22
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [931.4 Gb] Used: [836.3 Gb] Free: [95.1 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.17691 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control disabled
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Notify of download and installation
Date install updates: 2015-04-10 05:49:48
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and out of date)
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.2.2.1
WinRAR 5.21 (64-bit) v.5.21.0
Malwarebytes Anti-Malware version 2.2.0.1024 v.2.2.0.1024
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.17 v.7.17.105 [+]
--------------------------------- [ P2P ] ---------------------------------
BitTorrent v.7.9.5.41373 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 66 (64-bit) v.8.0.660.18 [+]
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.0.0.10 Warning! Download Update
iTunes v.12.1.2.27 Warning! Download Update
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 20 ActiveX v.20.0.0.228 [+]
Adobe Flash Player 20 NPAPI v.20.0.0.235 [+]
Adobe Flash Player 20 PPAPI v.20.0.0.228 [+]
------------------------------- [ Browser ] -------------------------------
Google Chrome v.47.0.2526.106 [+]
Opera Stable 34.0.2036.25 v.34.0.2036.25 [+]
---------------------------- [ UnwantedApps ] -----------------------------
Skype Click to Call v.7.5.0.9082 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems.
----------------------------- [ End of Log ] ------------------------------


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 23 December 2015 - 06:44 PM

What was the nature of your infection, do you remember and specific name???   Also, please re-run minitoolbox,  with the settings that I asked you to run it with.

 

 

Open elevated command prompt and run the command in the code box below, after you run it please reboot and check your connection.

 

  sfc /scannow 

 

If you are unable to connect, then please follow up below.

 

All in one repair tool.

 

Install (use the direct download) the Tweaking.com - Windows all in one repair tool. Then boot Windows into Safe Mode, (Make Certain To Run This Program As Administrator) then run through the Prescan on step 2 tab. Then skip to step 5 and create  a system restore point. Then go to the repair tab...

 

 

 

Notice create a registry backup is ticked by default, so no need to do so in step 5...mAcI3sC.png

 

 

Now run the program, with the boxes ticked in the picture below.

 

 

 

 

Click image for better resolution.

 

KWdvRSp.png

 

May want to save picture or write down what boxes need ticked, since you will run this in Safe Mode.

 

Important: Make certain to reboot twice after running this tool!!



#6 Hacked072

Hacked072
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Melbourne, Australia
  • Local time:08:51 AM

Posted 23 December 2015 - 11:32 PM

The infection was "Woodlabel" and "DivX Sound", It was installed through a windows media player update. These are the results for the second MiniToolBox scan:

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Owner (administrator) on 24-12-2015 at 14:50:34
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: H81M-D2V Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Could not flush the DNS Resolver Cache: Function failed during execution.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
127.0.0.1       localhost127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
 
There are 5 entries.
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 74-D4-35-D2-F0-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c086:ed4a:3a90:5d7f%11(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.93.127(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  fec0:0:0:ffff::1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  fec0:0:0:ffff::1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...74 d4 35 d2 f0 55 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    169.254.93.127    276
   169.254.93.127  255.255.255.255         On-link    169.254.93.127    276
  169.254.255.255  255.255.255.255         On-link    169.254.93.127    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    169.254.93.127    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    169.254.93.127    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::c086:ed4a:3a90:5d7f/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/24/2015 11:45:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (12/24/2015 11:44:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (12/24/2015 10:07:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:05:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:04:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:02:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:01:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 10:00:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 09:58:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/24/2015 09:57:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service terminated with the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%5
 
Error: (12/24/2015 02:45:17 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service terminated with the following error: 
%%5
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-12-24 10:07:13.731
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:07:13.718
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:06:46.685
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:06:46.685
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:31.115
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:31.100
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:04.059
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:05:04.059
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:03:48.865
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-24 10:03:48.865
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
 (HKLM\...\UDK-db68eb5c-9884-4581-9715-12db7758b4f8) (Version:  - RuneStorm
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Professional CS5.5 (HKLM-x32\...\{23E445D5-FD83-4C50-A211-EB26A2975317}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_1_0) (Version: 19.1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle Realms Complete (HKLM-x32\...\GOGPACKBATTLEREALMS_is1) (Version: 2.0.0.9 - GOG.com)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Devilian (HKLM-x32\...\Steam App 407510) (Version:  - Bluehole Ginno Games)
Don't Starve Mod Tools (HKLM-x32\...\Steam App 245850) (Version:  - )
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dragon Age: Origins (HKLM-x32\...\Steam App 17450) (Version:  - BioWare)
DreamScene Seven version 1.8 (HKLM-x32\...\{2367FAB6-057A-4973-875F-F57F7BBBA363}_is1) (Version: 1.8 - DREAMSCENESEVEN.COM)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Duet (HKLM-x32\...\Steam App 292600) (Version:  - Kumobius)
EDGE (HKLM-x32\...\Steam App 38740) (Version:  - Two Tribes)
Epic Games Launcher (HKLM-x32\...\{16969EF2-23EA-4BD9-B085-4952D95E8A7D}) (Version: 1.1.48.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fine Sweeper (HKLM-x32\...\Steam App 367000) (Version:  - Pixel Prophecy)
Fort Defense (HKLM-x32\...\Steam App 343930) (Version:  - )
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version:  - Rockstar Games)
Heavy Bullets (HKLM-x32\...\Steam App 297120) (Version:  - Terri Vellmann)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Imouto Paradise! version 1.0 (HKLM-x32\...\{38073150-656E-4A04-8547-84D3531AB7D6}_is1) (Version: 1.0 - MangaGamer)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{216B0AF1-3137-4E03-9C02-F5132550A268}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{D31AA60E-A9E5-47CF-AE3C-C980C5A1FF51}) (Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Nihilumbra (HKLM-x32\...\Steam App 252670) (Version:  - Beautifun Games)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.9 - Portforward, LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - The Indie Stone)
Rayman 2 (HKLM-x32\...\Rayman 2_is1) (Version:  - GOG.com)
Rayman 2: The Great Escape GOG Edition (HKLM\...\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Rush for Glory (HKLM-x32\...\Steam App 303470) (Version:  - Parseh Game Studio)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Sacred Gold (HKLM-x32\...\Steam App 12320) (Version:  - Ascaron Entertainment ltd.)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version:  - Yacht Club Games)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Space Farmers (HKLM-x32\...\Steam App 271570) (Version:  - BumpkinBrothers)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: alpha v0.25
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 19.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E8}) (Version: 19.5.11475 - WinZip Computing, S.L. )
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
Yiffalicious version 0.2.3 (HKLM-x32\...\{50B550F8-09B3-42D0-84CF-AAEE2A816973}_is1) (Version: 0.2.3 - Yiffalicious crew)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 12%
Total physical RAM: 16269.48 MB
Available physical RAM: 14194.39 MB
Total Virtual: 32537.15 MB
Available Virtual: 30349.34 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:96.8 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1011.13 GB) NTFS
4 Drive f: (USB) (Removable) (Total:14.92 GB) (Free:14.62 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\OWNER-PC
 
Administrator            Guest                    Owner                    
 
 
**** End of log ****
 
I ran the sfc /scannow in the command prompt as administrator and it completed at 100% verification. "Windows Resource Protection did not find any integrity violations". Rebooted after and the problem still persists, I can connect to the modem but it still labeled as "Identifying" and wont connect to the internet. I then downloaded the All in one repair tool, rebooted into safe mode, Opened the files and followed the directions, it is currently doing the jobs that you highlighted in the repair tab.


#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 23 December 2015 - 11:38 PM

Alright, let me know if you are able to connect, after the all in one tool completes the task.



#8 Hacked072

Hacked072
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Melbourne, Australia
  • Local time:08:51 AM

Posted 23 December 2015 - 11:57 PM

The all in one repair tool finished, I rebooted twice and I now have an internet connection! Thank you so much for your help, have a Merry Christmas. 



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 24 December 2015 - 12:00 AM

Yep. :)  Might be worth running through these scans though.

 

 

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

 http://nicolascoolman.com/download/zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.



#10 Hacked072

Hacked072
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Melbourne, Australia
  • Local time:08:51 AM

Posted 24 December 2015 - 03:43 AM

Sure, this is the results for the scans:

 

Adware Removal Tool:

Repaired ->> Shortcut ->> C:\users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

Repaired ->> Shortcut ->> C:\users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Repaired ->> Shortcut ->> C:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Repaired ->> Shortcut ->> C:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Repaired ->> Shortcut ->> C:\users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d4be23e35cccd8db\Twitch Live.lnk
 
Junkware Removal Tool:
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Professional x64 
Ran by Owner (Administrator) on Thu 24/12/2015 at 18:22:12.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 11 
 
Successfully deleted: C:\end (File) 
Successfully deleted: C:\ProgramData\mailupdate (Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\smartweb (Folder) 
Successfully deleted: C:\Users\Owner\Appdata\LocalLow\company (Folder) 
Successfully deleted: C:\Users\Owner\Documents\add-in express (Folder) 
Successfully deleted: C:\Windows\hgfs.sys (File) 
Successfully deleted: C:\Windows\prleth.sys (File) 
Successfully deleted: C:\Windows\system32\Tasks\update-S-1-5-21-2089948328-1154247027-691186243-1000 (Task)
Successfully deleted: C:\Windows\system32\Tasks\update-sys (Task)
Successfully deleted: C:\Windows\Tasks\update-S-1-5-21-2089948328-1154247027-691186243-1000.job (Task) 
Successfully deleted: C:\Windows\Tasks\update-sys.job (Task) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 24/12/2015 at 18:23:58.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
Repaired ->> Shortcut ->> C:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\SimplyTech
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Conduit
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\SearchProtect
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\V9
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\SearchProtect
 
ZHPCleaner:
 

~ ZHPCleaner v2015.12.23.405 by Nicolas Coolman (2015/12/23)
~ Run by Owner (Administrator)  (24/12/2015 18:31:18)
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Owner\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Owner\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
 
 
---\\  Services (0)
~ No malicious or unnecessary items found.
 
 
---\\  Browser internet (0)
~ No malicious or unnecessary items found.
 
 
---\\  Hosts file (1)
~ The hosts file is legitimate (23)
 
 
---\\  Scheduled automatic tasks. (1)
DELETED task: [Viciue] [C:\PROGRA~1\GROOVE~1\Revose.bat ,N/A,N/A,Enabled,Disabled,Stop On Battery Mode, No Start On Batteries,SYSTEM,Enabled,72:00:00,Scheduling data is not available in this format.,One Time Only, Minute ,1:40:00 AM,23/12/2015,N/A,N/A,N/A,0 Hour(s), 6 Minute(s (Not File) ]  =>PUP.Optional.Groover
 
 
---\\  Explorer ( File, Folder) (28)
MOVED file: C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [Copyright 2009 - Starter Module]  =>PUP.Optional.Skillbrains
MOVED file: C:\Windows\Temp\8A47.tmp.exe    =>Heuristique.Suspect
MOVED file: C:\Windows\Temp\9253.tmp.exe    =>Heuristique.Suspect
MOVED file: C:\Windows\Temp\GUR68DF.exe    =>Heuristique.Suspect
MOVED file: C:\Users\Owner\AppData\Local\Temp\d19066691\omigazip\eshellctx.dll [337 Technology Limited. - WinZipper Shell Context Menu]  =>PUP.Optional.22Find
MOVED file: C:\Users\Owner\AppData\Local\Temp\d19066691\omigazip\eshellctx64.dll [337 Technology Limited. - WinZipper Shell Context Menu]  =>PUP.Optional.22Find
MOVED file: C:\Users\Owner\AppData\Local\Temp\nsfDDA8.tmp [Sys-lnk - Sys-lnk]  =>PUP.Optional.Elex
MOVED file: C:\Users\Owner\AppData\Local\Temp\nsyF81B.tmp [Sys-lnk - Sys-lnk]  =>PUP.Optional.Elex
MOVED file: C:\Users\Owner\AppData\Local\Temp\Uninstall.exe [Copyright 2013 - ]  =>PUP.Optional.Generic
MOVED folder: C:\Program Files (x86)\Skillbrains  =>PUP.Optional.Skillbrains
MOVED folder: C:\Program Files (x86)\UniversalFiles  =>PUP.Optional.Multiplug
MOVED folder: C:\Windows\Installer\MSI2505.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSI2C38.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSI7D81.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSI82EE.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIBCBF.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIBF5F.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSID0CE.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSID255.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSID967.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIDADF.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIE126.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIE1E3.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIE2CE.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIE3D9.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIE66D.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIEA83.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIEC68.tmp-  =>Empty
 
 
---\\  Registry ( Key, Value, Data) (38)
REPLACED data: HKLM\...\OperaStable\Shell\open\Command\\"C:\Program Files (x86)\Opera\Launcher.exe" http://www.omniboxes.com/?type=sc&ts=1450793269&z=ee9a1e93cf3a04e0bf99d27gdzcw6e9m6tdc2oamde&from=amt&uid=ST1000DM003-1ER162_Z4Y0G1SZXXXXZ4Y0G1SZ (PUP.Optional.Omniboxes)
DELETED key*: [X64] HKLM\SOFTWARE\SearchProtect []  =>PUP.Optional.SearchProtect
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lightshot [C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (Not File)]  =>PUP.Optional.Skillbrains
DELETED key*: HKEY_USERS\S-1-5-21-2089948328-1154247027-691186243-1000\SOFTWARE\APN PIP []  =>PUP.Optional.Conduit
DELETED key*: HKEY_USERS\S-1-5-21-2089948328-1154247027-691186243-1000\SOFTWARE\Linkey []  =>PUP.Optional.LinkeySearch
DELETED key*: HKEY_USERS\S-1-5-21-2089948328-1154247027-691186243-1000\SOFTWARE\SkillBrains []  =>PUP.Optional.Skillbrains
DELETED key*: HKEY_USERS\S-1-5-21-2089948328-1154247027-691186243-1000\SOFTWARE\systweak []  =>PUP.Optional.Systweak
DELETED key*: HKEY_USERS\S-1-5-21-2089948328-1154247027-691186243-1000\SOFTWARE\tstamptoken []  =>PUP.Optional.MaxComputerCleaner
DELETED key*: HKEY_USERS\S-1-5-21-2089948328-1154247027-691186243-1000\SOFTWARE\Tutorials []  =>PUP.Optional.AgenceExclusive
DELETED key: HKCU\Software\APN PIP []  =>PUP.Optional.Conduit
DELETED key: HKCU\Software\Linkey []  =>PUP.Optional.LinkeySearch
DELETED key: HKCU\Software\SkillBrains []  =>PUP.Optional.Skillbrains
DELETED key: HKCU\Software\systweak []  =>PUP.Optional.Systweak
DELETED key: HKCU\Software\tstamptoken []  =>PUP.Optional.MaxComputerCleaner
DELETED key: HKCU\Software\Tutorials []  =>PUP.Optional.AgenceExclusive
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\api.woodenseal.com [84660]  =>Adware.Sambreel
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.com [19]  =>PUP.Optional.PastaLeads
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com []  =>PUP.Optional.PastaLeads
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\woodenseal.com []  =>Adware.Sambreel
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com []  =>Toolbar.Ask
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gamingwonderland.dl.tb.ask.com [12]  =>Toolbar.Ask
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mergedocsonline.dl.tb.ask.com [12]  =>PUP.Optional.MergeDocsOnline
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myimageconverter.dl.tb.ask.com [12]  =>Toolbar.Ask
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.olark.com [5974]  =>PUP.Optional.Generic
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\mailUpdate []  =>PUP.Optional.MailUpdate
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\NetTcpHandler []  =>PUP.Optional.NetService
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc []  =>.Superfluous.WinZipper
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\NetTcpHandler []  =>PUP.Optional.NetService
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\NtSvcHandler []  =>PUP.Optional.NetService
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Skillbrains []  =>PUP.Optional.Skillbrains
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Systweak []  =>PUP.Optional.Systweak
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\winzipersvc []  =>.Superfluous.WinZipper
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey []  =>PUP.Optional.LinkeySearch
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains]  =>PUP.Optional.Skillbrains
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWoodenSeal_RASAPI32 []  =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWoodenSeal_RASMANCS []  =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWoodenSeal_RASAPI32 []  =>Adware.Sambreel
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWoodenSeal_RASMANCS []  =>Adware.Sambreel
 
 
---\\  Summary of the elements found (20)
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Skillbrains
http://www.nicolascoolman.fr/?p=4664  =>Heuristique.Suspect
http://www.nicolascoolman.fr/?p=629  =>PUP.Optional.22Find
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=1402  =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=1633  =>PUP.Optional.SearchProtect
http://www.nicolascoolman.fr/?p=210  =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/?p=381  =>PUP.Optional.LinkeySearch
http://www.nicolascoolman.fr/pup-maxcomputercleaner/  =>PUP.Optional.MaxComputerCleaner
http://www.nicolascoolman.fr/?p=122  =>PUP.Optional.AgenceExclusive
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.PastaLeads
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.MailUpdate
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.NetService
http://www.nicolascoolman.fr/?p=4664  =>.Superfluous.WinZipper
 
 
---\\  Other deletions. (44)
~ Registry Keys Tracing deleted (44)
~ Remove the old reports ZHPCleaner. (0)
 
 
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 575
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 67
 
 
~ End of clean in 00h00mn44s
===================
ZHPCleaner-[R]-24122015-18_32_02.txt
ZHPCleaner-[S]-24122015-18_31_04.txt
 
The Zemana software is still scanning my computer.


#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 24 December 2015 - 03:48 AM

Aight, since so much was found, might as well finish up with these.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users