Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible virus/malware/failed Windows updates - fix b4 upgrade to Windows 10?


  • This topic is locked This topic is locked
27 replies to this topic

#1 OscarG

OscarG

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 26 June 2016 - 09:41 AM

I wanted to upgrade to Windows 10 (free) but thought I might have a virus or malware. Also had 200 failed Windows updates. I am unsure if i should fix these before upgrading to Windows 10, or whether upgrading will effectively 'clean' the OS. If i dont ensure laptop is clean, will the (possible) virus or malware affect the downloading of Windows 10?

In more detail -
Before attempting Windows 10 upgrade, I checked that Windows updates were current and found 200 failed updates. On trying to install these updates it would not install any. My laptop (Lenovo Yoga 2) is fairly new but used infrequently and updates were not set to auto.

At the same time i had some difficulty updating Firefox and running some online scanners. I downloaded and ran Malwarebytes, which found Pup.Optional.WebSearchInfo. I didn't take action on this as i found advice online that suggested performing 4-5 steps in a particular order to remove it.

As I am a novice, i have left things as they are, stopped using the laptop and thought it best to ask for advice. Any help would be much appreciated.

BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:19 AM

Posted 27 June 2016 - 07:19 AM


:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step3: Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 OscarG

OscarG
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 27 June 2016 - 12:46 PM

Jo,

Thanks for the help

Attached the notepad document after the scan by security check 

 

Can I please ask, if I need to wait for a reply to this post from you before I continue. And again after point two on your instructions do I again wait for a response before proceeding to point 3.

 

I dont know if I have a firewall installed and running or if I need to do this. There is also no anti virus on the machine at present.

 

Kind Regards

 

Lynda

Attached Files



#4 Jo*

Jo*

  • Malware Response Team
  • 3,444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:19 AM

Posted 27 June 2016 - 12:51 PM


please continue with step 2 and 3 from my instructions!

... And again after point two on your instructions do I again wait for a response before proceeding to point 3.

No !

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 OscarG

OscarG
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 27 June 2016 - 02:55 PM

Dear Jo

 

I have completed step two and no malware was detected.

Below I have copied the log from AdwCleaner

 

There are no files I recognize as wanting to keep

 

Thanks you for your help with this

 

Kind Regards

 

Lynda

 

# AdwCleaner v5.200 - Logfile created 27/06/2016 at 19:58:58
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 8.1  (X64)
# Username : Lynda - SCOOBYDOO
# Running from : C:\Users\Lynda\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\ProgramData\pokki
Folder Found : C:\ProgramData\Application Data\pokki
Folder Found : C:\Users\Lynda\AppData\Local\SweetLabs App Platform
Folder Found : C:\Users\Default User\AppData\Local\Pokki
Folder Found : C:\Users\Default\AppData\Local\Pokki
 
***** [ Files ] *****
 
File Found : C:\Users\Lynda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
File Found : C:\Users\Lynda\AppData\Roaming\Mozilla\Firefox\Profiles\lmrhaapd.default\searchplugins\Web Search.xml
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
Task Found : SweetLabs App Platform
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\Classes\pokki
Key Found : HKCU\Software\SweetLabs App Platform
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Key Found : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\SweetLabs App Platform
Key Found : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Key Found : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com
Data Found : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com
Value Found : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
 
***** [ Web browsers ] *****
 
[C:\Users\Lynda\AppData\Roaming\Mozilla\Firefox\Profiles\lmrhaapd.default\prefs.js] Found : user_pref("browser.search.defaultenginename", "Web Search");
[C:\Users\Lynda\AppData\Roaming\Mozilla\Firefox\Profiles\lmrhaapd.default\prefs.js] Found : user_pref("browser.search.selectedEngine", "Web Search");
[C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com
[C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : homepage-web.com
 
*************************
 
C:\AdwCleaner\AdwCleaner[S1].txt - [3021 bytes] - [27/06/2016 19:58:58]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3094 bytes] ##########


#6 Jo*

Jo*

  • Malware Response Team
  • 3,444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:19 AM

Posted 27 June 2016 - 03:32 PM

Hello,

:step1: Run Malwarebytes Anti-Rootkit again: Right-click mbar.exe and select Run As Administrator
  • Scan your system for malware
  • If malware is found, click on the Cleanup
  • button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • then please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step2: Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Cleaning button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


:step3: Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 OscarG

OscarG
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 27 June 2016 - 05:01 PM

Hi again and thanks for the quick responses

 

No malware was found again in admin mode

 

Below the log from the Ad Clean and attached the log from the Junkware.

 

I noticed when the laptop rebooted it said updates to install but i dont know if it installed them or not

 

Thank you again for all the help

 

Lynda

 

# AdwCleaner v5.200 - Logfile created 27/06/2016 at 22:43:05
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 8.1  (X64)
# Username : Lynda - SCOOBYDOO
# Running from : C:\Users\Lynda\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\pokki
[#] Folder Deleted : C:\ProgramData\Application Data\pokki
[-] Folder Deleted : C:\Users\Lynda\AppData\Local\SweetLabs App Platform
[-] Folder Deleted : C:\Users\Default User\AppData\Local\Pokki
[#] Folder Deleted : C:\Users\Default\AppData\Local\Pokki
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Lynda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[-] File Deleted : C:\Users\Lynda\AppData\Roaming\Mozilla\Firefox\Profiles\lmrhaapd.default\searchplugins\Web Search.xml
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : SweetLabs App Platform
 
***** [ Registry ] *****
 
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKCU\Software\SweetLabs App Platform
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data Restored : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Value Deleted : HKU\S-1-5-21-33130130-804195896-547542009-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Lynda\AppData\Roaming\Mozilla\Firefox\Profiles\lmrhaapd.default\prefs.js] Deleted : user_pref("browser.search.defaultenginename", "Web Search");
[-] [C:\Users\Lynda\AppData\Roaming\Mozilla\Firefox\Profiles\lmrhaapd.default\prefs.js] Deleted : user_pref("browser.search.selectedEngine", "Web Search");
[-] [C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
[-] [C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : homepage-web.com
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [2761 bytes] - [27/06/2016 22:43:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [3173 bytes] - [27/06/2016 19:58:58]
C:\AdwCleaner\AdwCleaner[S2].txt - [3246 bytes] - [27/06/2016 22:41:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2980 bytes] ##########
 

Attached Files

  • Attached File  JRT.txt   1.02KB   1 downloads


#8 Jo*

Jo*

  • Malware Response Team
  • 3,444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:19 AM

Posted 27 June 2016 - 05:15 PM

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 OscarG

OscarG
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 28 June 2016 - 01:36 AM

Jo,

 

Please find attached the two logs from the last scan.

 

Many thanks

 

Kind Regards

 

Lynda

Attached Files



#10 Jo*

Jo*

  • Malware Response Team
  • 3,444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:19 AM

Posted 28 June 2016 - 03:04 AM

Log on to all your user accounts now - without restarting !

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt




Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-33130130-804195896-547542009-1001\...\MountPoints2: {005281ad-4cce-11e5-8260-c48e8fa859bc} - "E:\Startme.exe" 
Shortcut: C:\Users\Lynda\AppData\Local\Microsoft\Windows\ConnectedSearch\History\site_2956636015_en-us.lnk -> hxxp://www.windowssearch.com:80/suggestions?qry=hp&cc=GB&setlang=en-US&inlang=en-GB&adlt=moderate&scale=140&contrast=none&hw=1080%2C1920&CVID=762BC612613D47639D3EB26EF8080A6D (No File)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
EmptyTemp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again as Administrator like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 OscarG

OscarG
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 28 June 2016 - 03:53 AM

Jo

 

Log attached.

I had to restart the computer after the scan.

 

Kind Regards

 

Lynda

Attached Files



#12 Jo*

Jo*

  • Malware Response Team
  • 3,444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:19 AM

Posted 28 June 2016 - 04:41 AM

Hello,

:step1: Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 5 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7/8/10 users need to right click and choose Run as Administrator
You only need to get one of them to run, not all of them.Do not reboot your computer after running rkill as the malware programs will start again.


---


:step2: Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs: (Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

---


:step3: Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

---


:step4: How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 OscarG

OscarG
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 28 June 2016 - 05:24 AM

Hi Jo

 

All done as requested.

Malware found no threats and did not request a system restart.

Attached the logs.

 

 

 

Kind Regards

 

Lynda

Attached Files



#14 Jo*

Jo*

  • Malware Response Team
  • 3,444 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:19 AM

Posted 28 June 2016 - 05:33 AM

Hi, please do step 3 and 4 as instructed with my last post:
 

:step3: Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

---


:step4: How the computer is running now?


Then check if Windows updates are working now.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 OscarG

OscarG
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 28 June 2016 - 05:49 AM

Sorry I sent the wrong log

 

below the FSS log

 

Farbar Service Scanner Version: 27-01-2016
Ran by Lynda (administrator) on 28-06-2016 at 11:46:00
Running from "C:\Users\Lynda\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users