Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible virus/bug?


  • Please log in to reply
6 replies to this topic

#1 cookiboos

cookiboos

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 31 July 2016 - 07:44 AM

Yesterday after i started the pc it kept signing me out without stopping.There is like 1 minute untill it starts signing me out so after 1-2 hours of restarting and trying to find something in the task manager i found out that a Windows Command Processor was responsible for it,after ending the process it stopped signing me out.I'm not an expert at all in pc problems but i've noticed that a real cmd is listed at the apps in task manager while this ''virus'' is listed at the Background processes.Now so far i've scanned the pc for viruses,corrupt files all that stuff.I don't really think it's that harmful but i do wish to get rid of it.Also when i click go to file location it redirects me to the real cmd.exe i think? in C/windows/system32.Thanks


Edited by hamluis, 31 July 2016 - 09:40 AM.
Moved from Win 8 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:57 AM

Posted 31 July 2016 - 03:27 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 cookiboos

cookiboos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 01 August 2016 - 04:31 PM

So,let's see
 
1.Security Check didn't work.I got an error,here's the pic https://snag.gy/q2Qci3.jpg
 
2.Farbar Scanner:

Farbar Service Scanner Version: 27-01-2016
Ran by Iuly (administrator) on 01-08-2016 at 23:04:52
Running from "C:\Users\Iuly\Downloads"
Microsoft Windows 8 Pro  (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
 
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcore.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
3.MiniToolBox log:
MiniToolBox by Farbar  Version: 17-06-2016
Ran by Iuly (administrator) on 01-08-2016 at 23:07:51
Running from "C:\Users\Iuly\Downloads"
Microsoft Windows 8 Pro  (X86)
Model: P43-ES3G Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [289280] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/01/2016 11:07:37 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:21:37Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:07:07 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:22:07Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:06:37 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:21:37Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:06:07 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:22:07Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:05:37 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:21:37Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:05:07 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:22:07Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:04:37 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:21:37Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:04:07 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:22:07Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:03:37 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:21:37Z. Error Code: 0x80070005.
 
Error: (08/01/2016 11:03:07 PM) (Source: Software Protection Platform Service) (User: )
Description: Failed to schedule Software Protection service for re-start at 2016-08-07T17:22:07Z. Error Code: 0x80070005.
 
 
System errors:
=============
Error: (08/01/2016 10:56:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/01/2016 10:56:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following service-specific error: 
%%2147749126
 
Error: (08/01/2016 10:55:59 PM) (Source: sptd) (User: )
Description: Driver detected an internal error in its data structures for .
 
Error: (08/01/2016 10:55:23 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 22:26:57 on ‎01/‎08/‎2016 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (08/01/2016 11:07:37 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:21:37Z
 
Error: (08/01/2016 11:07:07 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:22:07Z
 
Error: (08/01/2016 11:06:37 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:21:37Z
 
Error: (08/01/2016 11:06:07 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:22:07Z
 
Error: (08/01/2016 11:05:37 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:21:37Z
 
Error: (08/01/2016 11:05:07 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:22:07Z
 
Error: (08/01/2016 11:04:37 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:21:37Z
 
Error: (08/01/2016 11:04:07 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:22:07Z
 
Error: (08/01/2016 11:03:37 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:21:37Z
 
Error: (08/01/2016 11:03:07 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x800700052016-08-07T17:22:07Z
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824191728}) (Version:  - )
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit)
AVG PC TuneUp (HKLM\...\{56561543-0A51-41B1-AADF-5F035DEA14C2}) (Version: 16.42.6 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM\...\AVG PC TuneUp) (Version: 16.42.2.18804 - AVG Technologies)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Fistful of Frags (HKLM\...\Steam App 265630) (Version:  - Fistful of Frags Team)
FMW 1 (HKLM\...\{FA8DECDC-B351-4B6A-9820-6C818AEE4EDA}) (Version: 1.112.3 - AVG Technologies) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
IObit Malware Fighter 4 (HKLM\...\IObit Malware Fighter_is1) (Version: 4.2 - IObit)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 5.4.0.119 - IObit)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.101.13 - Oracle Corporation) Hidden
JetClean (HKLM\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.0.7.1 - PandoraTV)
League of Legends (HKLM\...\{DB179A5E-BDE5-4565-AE14-AA10C64C0572}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows 8 x86 (HKLM\...\{B6047A78-062F-4C6F-A82D-B94DAF72FB73}) (Version: 1.2 - Microsoft)
Microsoft Games for Windows Marketplace (HKLM\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Razer Cortex (HKLM\...\Razer Cortex_is1) (Version: 6.1.7.0 - Razer Inc.)
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shovel Knight (HKLM\...\1207664823_is1) (Version: 2.11.0.18 - GOG.com)
Skype Web Plugin (HKLM\...\{27A9512F-B284-490A-97B7-40713556476D}) (Version: 7.21.0.159 - Skype Technologies S.A.)
Skype™ 7.25 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM\...\Smart Defrag_is1) (Version: 5.2.0 - IObit)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Transformers Fall of Cybertron (HKLM\...\Transformers Fall of Cybertron_is1) (Version:  - )
USB PC Camera VC305 (HKLM\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0305}) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*6TO4MP\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 50%
Total physical RAM: 3326.49 MB
Available physical RAM: 1631.4 MB
Total Virtual: 5374.49 MB
Available Virtual: 3035.53 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:46.58 GB) (Free:25.84 GB) NTFS
3 Drive d: (Dol'goldur) (Fixed) (Total:205.08 GB) (Free:100.72 GB) NTFS
4 Drive e: (Mordor) (Fixed) (Total:214.1 GB) (Free:69.27 GB) NTFS
 
========================= Users: ========================================
========================= Restore Points ==================================
 
 
**** End of log ****
 

4.Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 01/08/2016
Scan Time: 23:30
Logfile: 
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.08.01.11
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x86
File System: NTFS
User: Iuly
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 262874
Time Elapsed: 6 min, 59 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BackgroundContainer Startup Task, Delete-on-Reboot, [ad42ae971c7e8aacb1935d7c5da52ed2], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
5.Malwarebytes Anti-Rootkit logs:
 
5.1 System-log :
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x86
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.17556
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.333000 GHz
Memory total: 3488075776, free: 2014371840
 
Downloaded database version: v2016.08.01.12
Canceled update
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     08/01/2016 23:53:09
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\ntoup.sys
\SystemRoot\System32\drivers\wcvfa.sys
\SystemRoot\System32\Drivers\sptd.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\SmartDefragDriver.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\dtsoftbus01.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\??\C:\Windows\system32\drivers\HWiNFO32.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x86.sys
\SystemRoot\System32\drivers\fdc.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\parport.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\flpydisk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\Drivers\usbVM305.sys
\SystemRoot\System32\Drivers\STREAM.SYS
\SystemRoot\system32\drivers\vvftav.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\gzflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\parvdm.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\system32\drivers\rzpmgrk.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\??\E:\WOW\TV Series\AVG.PC.TuneUp.2016.v16.2.1.18873-P2P\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
\SystemRoot\system32\DRIVERS\TRUFOS.sys
\??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
\??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
IRP handler 0 of \Driver\atapi points to an unknown module
Unhooking enabled.
 
Scan started
Database versions:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01
 
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff868c0a80
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xffffffff85d16030
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\Drivers\ataport.sys (0x0)
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff868c0a80, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff868c0658, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff868c0a80, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff85da08e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85d16030, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0xffffffffb84ebf00, 0xffffffff868c0a80, 0xffffffff87dfd7b8
Lower DeviceData: 0xffffffffc3672da0, 0xffffffff85d16030, 0xffffffff87d9c2c0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 23AB23AB
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 97675137
    Partition is bootable
    Partition file system is NTFS
 
    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 97675200  Numsec = 879076800
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
Disk Size: 499971544064 bytes
Sector size: 512 bytes
 
Done!
File "C:\Windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\FXSTIFF.dll" is compressed (flags = 1)
File "C:\Windows\System32\xpssvcs.dll" is compressed (flags = 1)
File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_perf.h" is compressed (flags = 1)
File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_perf2.ini" is compressed (flags = 1)
File "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state_perf.ini" is compressed (flags = 1)
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-97675200-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x86
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.17556
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.333000 GHz
Memory total: 3488075776, free: 1485393920
 
=======================================
 
5.2 Mbar-log:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01
 
Windows 8 x86 NTFS
Internet Explorer 10.0.9200.17556
Iuly :: YOLO-PC [administrator]
 
01/08/2016 23:53:25
mbar-log-2016-08-01 (23-53-25).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 286113
Time elapsed: 12 minute(s), 15 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
6. Rkill log:
Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/02/2016 12:08:52 AM in x86 mode.
Windows Version: Windows 8 Pro 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\sppsvc.exe (PID: 2304) [WD-HEUR]
 * C:\Users\Iuly\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (PID: 3952) [UP-HEUR]
 * C:\Users\Iuly\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (PID: 3272) [UP-HEUR]
 
3 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  Copyright © 1993-2006 Microsoft Corp.
 
Program finished at: 08/02/2016 12:09:49 AM
Execution time: 0 hours(s), 0 minute(s), and 57 seconds(s)
 
 


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:57 AM

Posted 01 August 2016 - 06:37 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 cookiboos

cookiboos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 02 August 2016 - 07:27 PM

Junkware Removal Tool didn't worked for me no matter what i'd do,restart,close the antivirus.So there's just 2 logs :

 

1.AdwCleaner log:

 

# AdwCleaner v5.201 - Logfile created 02/08/2016 at 03:22:50
# Updated 30/06/2016 by ToolsLib
# Database : 2016-08-02.1 [Server]
# Operating system : Windows 8 Pro  (X86)
# Username : Iuly - YOLO-PC
# Running from : C:\Users\Iuly\Downloads\adwcleaner_5.201.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\dcb4eed200003831
[-] Folder Deleted : C:\ProgramData\ee809cdc0000621d
[-] Folder Deleted : C:\ProgramData\f957eeb30000746f
[-] Folder Deleted : C:\ProgramData\jwinpj
[#] Folder Deleted : C:\ProgramData\Application Data\dcb4eed200003831
[#] Folder Deleted : C:\ProgramData\Application Data\ee809cdc0000621d
[#] Folder Deleted : C:\ProgramData\Application Data\f957eeb30000746f
[#] Folder Deleted : C:\ProgramData\Application Data\jwinpj
[-] Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater
[-] Folder Deleted : C:\Users\Iuly\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Iuly\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Iuly\AppData\Roaming\appdataFr2.bin
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[#] Key Deleted : HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[#] Key Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[#] Key Deleted : HKLM\SOFTWARE\d9247c49-0f92-950b-9b7e-b66086927790
[#] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[#] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[#] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[#] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[#] Key Deleted : HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[#] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[#] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[#] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
[#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
[#] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98C066AB-D735-4339-9E52-A34875141B56}
[#] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[#] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[#] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[#] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[#] Key Deleted : HKCU\Software\DriverToolkit
[#] Key Deleted : HKCU\Software\IM
[#] Key Deleted : HKCU\Software\tinydm.com
[#] Key Deleted : HKCU\Software\WEBAPP
[#] Key Deleted : HKCU\Software\Yahoo\Companion
[#] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[#] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[#] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[#] Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key Deleted : HKLM\SOFTWARE\hdcode
[#] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[#] Key Deleted : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[#] Key Deleted : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Key Deleted : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\DriverToolkit
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\IM
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\tinydm.com
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\WEBAPP
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\Yahoo\Companion
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\Yahoo\YFriendsBar
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\AppDataLow\Software\Yahoo\Companion
[#] Key Deleted : HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Key Deleted : HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Key Deleted : HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Value Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [BackgroundContainer]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [mobilegeni daemon]
[-] Value Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [NextLive]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SearchSettings]
[-] Value Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Slick Savings]
[-] Value Deleted : HKU\S-1-5-21-1454729718-2521558661-1065605426-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Tiny download manager]
[#] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Iuly\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
[-] [C:\Users\Iuly\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yahoo.com
[-] [C:\Users\Iuly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bbmegnmpleoagolcnjnejdacakedpcgd
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [7946 bytes] - [02/08/2016 03:22:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [7529 bytes] - [02/08/2016 03:21:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8092 bytes] ##########
 
2.SophosVirusRemovalTool log:
2016-08-02 02:50:00.426 Sophos Virus Removal Tool version 2.5.5
2016-08-02 02:50:00.427 Copyright © 2009-2014 Sophos Limited. All rights reserved.
 
2016-08-02 02:50:00.427 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
 
2016-08-02 02:50:00.427 Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2016-08-02 02:50:00.427 Checking for updates...
2016-08-02 02:50:00.439 Update progress: proxy server not available
2016-08-02 02:50:14.261 Option all = no
2016-08-02 02:50:14.261 Option recurse = yes
2016-08-02 02:50:14.261 Option archive = no
2016-08-02 02:50:14.261 Option service = yes
2016-08-02 02:50:14.261 Option confirm = yes
2016-08-02 02:50:14.261 Option sxl = yes
2016-08-02 02:50:14.261 Option max-data-age = 35
2016-08-02 02:50:14.261 Option EnableSafeClean = yes
2016-08-02 02:50:16.403 Option vdl-logging = yes
2016-08-02 02:50:16.418 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-08-02 02:50:16.418 Machine ID: 808590a93a224391abd6c9dde1633c3d
2016-08-02 02:50:16.418 Component SVRTcli.exe version 2.5.5
2016-08-02 02:50:16.418 Component control.dll version 2.5.5
2016-08-02 02:50:16.418 Component SVRTservice.exe version 2.5.5
2016-08-02 02:50:16.418 Component engine\osdp.dll version 1.44.1.2250
2016-08-02 02:50:16.418 Component engine\veex.dll version 3.65.0.2250
2016-08-02 02:50:16.418 Component engine\savi.dll version 9.0.1.2250
2016-08-02 02:50:16.418 Component rkdisk.dll version 1.5.30.0
2016-08-02 02:50:16.418 Version info: Product version 2.5.5
2016-08-02 02:50:16.418 Version info: Detection engine 3.65.0
2016-08-02 02:50:16.418 Version info: Detection data 5.26
2016-08-02 02:50:16.418 Version info: Build date 05/04/2016
2016-08-02 02:50:16.418 Version info: Data files added 723
2016-08-02 02:50:16.418 Version info: Last successful update (not yet updated)
2016-08-02 02:50:32.740 Downloading updates...
2016-08-02 02:50:32.740 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2016-08-02 02:50:32.740 Update progress: [I49502] Found supplement SAVIW32 LATEST 
2016-08-02 02:50:32.740 Update progress: [I49502] Found supplement IDE527 LATEST 
2016-08-02 02:50:32.740 Update progress: [I49502] Found supplement IDE528 LATEST 
2016-08-02 02:50:32.740 Update progress: [I49502] Found supplement IDE529 LATEST 
2016-08-02 02:50:32.740 Update progress: [I49502] Found supplement IDE530 LATEST 
2016-08-02 02:50:32.740 Update progress: [I49502] Found supplement IDE531 LATEST 
2016-08-02 02:50:32.740 Update progress: [I49502] Found supplement IDE532 LATEST 
2016-08-02 02:50:32.740 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2016-08-02 02:50:32.740 Update progress: [I19463] Syncing product SAVIW32 70
2016-08-02 02:50:39.669 Update progress: [I19463] Syncing product IDE527 142
2016-08-02 02:50:44.020 Installing updates...
2016-08-02 02:50:45.023 Error level 1
2016-08-02 02:50:45.045 Update progress: [I19463] Syncing product IDE528 127
2016-08-02 02:50:45.045 Update progress: [I19463] Syncing product IDE529 135
2016-08-02 02:50:45.045 Update progress: [I19463] Syncing product IDE530 214
2016-08-02 02:50:45.045 Update progress: [I19463] Syncing product IDE531 112
2016-08-02 02:50:45.045 Update progress: [I19463] Syncing product IDE532 1
2016-08-02 02:50:56.847 Update successful
2016-08-02 02:51:11.090 Option all = no
2016-08-02 02:51:11.090 Option recurse = yes
2016-08-02 02:51:11.090 Option archive = no
2016-08-02 02:51:11.090 Option service = yes
2016-08-02 02:51:11.090 Option confirm = yes
2016-08-02 02:51:11.090 Option sxl = yes
2016-08-02 02:51:11.092 Option max-data-age = 35
2016-08-02 02:51:11.092 Option EnableSafeClean = yes
2016-08-02 02:51:11.307 Option vdl-logging = yes
2016-08-02 02:51:11.321 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-08-02 02:51:11.321 Machine ID: 808590a93a224391abd6c9dde1633c3d
2016-08-02 02:51:11.321 Component SVRTcli.exe version 2.5.5
2016-08-02 02:51:11.321 Component control.dll version 2.5.5
2016-08-02 02:51:11.322 Component SVRTservice.exe version 2.5.5
2016-08-02 02:51:11.322 Component engine\osdp.dll version 1.44.1.2250
2016-08-02 02:51:11.322 Component engine\veex.dll version 3.65.0.2250
2016-08-02 02:51:11.322 Component engine\savi.dll version 9.0.1.2250
2016-08-02 02:51:11.322 Component rkdisk.dll version 1.5.30.0
2016-08-02 02:51:11.322 Version info: Product version 2.5.5
2016-08-02 02:51:11.323 Version info: Detection engine 3.65.0
2016-08-02 02:51:11.324 Version info: Detection data 5.26
2016-08-02 02:51:11.324 Version info: Build date 05/04/2016
2016-08-02 02:51:11.324 Version info: Data files added 723
2016-08-02 02:51:11.324 Version info: Last successful update 02/08/2016 03:50:56
 
2016-08-02 02:53:37.081 SafeClean bin directory is empty.
2016-08-02 02:53:37.081 Error level 0
 
2016-08-02 02:53:39.462 Scan cancelled by user.
2016-08-02 02:53:39.462
 
------------------------------------------------------------
 
2016-08-03 00:08:25.562 Sophos Virus Removal Tool version 2.5.5
2016-08-03 00:08:25.562 Copyright © 2009-2014 Sophos Limited. All rights reserved.
 
2016-08-03 00:08:25.562 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
 
2016-08-03 00:08:25.562 Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 Win32
2016-08-03 00:08:25.562 Checking for updates...
2016-08-03 00:08:25.578 Update progress: proxy server not available
2016-08-03 00:08:40.520 Downloading updates...
2016-08-03 00:08:40.537 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2016-08-03 00:08:40.537 Update progress: [I49502] Found supplement SAVIW32 LATEST 
2016-08-03 00:08:40.537 Update progress: [I49502] Found supplement IDE527 LATEST 
2016-08-03 00:08:40.537 Update progress: [I49502] Found supplement IDE528 LATEST 
2016-08-03 00:08:40.537 Update progress: [I49502] Found supplement IDE529 LATEST 
2016-08-03 00:08:40.537 Update progress: [I49502] Found supplement IDE530 LATEST 
2016-08-03 00:08:40.537 Update progress: [I49502] Found supplement IDE531 LATEST 
2016-08-03 00:08:40.537 Update progress: [I49502] Found supplement IDE532 LATEST 
2016-08-03 00:08:40.537 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2016-08-03 00:08:40.537 Update progress: [I19463] Syncing product SAVIW32 70
2016-08-03 00:08:40.537 Update progress: [I19463] Syncing product IDE527 142
2016-08-03 00:08:43.817 Option all = no
2016-08-03 00:08:43.817 Option recurse = yes
2016-08-03 00:08:43.817 Option archive = no
2016-08-03 00:08:43.817 Option service = yes
2016-08-03 00:08:43.817 Option confirm = yes
2016-08-03 00:08:43.817 Option sxl = yes
2016-08-03 00:08:43.817 Option max-data-age = 35
2016-08-03 00:08:43.817 Option EnableSafeClean = yes
2016-08-03 00:08:44.677 Option vdl-logging = yes
2016-08-03 00:08:44.692 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-08-03 00:08:44.692 Machine ID: 808590a93a224391abd6c9dde1633c3d
2016-08-03 00:08:44.755 Component SVRTcli.exe version 2.5.5
2016-08-03 00:08:44.755 Component control.dll version 2.5.5
2016-08-03 00:08:44.755 Component SVRTservice.exe version 2.5.5
2016-08-03 00:08:44.755 Component engine\osdp.dll version 1.44.1.2250
2016-08-03 00:08:44.755 Component engine\veex.dll version 3.65.0.2250
2016-08-03 00:08:44.755 Component engine\savi.dll version 9.0.1.2250
2016-08-03 00:08:44.848 Component rkdisk.dll version 1.5.30.0
2016-08-03 00:08:44.864 Version info: Product version 2.5.5
2016-08-03 00:08:44.864 Version info: Detection engine 3.65.0
2016-08-03 00:08:44.864 Version info: Detection data 5.26
2016-08-03 00:08:44.864 Version info: Build date 05/04/2016
2016-08-03 00:08:44.864 Version info: Data files added 723
2016-08-03 00:08:44.864 Version info: Last successful update 02/08/2016 03:50:56
2016-08-03 00:08:45.020 Update progress: [I19463] Syncing product IDE528 127
2016-08-03 00:08:45.020 Update progress: [I19463] Syncing product IDE529 135
2016-08-03 00:08:45.020 Update progress: [I19463] Syncing product IDE530 214
2016-08-03 00:08:45.020 Update progress: [I19463] Syncing product IDE531 116
2016-08-03 00:08:45.287 Installing updates...
2016-08-03 00:08:46.317 Error level 1
2016-08-03 00:08:46.878 Update progress: [I19463] Syncing product IDE532 1
2016-08-03 00:08:47.058 Update successful
2016-08-03 00:09:00.352 Option all = no
2016-08-03 00:09:00.352 Option recurse = yes
2016-08-03 00:09:00.352 Option archive = no
2016-08-03 00:09:00.352 Option service = yes
2016-08-03 00:09:00.352 Option confirm = yes
2016-08-03 00:09:00.352 Option sxl = yes
2016-08-03 00:09:00.352 Option max-data-age = 35
2016-08-03 00:09:00.352 Option EnableSafeClean = yes
2016-08-03 00:09:00.555 Option vdl-logging = yes
2016-08-03 00:09:00.555 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-08-03 00:09:00.555 Machine ID: 808590a93a224391abd6c9dde1633c3d
2016-08-03 00:09:00.555 Component SVRTcli.exe version 2.5.5
2016-08-03 00:09:00.555 Component control.dll version 2.5.5
2016-08-03 00:09:00.555 Component SVRTservice.exe version 2.5.5
2016-08-03 00:09:00.555 Component engine\osdp.dll version 1.44.1.2250
2016-08-03 00:09:00.555 Component engine\veex.dll version 3.65.0.2250
2016-08-03 00:09:00.555 Component engine\savi.dll version 9.0.1.2250
2016-08-03 00:09:00.555 Component rkdisk.dll version 1.5.30.0
2016-08-03 00:09:00.555 Version info: Product version 2.5.5
2016-08-03 00:09:00.570 Version info: Detection engine 3.65.0
2016-08-03 00:09:00.570 Version info: Detection data 5.26
2016-08-03 00:09:00.570 Version info: Build date 05/04/2016
2016-08-03 00:09:00.570 Version info: Data files added 727
2016-08-03 00:09:00.570 Version info: Last successful update 03/08/2016 01:08:47
 
2016-08-03 00:56:41.728 Could not open C:\Boot\BCD
2016-08-03 01:07:13.813 Could not open C:\swapfile.sys
2016-08-03 01:08:11.138 Could not open C:\Users\Iuly\AppData\Local\Google\Chrome\User Data\Profile 1\Current Session
2016-08-03 01:08:11.138 Could not open C:\Users\Iuly\AppData\Local\Google\Chrome\User Data\Profile 1\Current Tabs
2016-08-03 01:20:51.848 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2016-08-03 01:20:51.849 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2016-08-03 01:20:57.744 Could not open C:\Windows\System32\config\BBI
2016-08-03 01:20:57.801 Could not open C:\Windows\System32\config\DRIVERS
2016-08-03 01:20:57.896 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2016-08-03 01:20:57.908 Could not open C:\Windows\System32\config\RegBack\SAM
2016-08-03 01:20:57.909 Could not open C:\Windows\System32\config\RegBack\SECURITY
2016-08-03 01:20:57.915 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2016-08-03 01:20:57.916 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2016-08-03 02:00:47.622 >>> Virus 'Troj/Virtum-Gen' found in file E:\Phx_data\Res\bkg_work.exe
2016-08-03 02:01:00.792 >>> Virus 'Troj/Virtum-Gen' found in file E:\Phx_data\Res\EmuCfg.exe
2016-08-03 02:01:21.051 >>> Virus 'Troj/Virtum-Gen' found in file E:\Phx_data\Res\GCFeX.exe
2016-08-03 02:01:46.684 >>> Virus 'Troj/Virtum-Gen' found in file E:\Phx_data\Res\Phx_OfflineExec.exe
2016-08-03 02:01:51.746 >>> Virus 'Troj/Virtum-Gen' found in file E:\Phx_data\Res\SharedDLLs\Main.dll
2016-08-03 02:02:23.061 >>> Virus 'Troj/Virtum-Gen' found in file E:\Phx_data\Res\UpdCentre.exe
2016-08-03 02:14:25.006 The following items will be cleaned up:
2016-08-03 02:14:25.006 Troj/Virtum-Gen
 


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,770 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:57 AM

Posted 02 August 2016 - 07:57 PM

FSS log shows couple of services not running.

 

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22012121.gif


Once the above is done go to Step 4 and allow it to run System File Check by clicking on Do It button:

p22012122.gif


Go to Step 5 and under "System Restore" click on Create button:

p22012123.gif


Go to Repairs tab and click Open Repairs button.

p22012124.gif

In next window....
Leave all checkmarks as they're.
Click on Start Repairs button.

p22012126.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

 

Post fresh FSS log as well.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 cookiboos

cookiboos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 04 August 2016 - 06:44 AM

After using the tool,i have no more sound.Also it deleted the system restore entry that i created.Great.

 

Update: sound fixed,ran the tool again. Here's the log:

 

Tweaking.com - Windows Repair v3.9.7
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 8 Pro
OS Architecture: 32-bit
OS Version: 6.2.9200
OS Service Pack: 
Computer Name: YOLO-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Current Profile: C:\Users\Iuly
Current Profile SID: S-1-5-21-1454729718-2521558661-1065605426-1001
Current Profile Classes: S-1-5-21-1454729718-2521558661-1065605426-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Iuly\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:22:52
 
Process Count: 43
Commit Total: 1.79 GB
Commit Limit: 5.25 GB
Commit Peak: 2.64 GB
Handle Count: 12549
Kernel Total: 290.46 MB
Kernel Paged: 237.09 MB
Kernel Non Paged: 53.37 MB
System Cache: 1.56 GB
Thread Count: 485
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.25 GB
Memory Used: 1.82 GB(56.1106%)
Memory Avail.: 1.43 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.25 GB
Memory Used: 1.49 GB(45.9996%)
Memory Avail.: 1.75 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (04/08/2016 18:52:57)
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 1
 
01 - Reset Registry Permissions
   Restore Windows 7/8/10 Default Registry Permissions
   Start (04/08/2016 18:52:58)
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\hku.7z
Done,  0.36 seconds.
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\hklm.7z
Done,  3.61 seconds.
 
   Running Repair Under System Account
   Done (04/08/2016 18:55:32)
 
Reset File Permissions: C:
   C: & Sub Folders
   Start (04/08/2016 18:55:32)
 
   Running Repair Under Current User Account
   Done (04/08/2016 19:00:29)
 
Reset File Permissions
   Restore Windows 7/8/10 Default File Permissions
   Start (04/08/2016 19:00:29)
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\default.7z
Done,  0.2 seconds.
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\profile.7z
Done,  0.18 seconds.
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\program_files.7z
Done,  0.72 seconds.
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\program_files_x86.7z
Done,  0.26 seconds.
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\programdata.7z
Done,  0.34 seconds.
 
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\windows.7z
Done,  2.34 seconds.
 
   Running Repair Under Current User Account
   Done (04/08/2016 19:03:30)
 
03 - Reset Service Permissions
   Start (04/08/2016 19:03:30)
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:03:36)
 
04 - Register System Files
   Start (04/08/2016 19:03:36)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:03:51)
 
05 - Repair WMI
   Start (04/08/2016 19:03:51)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   IObit Malware Fighter Exported.
 
   Exporting AntiSpyware Info...
   IObit Malware Fighter Exported.
 
   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.
 
   Running Repair Under Current User Account
   Done (04/08/2016 19:06:37)
 
06 - Repair Windows Firewall
   Start (04/08/2016 19:06:37)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\services.7z
Done,  0.18 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:07:00)
 
07 - Repair Internet Explorer
   Start (04/08/2016 19:07:00)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:07:07)
 
08 - Repair MDAC/MS Jet
   Start (04/08/2016 19:07:07)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:07:10)
 
09 - Repair Hosts File
   Start (04/08/2016 19:07:10)
   Running Repair Under System Account
   Done (04/08/2016 19:07:11)
 
10 - Remove Policies Set By Infections
   Start (04/08/2016 19:07:11)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:07:13)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (04/08/2016 19:07:13)
   Running Repair Under System Account
   Done (04/08/2016 19:07:14)
 
12 - Repair Icons
   Start (04/08/2016 19:07:14)
   Running Repair Under Current User Account
   Done (04/08/2016 19:07:15)
 
13 - Repair Network
   Start (04/08/2016 19:07:15)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\services.7z
Done,  0.18 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:07:31)
 
14 - Remove Temp Files
   Start (04/08/2016 19:07:31)
   Running Repair Under System Account
   Done (04/08/2016 19:07:32)
 
15 - Repair Proxy Settings
   Start (04/08/2016 19:07:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:07:34)
 
17 - Repair Windows Updates
   Start (04/08/2016 19:07:34)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\services.7z
Done,  0.17 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (04/08/2016 19:07:51)
 
18 - Repair CD/DVD Missing/Not Working
   Start (04/08/2016 19:07:51)
   iTunes or GEARAspiWDM.sys not found, not applying UpperFilters iTunes Reg Key
   Done (04/08/2016 19:07:51)
 
19 - Repair Volume Shadow Copy Service
   Start (04/08/2016 19:07:51)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\services.7z
Done,  0.17 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:10)
 
20 - Repair Windows Sidebar/Gadgets
   Start (04/08/2016 19:08:10)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:12)
 
21 - Repair MSI (Windows Installer)
   Start (04/08/2016 19:08:12)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\services.7z
Done,  0.16 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:23)
 
22 - Repair Windows Snipping Tool
   Start (04/08/2016 19:08:23)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:25)
 
23.01 - Repair bat Association
   Start (04/08/2016 19:08:25)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:27)
 
23.02 - Repair cmd Association
   Start (04/08/2016 19:08:27)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:29)
 
23.03 - Repair com Association
   Start (04/08/2016 19:08:29)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:31)
 
23.04 - Repair Directory Association
   Start (04/08/2016 19:08:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:34)
 
23.05 - Repair Drive Association
   Start (04/08/2016 19:08:34)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:36)
 
23.06 - Repair exe Association
   Start (04/08/2016 19:08:36)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:38)
 
23.07 - Repair Folder Association
   Start (04/08/2016 19:08:38)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:40)
 
23.08 - Repair inf Association
   Start (04/08/2016 19:08:40)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:42)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (04/08/2016 19:08:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:44)
 
23.10 - Repair msc Association
   Start (04/08/2016 19:08:44)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:47)
 
23.11 - Repair reg Association
   Start (04/08/2016 19:08:47)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:49)
 
23.12 - Repair scr Association
   Start (04/08/2016 19:08:49)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:51)
 
24 - Repair Windows Safe Mode
   Start (04/08/2016 19:08:51)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:53)
 
25 - Repair Print Spooler
   Start (04/08/2016 19:08:53)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\services.7z
Done,  0.17 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:08:57)
 
26 - Restore Important Windows Services
   Start (04/08/2016 19:08:57)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\services.7z
Done,  0.19 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:09:04)
 
27 - Set Windows Services To Default Startup
   Start (04/08/2016 19:09:04)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:09:08)
 
28.01 - Repair Windows 8/10 App Store
   Start (04/08/2016 19:09:08)
 
Decompressing & Updating Windows Permission File E:\WOW\TV Series\delete\files\permissions\8\hku.7z
Done,  0.25 seconds.
 
   Running Repair Under Current User Account
   Done (04/08/2016 19:09:32)
 
29 - Repair Windows 8/10 Component Store
   Start (04/08/2016 19:09:32)
   Running Repair Under Current User Account
   Done (04/08/2016 19:22:12)
 
30 - Restore Windows 8/10 COM+ Unmarshalers
   Start (04/08/2016 19:22:12)
   Running Repair Under System Account
ERROR: Getting Security Info from <CLASSES_ROOT\Unmarshalers> failed with: The system cannot find the file specified.
[X] -----Job Complete-----      Items Done: 1      
   Done (04/08/2016 19:22:15)
 
31 - Repair Windows 'New' Submenu
   Start (04/08/2016 19:22:15)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:22:17)
 
32 - Restore UAC (User Account Control) Settings
   Start (04/08/2016 19:22:17)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (04/08/2016 19:22:20)
 
33 - Repair Performance Counters
   Start (04/08/2016 19:22:20)
   Running Repair Under Current User Account
   Done (04/08/2016 19:22:24)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (04/08/2016 19:22:24)
   Total Repair Time: 00:29:28
 
 
...YOU MUST RESTART YOUR SYSTEM...

Edited by cookiboos, 04 August 2016 - 11:30 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users