Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WindowsCodecs.dll corrupted


  • Please log in to reply
34 replies to this topic

#1 rawlith

rawlith

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 25 September 2016 - 07:10 AM

Hello computer wizards,

 

My Windows 10 computer appears to have been badly affected by a virus. Many of my programs now fail to start due to a corruption in the file: C:\WINDOWS\SYSTEM32\WindowsCodecs.dll

 

I tried reinstalling one of the programs and the problem persisted. I ran a full antivirus scan (Avast) and several threats were detected including a few bootkits. I tried to run a system file check but it was unable to complete.

 

As someone generally ignorant in this area I don't want to mess with the registry files (this was one of the ways I could find to fix the issue). Could anyone offer some assistance?

 

Many Thanks in advance.



BC AdBot (Login to Remove)

 


#2 Toits

Toits

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 25 September 2016 - 07:27 AM

Try sfc/scannow after removing viruses



#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:14 AM

Posted 25 September 2016 - 08:43 AM

I have requested that this topic be moved to the Am I Infected forum where the tools needed to run the needed scan may be used.  These tools can not be used in the Windows forums.
 
Please run Malwarebytes AntiMalware
 
Please download Malwarebytes Anti-Malware
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  You will see an image like the one below, click on Update Now.  
 
mbam1_zps98e7fba9.png
 
3)  Click on Settings, you will see a image like the one below.
 
malware%20settings_zpsixkea5sd.png
 
When Settings opens click on Detection and Protection, then under Non-Malware Protection, click on the down arrow for PUP (Potentially Unwanted Programs) detections and select Treat detections as malware.  Under Detection Options place a check in the box for Scan for rootkits
 
4)  Click on Scan (next to Settings), then click on Scan Now.  The scan will automatically run now.
 
5)  When the scan is complete the results will be displayed.  Click on Delete All.
 
malwarenew_zps34b58fdc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the log in your topic.
 
 

Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
Note:  The log may be very long.  You may need to break it into parts to post the whole log.
 
Post this in your topic.
 
 

Please run AdwCleaner
 
Please download AdwCleaner and install it.
 
When AdwCleaner opens you will see an image like the one below.
 
adwcleaner11_zps48314883.png
 
Click on Scan to start the scan.
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.
 
If there are no malicious programs are found you will receive the following message.
 
adwcleaner%20111_zpsiduqrrrp.png
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.


 

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run
till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need
to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that
    here
    .
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by dc3, 25 September 2016 - 08:44 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 rawlith

rawlith
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 September 2016 - 01:49 AM

Hello,
 
I have performed all the scans. The problems I have still persist.
 
I tried sfc/scannow again after removing the viruses and it is still unable to complete the operation. It ends at around 20%.
 
Here are the results:
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 25/09/2016
Scan Time: 20:57
Logfile: Malwarebytes report.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.09.25.06
Rootkit Database: v2016.08.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Michael
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 417249
Time Elapsed: 41 min, 33 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 7
PUP.Optional.Downloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FE802042-ACBD-4504-9DA4-072E38C62DD0}, , [d1894432ebafee48d4479f2ba65c6898], 
PUP.Optional.Downloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PPI Update, , [b8a2e096a0fa73c30814c208cd357c84], 
PUP.Optional.InstallBrain, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, , [fe5cf383c0da013507075d4a3fc4cb35], 
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, , [3e1cd5a168320a2cc35c14a34ab90af6], 
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [79e1a0d60199063044d611a6fe05eb15], 
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-3118947219-735216876-4075009570-1002\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [f6646412e9b15bdbb664ebcc887b3cc4], 
PUP.Optional.OptimizerPro, HKU\S-1-5-21-3118947219-735216876-4075009570-1002\SOFTWARE\OPTIMIZER PRO, , [a4b6b3c35743cb6bafbd7d3150b3d729], 
 
Registry Values: 2
PUP.Optional.Downloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FE802042-ACBD-4504-9DA4-072E38C62DD0}|Path, \PPI Update, , [d1894432ebafee48d4479f2ba65c6898]
PUP.Optional.OptimizerPro, HKU\S-1-5-21-3118947219-735216876-4075009570-1002\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, http://www.safeshopgate.com/r?s=121001231&g=EEB9B572-D0DA-29E8-58AE-D4003414C516, , [a4b6b3c35743cb6bafbd7d3150b3d729]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
Rogue.Multiple, C:\ProgramData\374311380, , [5703a9cd8e0ce155ba477d1bbb4742be], 
PUP.Optional.WinThruster, C:\Program Files (x86)\WinThruster, , [6af025517b1f45f1b8ea676062a09a66], 
PUP.Optional.Solvusoft, C:\Users\Michael\AppData\Roaming\Solvusoft, , [570344329ffb58de10357368996b9a66], 
 
Files: 12
PUP.Optional.SysTweak, C:\Program Files (x86)\WinThruster\WinThruster.exe, , [302a85f14852c96dd0c82b996c95e818], 
PUP.Optional.SysTweak, C:\Windows\System32\roboot64.exe, , [a5b53e38029865d1f3a5e2e2679a7d83], 
PUP.Optional.SysTweak, C:\Users\Michael\AppData\Local\Temp\_iu14D2N.tmp, , [6eec6016afebca6c5e609b241ee36799], 
PUP.Optional.InstallMonster, C:\Users\Michael\Downloads\Microsoft Office 2013 Product Key Generator Free Cracked (1).rar, , [f763492d504a55e1b9acf0f020e10ff1], 
PUP.Optional.InstallMonster, C:\Users\Michael\Downloads\Microsoft Office 2013 Product Key Generator Free Cracked.rar, , [223823535d3d5adc590ca937d42d35cb], 
PUP.Optional.SofTonic, C:\Users\Michael\Downloads\SoftonicDownloader_for_hamachi.exe, , [70ea80f699018caaaae755d41ee30000], 
PUP.Optional.SysTweak, C:\Users\Michael\Downloads\WinThruster_2016_Setup.exe, , [fa60aacc3a60ce68d5db615d7190c838], 
PUP.Optional.Downloader, C:\Windows\System32\Tasks\PPI Update, , [a2b897df920845f1a772c30721e144bc], 
PUP.Optional.WinThruster, C:\Program Files (x86)\WinThruster\isxdl.dll, , [6af025517b1f45f1b8ea676062a09a66], 
PUP.Optional.WinThruster, C:\Program Files (x86)\WinThruster\RegCleanPro.dll, , [6af025517b1f45f1b8ea676062a09a66], 
PUP.Optional.WinThruster, C:\Program Files (x86)\WinThruster\xmllite.dll, , [6af025517b1f45f1b8ea676062a09a66], 
PUP.Optional.Amonetize, C:\Users\Michael\AppData\Local\Temp\amipixel.cfg, , [352595e1d4c671c585f84359ae560af6], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
TDSSKiller
 
Nothing was deleted although I did find and delete some rootkits previously with Avast. Unfortunately I do not have the log for that scan.
 
ADW Cleaner
 

mbam-check result log version:     2.3.2.0
========================================
 
User Account type:                 Administrator
DomainComputer:                    No
OS:                                Windows 10  64 bit Operating System
Current Version and Build:         10.0.10586 OS Product Info: Home Edition
 
 
Malwarebytes Anti-Malware:         2.2.1.1043
Installed On:                      2016/09/25
Malware Database:                  2016.09.25.06
Rootkit Database:                  2016.08.15.01
Remediation Database:              2016.09.21.01
IP Database:                       2016.09.23.01
Domain Database:                   2016.09.23.03
License:                           Free
Malware Protection:                0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
Malicious Website Protection:      0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMWebAccessControl
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2016/09/25 21:55:23
 
User Information for Local System:
===========================================
User Account: Administrator
Account Level: Admin
User Account: DefaultAccount
Account Level: Guest
User Account: Guest
Account Level: Guest
User Account: HomeGroupUser$
Account Level: Guest
User Account: Michael
Account Level: Admin
Total # of user entries: 5
 
UAC Settings:
===================
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
DWORD 1 Status: ON
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
DWORD 5 Status: ON
 
AntiVirus Information:
===================
AntiVirus Software Installed: "Windows Defender"
AntiVirus Software Installed: "Avast Antivirus"
 
FireWall Information:
===================
NO 3rd Party Firewall Software Installed
 
AntiSpyware Information:
===================
AntiSpyware Software Installed: "Windows Defender"
AntiSpyware Software Installed: "Avast Antivirus"
 
Machine Information
===============================================
Machine ID: 8392a3cdd98b2ad8599a6434002babb178392c07
Installation Token: sQfjAs-88PQJt84a3ww51474828942
System has been up for: 0.1025 Hours
System has been booted within the last hour
Current Date: 2016-Sep-25 19:55:25.818976
Date Booted: 2016-Sep-25 19:55:25.818976
 
Detection and Protection Settings
===============================================
Use Advanced Heuristics Engine (Shuriken):            true
Scan for rootkits:                                    true
Scan within archives:                                 true
PUP (Potentially Unwanted Program) detections:        Treat Detections as Malware
PUM (Potentially Unwanted Modification) detections:   Treat Detections as Malware
 
Compatibility Flag Settings:
=================================
 
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Users\Michael\Desktop\Games\The SIMS 4-Deluxe Edition-SKIDROWCRACK\Game\Bin\The.Sims.4.Launcher.exeREG_SZ ~ RUNASADMIN
 
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\WINDOWS\system32\drivers\mbam.sys
File Size: 27008     BYTES FileVersion: 0.1.16.0 MD5: [78bff5425e044086e74e78650a359fbb]
C:\WINDOWS\system32\drivers\mwac.sys
File Size: 65408     BYTES FileVersion: 1.0.6.0 MD5: [898415ac0b5f1d2a9a48abcb68a6dc4b]
C:\WINDOWS\system32\drivers\mbamswissarmy.sys
File Size: 192216    BYTES FileVersion: 0.3.0.4 MD5: [78488af2ab2111d67b3c4044707a519b]
C:\WINDOWS\system32\drivers\mbamchameleon.sys
File Size: 140672    BYTES FileVersion: 1.1.22.0 MD5: [1239597bab7eed2bb16d035af87e65d9]
 
--------------MBAMProtector:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMService:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMScheduler:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMWebAccessControl:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
ErrorControl                  REG_DWORD 1
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Start                         REG_DWORD 2
Type                          REG_DWORD 32
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
DependOnService               REG_MULTI_SZ RpcSs
 
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
 
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
ErrorControl                  REG_DWORD 3
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
 
 
C:\WINDOWS\system32\drivers\fltmgr.sys
File Size: 377696    BYTES FileVersion: 6.2.10586.0 MD5: [25d7a58625e1453e40d36825de74e4f1]
C:\WINDOWS\SysWOW64\mscomctl.ocx
File Size: 1070152   BYTES FileVersion: 6.1.98.34 MD5: [e52859fcb7a827cacfce7963184c7d24]
C:\WINDOWS\SysWOW64\olepro32.dll
File Size: 88576     BYTES FileVersion: 6.2.10586.589 MD5: [7a8a2f106151b09e96abcbde716f5a69]
 
 
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    StartSilentMode:                                           false 
    StartupDelay:                                              -15 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          true 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Marketing: 
    LastPostScanMarketingIndex:                                1 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       3000 
ScanHistory: 
    Duration_Complete:                                         427112 
    Duration_Driver:                                           5666 
    Duration_Filesystem:                                       26 
    Duration_Heuristics:                                       1975410 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 14 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          16269 
    Duration_Registry:                                         21299 
    Duration_Sector:                                           0 
    Duration_Startup:                                          38044 
    ItemCount_Complete:                                        293783 
    ItemCount_Driver:                                          103 
    ItemCount_Filesystem:                                      61162 
    ItemCount_Heuristics:                                      58599 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                1 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         16250 
    ItemCount_Registry:                                        882 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         2666 
    LastRemovalRequiredDOR:                                    true 
    LastScanDateEpoch:                                         1474829861350 
    LastScanType:                                              1 (Threat Scan)
    QuarantineCompletedCount:                                  24 
Update: 
    LastUpdate:                                                2016-09-25T18:42:52 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    7 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
    CheckProgramUpdates:         true
--------------Account:--------------
  Account Status:                                              Free 
  Expiration Time:                                              
  Activation Time:                                              
  Trial Used:                                                  false 
--------------Access Policies:--------------
 
Scheduler Queue:
================
 
 
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
Pending File Rename Operations: 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\Michael\AppData\Local\Temp\{77A960FD-8245-4ABB-9E7A-E3A4D8C25589}\{8B255978-BF3F-43B0-87EC-3FB4EC9F3031}.exe
 
 
 
MBAMProtector Registry Values:
==============================
 
 
 
MBAMService Registry Values:
============================
 
 
 
MBAMScheduler Registry Values:
==============================
 
 
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Proxy Status: No proxy is Set
 
Proxy Override: 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
ProxyOverride REG_SZ *.local
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ HH:mm:ss
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: 850 Please refer to this link for details: Here 
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Context Menu Entries:
=====================
 
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
 
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default):                    REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt
 
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 922080    BYTES FileVersion:  9.20.0.0       MD5: [14079a2411fa2bb7f78bc100c92bbcc2]
changes.txt                             File Size: 1596      BYTES FileVersion:  N/A            MD5: [09371a0c8bd9e9554571da257d554d3e]
cloud-enumeration.dll                   File Size: 287200    BYTES FileVersion:  1.0.1.0        MD5: [84ac20b9327dbd4d94039be93384dad5]
cloud.dll                               File Size: 352736    BYTES FileVersion:  1.0.1.0        MD5: [5659790448fb136a80be407c4a0dbb50]
license.rtf                             File Size: 38870     BYTES FileVersion:  N/A            MD5: [ed36ea764c3a452334416713c8cf1eed]
master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 609760    BYTES FileVersion:  1.0.40.0       MD5: [c4a51c1cb174066fdaf383c09f0d574b]
mbam.exe                                 File Size: 9926112   BYTES FileVersion:  2.3.173.0      MD5: [8e98e3ec16d2641005b4748cd330fb45]
mbamcore.dll                             File Size: 2127840   BYTES FileVersion:  1.3.24.0       MD5: [63ce66ef2b30a09308eafe29baec6a75]
mbamdor.exe                             File Size: 55264     BYTES FileVersion:  1.0.2.0        MD5: [297c1bdcc26adb339d4c0f0550e434d6]
mbamext.dll                             File Size: 431072    BYTES FileVersion:  3.1.1.0        MD5: [67a6ec1735c77c2623b49cc1f284c8a0]
mbampt.exe                               File Size: 40928     BYTES FileVersion:  1.0.57.0       MD5: [04d0b942b0ad4a5d2eee45d9b7d6545b]
mbamresearch.exe                         File Size: 1949152   BYTES FileVersion:  1.1.1.0        MD5: [e601f9ca6a72493bc8185bedda17eee8]
mbamscheduler.exe                       File Size: 1514464   BYTES FileVersion:  3.1.7.0        MD5: [9611577752e293259c7dce19e9026362]
mbamservice.exe                         File Size: 1136608   BYTES FileVersion:  3.2.21.0       MD5: [f1a89a34388b5626f1548d393b23ecb1]
mbamsrv.dll                             File Size: 3863008   BYTES FileVersion:  2.1.10.0       MD5: [a33629c51295570fe9f252a39ddcea93]
mbamtoast.dll                           File Size: 98272     BYTES FileVersion:  1.70.0.0       MD5: [b55f6f7b61ae6070a6e023e11fda92ee]
msvcp100.dll                             File Size: 422880    BYTES FileVersion:  10.0.40219.325 MD5: [53a5f1b984f585997968cd0dfb27400c]
msvcr100.dll                             File Size: 775648    BYTES FileVersion:  10.0.40219.325 MD5: [dc0213118e61e5ca865092109860792c]
Qt5Core.dll                             File Size: 4646880   BYTES FileVersion:  5.4.1.0        MD5: [91c7c50b2a290b82604163b5a679ea24]
Qt5Gui.dll                               File Size: 4640224   BYTES FileVersion:  5.4.1.0        MD5: [1d59b3e632aef8e24cc1707fd411113b]
Qt5Network.dll                           File Size: 673248    BYTES FileVersion:  5.4.1.0        MD5: [e089635a8cbed229ec30cdbe29748c08]
Qt5Widgets.dll                           File Size: 4474848   BYTES FileVersion:  5.4.1.0        MD5: [33881dda0ccc3898facadf1e4d1df237]
unins000.dat                             File Size: 36475     BYTES FileVersion:  N/A            MD5: [868fe1ebe70d15b6f562795ff12f8fff]
unins000.exe                             File Size: 720085    BYTES FileVersion:  51.52.0.0      MD5: [f1505d347325c77e3eeef418495e1f57]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
firefox.exe                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
firefox.pif                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
firefox.scr                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
iexplore.exe                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
mbam-chameleon.com                       File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
mbam-chameleon.exe                       File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
mbam-chameleon.pif                       File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
mbam-chameleon.scr                       File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
mbam-killer.exe                         File Size: 1504736   BYTES FileVersion:  3.0.15.0       MD5: [b79d3c2fca170c4dd15d7316067a1fd3]
rundll32.exe                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
svchost.exe                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
windows.exe                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
winlogon.exe                             File Size: 960480    BYTES FileVersion:  3.1.29.0       MD5: [f86a4139730504047f52ccfb8c47e9f5]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif.dll                                 File Size: 29664     BYTES FileVersion:  5.4.1.0        MD5: [0b528e4c9bbd9efdea9bc8ac6a967d6d]
qico.dll                                 File Size: 29664     BYTES FileVersion:  5.4.1.0        MD5: [7b36d94db81b8b0dfd9323228dd96b51]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_ar.qm                               File Size: 87404     BYTES FileVersion:  N/A            MD5: [269d3107ca72a75fe154ce4ff718af50]
lang_bg.qm                               File Size: 133911    BYTES FileVersion:  N/A            MD5: [376ad1e4ad206bc32da09b12b564ecc4]
lang_ca.qm                               File Size: 92634     BYTES FileVersion:  N/A            MD5: [2d35f58b0c2db44ad2717f4a4526a085]
lang_cs.qm                               File Size: 105193    BYTES FileVersion:  N/A            MD5: [2c191de828d5e05fd7afa27ee1245023]
lang_da.qm                               File Size: 88039     BYTES FileVersion:  N/A            MD5: [f8a4941d5d388160d252832a77ab584f]
lang_de.qm                               File Size: 139276    BYTES FileVersion:  N/A            MD5: [b55f37281f0fcadfae67aecf0bf4cca5]
lang_el.qm                               File Size: 126897    BYTES FileVersion:  N/A            MD5: [bd671253e071bac626beea63393abcda]
lang_en.qm                               File Size: 3081      BYTES FileVersion:  N/A            MD5: [e2790b3cd9fdd9d3e266e9623fe477af]
lang_es.qm                               File Size: 138468    BYTES FileVersion:  N/A            MD5: [cc4f3aab63d933d5964e2bba62df4277]
lang_et.qm                               File Size: 107794    BYTES FileVersion:  N/A            MD5: [aa4845cd64b20377cea0ebc66eed4a42]
lang_fi.qm                               File Size: 130793    BYTES FileVersion:  N/A            MD5: [00653d1fb2f790817aef991025c176aa]
lang_fr.qm                               File Size: 141996    BYTES FileVersion:  N/A            MD5: [e06db8ef6b826b75ec5859913651ed44]
lang_he.qm                               File Size: 98928     BYTES FileVersion:  N/A            MD5: [2954e902664f2e129f8a8d8238e90552]
lang_hu.qm                               File Size: 132359    BYTES FileVersion:  N/A            MD5: [6bf3b8c78fd393ef2811a19742518b9a]
lang_id.qm                               File Size: 129135    BYTES FileVersion:  N/A            MD5: [6be058072a90897595c6f097a3caa797]
lang_it.qm                               File Size: 134154    BYTES FileVersion:  N/A            MD5: [183990148beec433023688db65a7bf2e]
lang_ja.qm                               File Size: 73762     BYTES FileVersion:  N/A            MD5: [f6bfd643cb92fa760ae6ec64344ee7e1]
lang_ko.qm                               File Size: 85731     BYTES FileVersion:  N/A            MD5: [53b5a94eb309d69993a5bc3cd43a85e4]
lang_lt.qm                               File Size: 90799     BYTES FileVersion:  N/A            MD5: [eecd8edca1fb068ad3bd88aa711bdae2]
lang_lv.qm                               File Size: 90659     BYTES FileVersion:  N/A            MD5: [683950904e725821740217824df440ff]
lang_nl.qm                               File Size: 133514    BYTES FileVersion:  N/A            MD5: [442a6cf7e07e6f676d8b5ae41637549c]
lang_no.qm                               File Size: 129833    BYTES FileVersion:  N/A            MD5: [8949e21e367e5a32ca9f36d8d22c9771]
lang_pl.qm                               File Size: 133827    BYTES FileVersion:  N/A            MD5: [48379f4ac164adfc8d448bf53c8e2df8]
lang_pt_BR.qm                           File Size: 136918    BYTES FileVersion:  N/A            MD5: [b1ea2002cf5362b24ca0a026f448e3f1]
lang_pt_PT.qm                           File Size: 136982    BYTES FileVersion:  N/A            MD5: [5e23b66cb6d8d9894b991cc8f33658af]
lang_ro.qm                               File Size: 90458     BYTES FileVersion:  N/A            MD5: [bcf524020255c4f7a6fdbae8df2bfe81]
lang_ru.qm                               File Size: 137874    BYTES FileVersion:  N/A            MD5: [5e28394fbd12f21301e2b7e1a9dbac94]
lang_sk.qm                               File Size: 131080    BYTES FileVersion:  N/A            MD5: [68e0e95e7131d101188a57e3a413dee5]
lang_sl.qm                               File Size: 107631    BYTES FileVersion:  N/A            MD5: [83755001a3f1bd527d0b4b7a77d0b37d]
lang_sv.qm                               File Size: 129135    BYTES FileVersion:  N/A            MD5: [b3c38242beb63f895fabcc14bbc6807a]
lang_tr.qm                               File Size: 88838     BYTES FileVersion:  N/A            MD5: [1e4a3c0dcd7074ad4a3971ce67762cda]
lang_vi.qm                               File Size: 133386    BYTES FileVersion:  N/A            MD5: [586de19c023986bf884ad56fc29c8f5e]
lang_zh_TW.qm                           File Size: 87797     BYTES FileVersion:  N/A            MD5: [e120a014cf077bdcbcdcbf98c3438188]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
qwindows.dll                             File Size: 929760    BYTES FileVersion:  5.4.1.0        MD5: [6c54d2ebeaacbe9b56816536041c8281]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           File Size: 823776    BYTES FileVersion:  1.4.0.1001     MD5: [bbfc25590af3e45d8cca1fab95648b40]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             File Size: 9251      BYTES FileVersion:  N/A            MD5: [87bb68ff723ecd46de8c248e1cfec0f1]
akadomains.ref                           File Size: 92        BYTES FileVersion:  N/A            MD5: [73d5774cbd8df165274a0691ae264808]
akaips.ref                               File Size: 92        BYTES FileVersion:  N/A            MD5: [2a6869d1f91f0a0b87b1d27bd30ccc5c]
domains.ref                             File Size: 1021828   BYTES FileVersion:  N/A            MD5: [2efa99da3924fafba2d9ab04afc3239a]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 File Size: 193940    BYTES FileVersion:  N/A            MD5: [1aa3cfc440c0a577bb5ee91d1747e813]
mbamdor.exe                             File Size: 55264     BYTES FileVersion:  1.0.2.0        MD5: [297c1bdcc26adb339d4c0f0550e434d6]
rules.ref                               File Size: 10730331  BYTES FileVersion:  N/A            MD5: [9cc73eb757dca81ea2e78821f43039f6]
swissarmy.ref                           File Size: 28321     BYTES FileVersion:  N/A            MD5: [eb97c9c4941dc1cb6b1d54ca08074986]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4598      BYTES FileVersion:  N/A            MD5: [1a680dd90657e70bedeee03afde947c3]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 1436      BYTES FileVersion:  N/A            MD5: [d40655560c24d1e1103cf9e9bc8a44df]
manifest.conf                           File Size: 3391      BYTES FileVersion:  N/A            MD5: [fe309e39a418d6b6263232274cdb5aeb]
marketing.conf                           File Size: 6974      BYTES FileVersion:  N/A            MD5: [53bbca93e7bbeb7f5dca1ef9419ccb28]
net.conf                                 File Size: 7338      BYTES FileVersion:  N/A            MD5: [da15d266c6cee404cfa0f70c718d1d37]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 2130      BYTES FileVersion:  N/A            MD5: [7ad6b7a1e858093535eab45ec9d87964]
statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [55f2399df42cc733e7037cb4f61351ef]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf                               File Size: 4179      BYTES FileVersion:  N/A            MD5: [20d9566b3cf94f1e395de8f40046fc68]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
manifest.conf                           File Size: 3171      BYTES FileVersion:  N/A            MD5: [a6e5576f7723acab40490fb9e64dfc1c]
marketing.conf                           File Size: 6974      BYTES FileVersion:  N/A            MD5: [53bbca93e7bbeb7f5dca1ef9419ccb28]
net.conf                                 File Size: 6530      BYTES FileVersion:  N/A            MD5: [9fb4acfdc11c7af48a760db4c7bfebf0]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 1724      BYTES FileVersion:  N/A            MD5: [e27b42126b89352fdaae8f1630b9a8d8]
statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2016-09-25 (20-45-08).xml       File Size: 3630      BYTES FileVersion:  N/A            MD5: [8e90e64f4230a10430b047732ed1017f]
mbam-log-2016-09-25 (20-57-35).xml       File Size: 12592     BYTES FileVersion:  N/A            MD5: [e5273289edc6598f19c6a389e0356ecf]
protection-log-2016-09-25.xml           File Size: 2299      BYTES FileVersion:  N/A            MD5: [08e44ad4967b0095df376d27e3a2a818]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
0533606673.data                         File Size: 774       BYTES FileVersion:  N/A            MD5: [4be52d5d7720a5307f15618e8188feaf]
0533606673.quar                         File Size: 324       BYTES FileVersion:  N/A            MD5: [64e5ba984fd09d25f2f0fd5bc2d84f8d]
0707313959.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [741dd03ec4b269b7ef12e3f16be1cb29]
0707313959.quar                         File Size: 367432    BYTES FileVersion:  N/A            MD5: [584ebd3d90828aa1e083a2cb3a6bc284]
0996680236.data                         File Size: 737       BYTES FileVersion:  N/A            MD5: [b552d73baf5eef500f975a81d4720705]
0996680236.quar                         File Size: 16028     BYTES FileVersion:  N/A            MD5: [95e0fa9990794b084cfc4ceeb0de778d]
1126110673.data                         File Size: 692       BYTES FileVersion:  N/A            MD5: [e9ecfb0a11f43bf29a8f262216a415d6]
1126110673.quar                         File Size: 21624     BYTES FileVersion:  N/A            MD5: [94cacb8ebd75748c1dbaa30d85f5614d]
1425148513.data                         File Size: 698       BYTES FileVersion:  N/A            MD5: [5a0c320b5c1c50657288498f62468d8c]
1425148513.quar                         File Size: 3588      BYTES FileVersion:  N/A            MD5: [95bd7959a2c2aa01ce5e748bcef696de]
1593491586.data                         File Size: 713       BYTES FileVersion:  N/A            MD5: [f9e314485449eea3b9b54b846b64af92]
1593491586.quar                         File Size: 1667072   BYTES FileVersion:  N/A            MD5: [c41bf1efbde8c12bb169010432054d77]
1831421423.data                         File Size: 730       BYTES FileVersion:  N/A            MD5: [eb27f2897587117d1c485ea7059c981a]
1831421423.quar                         File Size: 290       BYTES FileVersion:  N/A            MD5: [1d3902c1e9b3ce62da4b037eb3e0e1cd]
2233420423.data                         File Size: 746       BYTES FileVersion:  N/A            MD5: [c95377734bfe7819520c5ba7fff3f3ba]
2233420423.quar                         File Size: 1602      BYTES FileVersion:  N/A            MD5: [c5dd6dc2582b22b7e059000d5059e4bc]
3179542221.data                         File Size: 709       BYTES FileVersion:  N/A            MD5: [5752c18f5ae1b274951ec9ebe703428b]
3179542221.quar                         File Size: 126976    BYTES FileVersion:  N/A            MD5: [c44a0afdbebc6d05092af6c6150b1f2a]
4337188660.data                         File Size: 753       BYTES FileVersion:  N/A            MD5: [17639090e2e176c46516626bcc38a1f4]
4337188660.quar                         File Size: 3536983   BYTES FileVersion:  N/A            MD5: [11a11c0679e0b9fa7ea997c4afdc3e7c]
4346203349.data                         File Size: 699       BYTES FileVersion:  N/A            MD5: [a76fa082ffec3d77ba572851fc2d2fc2]
4346203349.quar                         File Size: 286       BYTES FileVersion:  N/A            MD5: [be610071dff3c329635b49c7d8cb7f68]
5168041761.data                         File Size: 709       BYTES FileVersion:  N/A            MD5: [d5915d019d0171bdf5c31efe0ecf9525]
5168041761.quar                         File Size: 23        BYTES FileVersion:  N/A            MD5: [5bce98b02623825a9a329e7fa07888af]
5172889017.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [c8a6a9a7eddc0c5dd57bc1a96de8274f]
5172889017.quar                         File Size: 1162872   BYTES FileVersion:  N/A            MD5: [b453999f7b14c19101051bde8edb8a28]
6028638128.data                         File Size: 713       BYTES FileVersion:  N/A            MD5: [5e9217a16d752218a54ab83cc4f8834c]
6028638128.quar                         File Size: 3901072   BYTES FileVersion:  N/A            MD5: [059d21769b085c3af874caa3af800caa]
6849902707.data                         File Size: 707       BYTES FileVersion:  N/A            MD5: [6955dadf4e8e9deeb7256bd58ef93d91]
6849902707.quar                         File Size: 158328    BYTES FileVersion:  N/A            MD5: [79115eee33181ffc27794301f87d66b0]
6875968455.data                         File Size: 873       BYTES FileVersion:  N/A            MD5: [15c6b7c704a798a8f8f79cc90ef6fcb8]
7067422539.data                         File Size: 703       BYTES FileVersion:  N/A            MD5: [3b666b50c5bcc16ff650dfc0f4e40236]
7751247841.data                         File Size: 736       BYTES FileVersion:  N/A            MD5: [eeeaacf919066730f366a9e67edece58]
7751247841.quar                         File Size: 4492      BYTES FileVersion:  N/A            MD5: [3b8cda97051a65c83e9f767d52947373]
8560681576.data                         File Size: 697       BYTES FileVersion:  N/A            MD5: [e2ce5d60131a706b0cc51495d86ee5df]
8680403880.data                         File Size: 710       BYTES FileVersion:  N/A            MD5: [17118d5e356d6866c4a1c334a2e5d6d7]
8680403880.quar                         File Size: 7129208   BYTES FileVersion:  N/A            MD5: [b0bb46e9f7b33a0077d602b06028fcc4]
8732065447.data                         File Size: 835       BYTES FileVersion:  N/A            MD5: [95c53cc4101eeac479979371c7e9bda1]
9005867782.data                         File Size: 677       BYTES FileVersion:  N/A            MD5: [531fb03c0dd18572b5e1f61061f6d854]
9285981415.data                         File Size: 775       BYTES FileVersion:  N/A            MD5: [be3caba7e1192c55c7441cacf014d330]
9285981415.quar                         File Size: 4556      BYTES FileVersion:  N/A            MD5: [f9f3d42b4f658cd7b2101de860e57f26]
9935801600.data                         File Size: 757       BYTES FileVersion:  N/A            MD5: [38c9a62c3b876e102aac4c6e1dec9ea4]
9935801600.quar                         File Size: 3536983   BYTES FileVersion:  N/A            MD5: [3d30fb4b71cc77abdf19f20f60a8be19]
 
Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
Vendor: PUP.Optional.SuperOptimizer, Date: 2016/09/25 18:57:41, Type: Registry Key, Location: HKU\S-1-5-21-3118947219-735216876-4075009570-1002\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}
Vendor: PUP.Optional.SofTonic, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Users\Michael\Downloads\SoftonicDownloader_for_hamachi.exe
Vendor: PUP.Optional.SuperOptimizer, Date: 2016/09/25 18:57:41, Type: Registry Key, Location: HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}
Vendor: PUP.Optional.SysTweak, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Windows\System32\roboot64.exe
Vendor: PUP.Optional.Downloader, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Windows\System32\Tasks\PPI Update
Vendor: PUP.Optional.WinThruster, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Program Files (x86)\WinThruster\RegCleanPro.dll
Vendor: PUP.Optional.SuperOptimizer, Date: 2016/09/25 18:57:41, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Vendor: PUP.Optional.Downloader, Date: 2016/09/25 18:57:41, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PPI Update
Vendor: PUP.Optional.WinThruster, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Program Files (x86)\WinThruster\xmllite.dll
Vendor: PUP.Optional.InstallMonster, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Users\Michael\Downloads\Microsoft Office 2013 Product Key Generator Free Cracked.rar
Vendor: PUP.Optional.InstallBrain, Date: 2016/09/25 18:57:41, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\InstallIQ
Vendor: PUP.Optional.Amonetize, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Users\Michael\AppData\Local\Temp\amipixel.cfg
Vendor: PUP.Optional.SysTweak, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Users\Michael\AppData\Local\Temp\_iu14D2N.tmp
Vendor: PUP.Optional.SysTweak, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Users\Michael\Downloads\WinThruster_2016_Setup.exe
Vendor: PUP.Optional.WinThruster, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Program Files (x86)\WinThruster\isxdl.dll
Vendor: PUP.Optional.OptimizerPro, Date: 2016/09/25 18:57:41, Type: Registry Value, Location: HKU\S-1-5-21-3118947219-735216876-4075009570-1002\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL
Vendor: PUP.Optional.Solvusoft, Date: 2016/09/25 18:57:41, Type: Folder, Location: C:\Users\Michael\AppData\Roaming\Solvusoft
Vendor: PUP.Optional.OptimizerPro, Date: 2016/09/25 18:57:41, Type: Registry Key, Location: HKU\S-1-5-21-3118947219-735216876-4075009570-1002\SOFTWARE\OPTIMIZER PRO
Vendor: PUP.Optional.WinThruster, Date: 2016/09/25 18:57:41, Type: Folder, Location: C:\Program Files (x86)\WinThruster
Vendor: PUP.Optional.SysTweak, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Program Files (x86)\WinThruster\WinThruster.exe
Vendor: PUP.Optional.Downloader, Date: 2016/09/25 18:57:41, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FE802042-ACBD-4504-9DA4-072E38C62DD0}|Path
Vendor: Rogue.Multiple, Date: 2016/09/25 18:57:41, Type: Folder, Location: C:\ProgramData\374311380
Vendor: PUP.Optional.Downloader, Date: 2016/09/25 18:57:41, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FE802042-ACBD-4504-9DA4-072E38C62DD0}
Vendor: PUP.Optional.InstallMonster, Date: 2016/09/25 18:57:41, Type: File, Location: C:\Users\Michael\Downloads\Microsoft Office 2013 Product Key Generator Free Cracked (1).rar
===============================================================
END OF FILE
 
 
 
 
 

ESET

 

This appears to have delete my crack files. Not sure if this is the origin of the problem since I haven't installed anything new for over a year.

 

C:\Program Files (x86)\The Sims 4\Game\Bin\RldOrigin.dll a variant of Win32/HackTool.Crack.DK potentially unsafe application cleaned by deleting
C:\Users\Michael\AppData\Local\Temp\7zO099B01C7\Microsoft Toolkit.exe a variant of MSIL/HackKMS.G potentially unsafe application deleted
C:\Users\Michael\AppData\Roaming\uTorrent\updates\3.4.2_32549.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
C:\Users\Michael\AppData\Roaming\uTorrent\updates\3.4.2_38913.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Users\Michael\Downloads\ccsetup511.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
C:\Users\Michael\Downloads\The.Sims.4.Update.6-RELOADED.rar Win32/HackTool.Crack.CY potentially unsafe application deleted
D:\Downloads\Sleeping.Dogs-SKIDROW\sr-sddvd2.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted
D:\Downloads\The Sims 4 Update v1.2.16.10-RELOADED\Crack\Game\Bin\rld.dll Win32/HackTool.Crack.CY potentially unsafe application cleaned by deleting
D:\Downloads\The Sims 4 Update v1.2.16.10-RELOADED\Crack\Game\Bin\RldOrigin.dll a variant of Win32/HackTool.Crack.DK potentially unsafe application cleaned by deleting
D:\Downloads\The Sims 4 Update v1.7.65.1020 Incl DLC-RELOADED\The Sims 4 Update v1.7.65.1020 Incl DLC-RELOADED.rar a variant of Win32/HackTool.Crack.DK potentially unsafe application deleted
D:\Downloads\The Sims 4 Update v1.7.65.1020 Incl DLC-RELOADED\S4\Crack\Game\Bin\RldOrigin.dll a variant of Win32/HackTool.Crack.DK potentially unsafe application cleaned by deleting
D:\Downloads\The.Sims.4-RELOADED\rld-thesims4.iso a variant of Win32/HackTool.Crack.DK potentially unsafe application deleted
D:\Downloads\The.Sims.4.Get.to.Work.Addon-RELOADED\rld-sims4gtw.iso a variant of Win32/HackTool.Crack.DK potentially unsafe application deleted
D:\Games\Deus Ex Human Revolution\bleep-dehr.iso a variant of Win32/Patched.F potentially unsafe application deleted
D:\Games\Deus Ex Human Revolution\Deus Ex - Human Revolution\steam_api.dll a variant of Win32/Patched.F potentially unsafe application cleaned by deleting
D:\Games\Sleeping Dogs\buddha.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting
D:\Programs\Microsoft Office 2013 Professional Plus activation crack\Microsoft Toolkit 2.4.5.exe a variant of MSIL/HackKMS.G potentially unsafe application deleted
D:\Programs\Microsoft Office 2013 Professional Plus activation crack\Microsoft Toolkit 2.5.3 Official Torrent\MTKV253.zip a variant of MSIL/HackKMS.G potentially unsafe application deleted


#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:14 AM

Posted 26 September 2016 - 08:59 AM

You need to be aware of the forum rules.

 

No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences.

 

You have a illegal copy of Windows Office 2013.

 

Type: File, Location: C:\Users\Michael\Downloads\Microsoft Office 2013 Product Key Generator Free Cracked.rar


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:14 AM

Posted 26 September 2016 - 09:42 AM

You should be more concerned as to what the Eset scan detected:



The practice of using keygens, hacking tools, cracking tools, warez, torrents or any pirated software is not only considered illegal activity but it is a serious security risk.


Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

TrendMicro Warning


...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV


...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study


...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware


...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.

Microsoft Reveals the Risks of Using Pirated XP and Office
Whatever You Do, Do Not Download Windows 7 Via Torrent Sites

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 rawlith

rawlith
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 September 2016 - 10:27 AM

Yes that is true. I am in a position now to acquire a legal copy of MS office.

 

I would be happy to uninstall the illegal version if you are able to continue helping me.

 

Thank you Insanity and Beyond for the information. I am no longer a destitute student so I will be buying my software in future.


Edited by rawlith, 26 September 2016 - 10:34 AM.


#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:14 AM

Posted 26 September 2016 - 01:00 PM

Please download Microsoft Genuine Advantage Diagnostic Tool.  Clicking on this link will immediately initiate the download.
 
When the diagnostic tool opens you will see a image like the one below.  Click on Continue.
 
mgadt1_zpssea2rxt2.png
 
Click on Copy, copy and then paste the content in your topic.
 
mgadt2_zpsbrkf74ab.png
 
If the Copy option does not work, take a screenshot of the content of the image and post that in your topic.
 
How to make a screenshot
 
1. Download and run A Thousand Words .
 
2. Follow the wizard to capture a screenshot
 
3. Use the built-in editor to resize, edit, or re-capture your screen shot. 
 
4. Your screen shot will be saved to your desktop when you finish the wizard.
 
You can post the screenshot in your next post as an attachment.  
 
Just below the area where you write text in a post there is the Post button, to the right of this is More Reply Options
 
Post2_zpsf05c0430.png
 
When you click on More Relpy Options  you will see Attach Files and Browse, click on Browse, this will open Pictures on your computer, click on the image you want to post, then click on Attach This File, then Add Reply.
 
BCreply1_zpsc36d42fc.png 

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 rawlith

rawlith
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 September 2016 - 01:38 PM

I cannot see the option to attach any files after clicking more reply options. Is there another way to transfer the image?



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:14 AM

Posted 26 September 2016 - 01:47 PM

My bad.  I forgot that this is in the Am I Infected forum.  You can't post attachments there.  You would need to use a host website like Photobucket to post the image.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 rawlith

rawlith
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 26 September 2016 - 02:16 PM

MGADT%20%20Thousand%20Words%20error%20meThe images on the right are error messages that came up when I tried to use the Thousand Words software, it's the same error I get for several other programs.


Edited by rawlith, 26 September 2016 - 02:18 PM.


#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:14 AM

Posted 27 September 2016 - 09:00 AM

 
 
 
Please run sfc /scannow
 
The sfc /scannow command scans all protected system files and replaces corrupted and incorrect versions with correct Microsoft versions.
 
To open the Command Prompt press the Windows keywindowskey_zps092d5c75.png and the X key at the same time.   A menu will open with the option Command Prompt (Admin), click/tap on this.
 
You will see a window similar to the one below.
 
command%20prompt%20w8_zpsxjmewau9.png
 
When the Elevated Command Prompt opens copy and paste in sfc /scannow, then press Enter.
 
This will take a while,  have patience and allow it finish.  Stopping this scan could damage files.  
 
When the scan is finished please post the log of this scan.
 
Do the following to access the sfc /scannow log.
 
Open the Command Prompt, copy and paste the command below followed by pressing the Enter key.
 
copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
 
This will place a new icon on the desktop titled CBS.   
 
This log usually is very large, for this reason you should use a host website like Dropbox to post the log.  You can start a free 30 day trial.  Once you have loaded the log at Dropbox post a link to the website.
 
Double click on this icon to open the CBS log, copy and paste the log in your dropbox account and post the link in your topic.
 
Is your copy of Window 10 a legal copy?

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:14 AM

Posted 27 September 2016 - 09:31 AM

I would like to see the log for the Avast scan which found rootkits.

 

You can find instructions for locating the log here.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#14 rawlith

rawlith
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 27 September 2016 - 10:00 AM

Yes, my copy of Windows 10 was a free upgrade from a pre-installed version of Windows 8 (store bought laptop).

 

I have tried multiple times to run the system scan but always get the message:

 

"Windows Resource Protection could not perform the requested operation".



#15 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:14 AM

Posted 27 September 2016 - 10:34 AM



I have tried multiple times to run the system scan but always get the message:

 

"Windows Resource Protection could not perform the requested operation".

I'm guessing that you are referring to the sfc /scannow.

 

You need to use an administrator account to run this scan.  

 

Try the following:  Press the Windows key and the R key together.  In the menu that opens select Command Prompt (Admin), then enter the command sfc /scannow.


Edited by dc3, 27 September 2016 - 10:39 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users