Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pc won't reboot, can someone create a fixlist.txt for me? HELP PLE

Started by samespinoza , Oct 12 2013 12:42 PM

  • This topic is locked This topic is locked

#1
samespinoza
Posted 12 October 2013 - 12:42 PM

samespinoza

    New Member

  • Member
  • Pip
  • 1 posts
HI, i already runned frst64 here is the log, can someone create a fixlist? it would be much appreciated, thank you

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by SYSTEM on MININT-S29BO1U on 12-10-2013 13:20:51
Running from I:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2012-08-03] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-03-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564872 2012-06-06] (Ask)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2404376 2013-10-01] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-03-03] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SearchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKU\Mcx1-SAMUEL-HP\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-04] (AVG Secure Search)
HKU\Mcx1-SAMUEL-HP\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe [1266712 2013-06-08] (AVG Secure Search)
HKU\Mcx1-SAMUEL-HP\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation) <==== ATTENTION
HKU\Samuel\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKU\Samuel\...\Run: [ManyCam] - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [2160024 2012-06-28] (ManyCam LLC)
HKU\Samuel\...\Run: [Desura] - C:\Program Files (x86)\Desura\desura.exe [2529096 2012-09-20] (Desura Pty Ltd)
HKU\Samuel\...\Run: [MilShieldSlave] - C:\Program Files (x86)\Mil Incorporated\Mil Shield\ShieldWorker.exe [1860608 2012-12-11] ()
HKU\Samuel\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\Samuel\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968 2013-06-21] (Skype Technologies S.A.)
HKU\Samuel\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)
HKU\Samuel\...\Run: [Google Update] - C:\Users\Samuel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-02] (Google Inc.)
HKU\Samuel\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\Samuel\...\Run: [ConduitFloatingPlugin_mmlkabjddkpgkgfhdhpimhcbonapngoh] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3227981\plugins\TBVerifier.dll",RunConduitFloatingPlugin mmlkabjddkpgkgfhdhpimhcbonapngoh
HKU\Samuel\...\Run: [SearchProtect] - C:\Users\Samuel\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
HKU\Samuel\...\Run: [Browser Infrastructure Helper] - C:\Users\Samuel\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] (Smartbar)
AppInit_DLLs-x32: c:\progra~2\saveas\sprote~1.dll [1050112 2013-01-24] ()

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-03-21] (Advanced Micro Devices, Inc.)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-03-03] (Kaspersky Lab ZAO)
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [97056 2013-05-07] (Conduit)
S2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
S2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [754048 2013-10-04] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.287\McCHSvc.exe [234776 2012-09-11] (McAfee, Inc.)
S2 MilShieldCleaner; C:\Program Files (x86)\Mil Incorporated\Mil Shield\ShieldService.exe [1187840 2012-12-11] ()
S2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [223088 2011-04-26] ()
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
S2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-01] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31872 2012-02-02] (Advanced Micro Devices, Inc.)
S2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [189760 2012-02-05] (AppEx Networks Corporation)
S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-01] (AVG Technologies)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-05] (DT Soft Ltd)
S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2013-03-03] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2013-03-03] (Kaspersky Lab)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2013-03-03] (Kaspersky Lab)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2013-03-03] (Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178008 2012-08-13] (Kaspersky Lab)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-10] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-03-01] (Synaptics Incorporated)
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [x]
S5 klflt; C:\Windows\System32\Drivers\klflt.sys [89432 2012-08-13] (Kaspersky Lab)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-12 13:20 - 2013-10-12 13:20 - 00000000 ____D C:\FRST
2013-10-07 18:07 - 2013-10-07 18:07 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-07 18:07 - 2013-10-07 18:07 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-06 16:30 - 2013-10-06 16:30 - 00784832 _____ (Google Inc.) C:\Users\Samuel\Downloads\googledrivesync.exe
2013-10-05 18:34 - 2013-10-05 18:34 - 01068747 _____ C:\Users\Samuel\Downloads\Economics Game.pptx
2013-10-05 17:14 - 2013-10-05 17:14 - 01324544 _____ C:\Users\Samuel\Downloads\falk-pptgame.ppt
2013-10-05 16:56 - 2013-10-05 16:56 - 01419264 _____ C:\Users\Samuel\Downloads\Jeopardy (1).ppt
2013-10-05 16:56 - 2013-10-05 16:56 - 01417216 _____ C:\Users\Samuel\Downloads\Jeopardy.ppt
2013-10-04 16:38 - 2013-10-04 16:38 - 00000000 ____D C:\Users\Samuel\AppData\Roaming\PerformerSoft
2013-10-04 16:38 - 2013-06-19 11:58 - 00019456 _____ (PerformerSoft LLC) C:\Windows\System32\roboot64.exe
2013-10-04 16:37 - 2013-10-04 16:37 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-10-04 16:36 - 2013-10-04 16:36 - 00000000 ____D C:\Users\Samuel\AppData\Local\Conduit
2013-10-04 16:36 - 2013-10-04 16:36 - 00000000 ____D C:\ProgramData\Conduit
2013-10-04 16:36 - 2013-10-04 16:36 - 00000000 ____D C:\Program Files (x86)\appbario7
2013-10-04 16:35 - 2013-10-04 16:41 - 00000000 ____D C:\Users\Samuel\AppData\Roaming\SearchProtect
2013-10-04 16:35 - 2013-10-04 16:36 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-10-04 16:33 - 2013-10-04 16:33 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-10-04 16:32 - 2013-10-05 08:43 - 00000000 ____D C:\Users\Samuel\AppData\Local\Smartbar
2013-10-04 16:32 - 2013-10-04 17:15 - 00000000 ____D C:\Users\Samuel\AppData\Roaming\Audacity
2013-10-04 16:31 - 2013-10-04 16:31 - 00001007 _____ C:\Users\Samuel\Desktop\Audacity.lnk
2013-10-04 16:31 - 2013-10-04 16:31 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-10-04 16:14 - 2013-10-04 19:54 - 00000000 ____D C:\Users\Samuel\Desktop\escritorio 5
2013-10-04 16:14 - 2013-10-04 16:14 - 00400712 _____ (Softonic ) C:\Users\Samuel\Downloads\SoftonicDownloader_for_audacity.exe
2013-10-01 07:20 - 2013-10-12 12:21 - 00000000 ____D C:\969fbed240fad9cba8db724f1fa00d
2013-09-30 16:06 - 2013-09-30 16:06 - 00000000 ____D C:\ProgramData\Oracle
2013-09-30 16:05 - 2013-09-30 16:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-30 16:05 - 2013-09-30 16:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-30 16:05 - 2013-09-30 16:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-30 16:05 - 2013-09-30 16:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-30 16:05 - 2013-09-30 16:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-30 16:02 - 2013-09-30 16:02 - 00913832 _____ (Oracle Corporation) C:\Users\Samuel\Downloads\chromeinstall-7u40.exe
2013-09-25 08:53 - 2013-09-25 08:53 - 02592256 _____ C:\Users\Samuel\Downloads\LandformPracticeSusanCox.ppt
2013-09-25 08:51 - 2013-09-25 08:51 - 00169984 _____ C:\Users\Samuel\Downloads\LandformPractice(2) (2).ppt
2013-09-25 08:50 - 2013-09-25 08:50 - 00167936 _____ C:\Users\Samuel\Downloads\LandformPractice(2).ppt
2013-09-25 08:50 - 2013-09-25 08:50 - 00167936 _____ C:\Users\Samuel\Downloads\LandformPractice(2) (1).ppt
2013-09-12 03:43 - 2013-08-09 21:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-09-12 03:43 - 2013-08-09 21:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-09-12 03:43 - 2013-08-09 21:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-09-12 03:43 - 2013-08-09 21:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-09-12 03:43 - 2013-08-09 21:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-09-12 03:43 - 2013-08-09 21:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-09-12 03:43 - 2013-08-09 21:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-09-12 03:43 - 2013-08-09 19:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 03:43 - 2013-08-09 19:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 03:43 - 2013-08-09 19:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 03:43 - 2013-08-09 19:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-09-12 03:43 - 2013-08-09 19:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 03:43 - 2013-08-09 18:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-12 03:43 - 2013-08-09 18:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

==================== One Month Modified Files and Folders =======

2013-10-12 13:20 - 2013-10-12 13:20 - 00000000 ____D C:\FRST
2013-10-12 12:23 - 2012-10-27 10:42 - 00000000 ____D C:\users\Mcx1-SAMUEL-HP
2013-10-12 12:23 - 2012-08-02 14:14 - 00000000 ____D C:\users\Samuel
2013-10-12 12:23 - 2012-04-19 17:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-10-12 12:23 - 2012-04-19 17:00 - 00000000 ____D C:\Windows\System32\Macromed
2013-10-12 12:22 - 2013-03-14 00:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-12 12:22 - 2013-03-14 00:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-12 12:22 - 2012-09-18 00:23 - 00000000 ____D C:\ProgramData\AVG Secure Search
2013-10-12 12:22 - 2012-06-28 08:58 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-10-12 12:22 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-12 12:21 - 2013-10-01 07:20 - 00000000 ____D C:\969fbed240fad9cba8db724f1fa00d
2013-10-12 12:21 - 2012-10-26 08:01 - 00000000 ____D C:\Program Files (x86)\HP SimplePass
2013-10-12 12:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-10-12 12:18 - 2012-08-02 12:34 - 00000000 ____D C:\Users\Samuel\AppData\Roaming\Skype
2013-10-12 12:17 - 2013-03-03 21:01 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-12 12:17 - 2012-08-12 14:44 - 00000000 __RHD C:\MSOCache
2013-10-12 11:59 - 2012-06-28 09:31 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-10-11 20:12 - 2012-08-02 13:03 - 00000000 ____D C:\Users\Samuel\AppData\Local\CrashDumps
2013-10-11 06:19 - 2013-08-14 21:53 - 00000000 ____D C:\Windows\System32\MRT
2013-10-08 08:18 - 2012-09-26 09:26 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-10-08 03:39 - 2013-03-28 05:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-08 03:39 - 2012-08-02 14:14 - 01445012 _____ C:\Windows\WindowsUpdate.log
2013-10-08 03:39 - 2012-08-02 12:22 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-652911422-3802200655-451026672-1002UA.job
2013-10-08 03:27 - 2012-04-19 17:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-07 19:24 - 2012-08-02 12:19 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{35CCFDA3-631F-408E-83E6-14BA8C43036F}
2013-10-07 18:07 - 2013-10-07 18:07 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-07 18:07 - 2013-10-07 18:07 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-07 14:39 - 2013-03-28 05:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-07 14:39 - 2012-08-02 12:22 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-652911422-3802200655-451026672-1002Core.job
2013-10-07 11:33 - 2009-07-13 20:45 - 00031472 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-07 11:33 - 2009-07-13 20:45 - 00031472 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-06 23:17 - 2012-08-09 11:04 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-06 16:30 - 2013-10-06 16:30 - 00784832 _____ (Google Inc.) C:\Users\Samuel\Downloads\googledrivesync.exe
2013-10-06 08:46 - 2012-12-13 07:20 - 00031776 _____ C:\Windows\setupact.log
2013-10-05 18:34 - 2013-10-05 18:34 - 01068747 _____ C:\Users\Samuel\Downloads\Economics Game.pptx
2013-10-05 17:14 - 2013-10-05 17:14 - 01324544 _____ C:\Users\Samuel\Downloads\falk-pptgame.ppt
2013-10-05 16:56 - 2013-10-05 16:56 - 01419264 _____ C:\Users\Samuel\Downloads\Jeopardy (1).ppt
2013-10-05 16:56 - 2013-10-05 16:56 - 01417216 _____ C:\Users\Samuel\Downloads\Jeopardy.ppt
2013-10-05 08:43 - 2013-10-04 16:32 - 00000000 ____D C:\Users\Samuel\AppData\Local\Smartbar
2013-10-05 05:45 - 2012-08-02 13:21 - 00000000 ____D C:\Users\Samuel\Documents\Youcam
2013-10-04 19:54 - 2013-10-04 16:14 - 00000000 ____D C:\Users\Samuel\Desktop\escritorio 5
2013-10-04 19:36 - 2012-08-11 00:04 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSamuel
2013-10-04 19:36 - 2012-08-11 00:04 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForSamuel.job
2013-10-04 19:13 - 2013-04-30 23:16 - 00000000 ____D C:\Users\Samuel\Desktop\NUEVAS IMAGENES
2013-10-04 17:15 - 2013-10-04 16:32 - 00000000 ____D C:\Users\Samuel\AppData\Roaming\Audacity
2013-10-04 16:41 - 2013-10-04 16:35 - 00000000 ____D C:\Users\Samuel\AppData\Roaming\SearchProtect
2013-10-04 16:38 - 2013-10-04 16:38 - 00000000 ____D C:\Users\Samuel\AppData\Roaming\PerformerSoft
2013-10-04 16:37 - 2013-10-04 16:37 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-10-04 16:37 - 2012-09-20 15:11 - 00000009 _____ C:\END
2013-10-04 16:36 - 2013-10-04 16:36 - 00000000 ____D C:\Users\Samuel\AppData\Local\Conduit
2013-10-04 16:36 - 2013-10-04 16:36 - 00000000 ____D C:\ProgramData\Conduit
2013-10-04 16:36 - 2013-10-04 16:36 - 00000000 ____D C:\Program Files (x86)\appbario7
2013-10-04 16:36 - 2013-10-04 16:35 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-10-04 16:35 - 2012-09-20 15:10 - 00000000 ____D C:\Users\Samuel\AppData\Local\CRE
2013-10-04 16:33 - 2013-10-04 16:33 - 00000000 ____D C:\ProgramData\IBUpdaterService
2013-10-04 16:31 - 2013-10-04 16:31 - 00001007 _____ C:\Users\Samuel\Desktop\Audacity.lnk
2013-10-04 16:31 - 2013-10-04 16:31 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-10-04 16:14 - 2013-10-04 16:14 - 00400712 _____ (Softonic ) C:\Users\Samuel\Downloads\SoftonicDownloader_for_audacity.exe
2013-10-04 08:09 - 2012-12-07 08:16 - 00000000 _____ C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-04 08:09 - 2012-08-03 09:22 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-10-01 14:30 - 2012-09-18 00:22 - 00046368 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-10-01 14:30 - 2012-09-18 00:22 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2013-09-30 16:06 - 2013-09-30 16:06 - 00000000 ____D C:\ProgramData\Oracle
2013-09-30 16:05 - 2013-09-30 16:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-30 16:05 - 2013-09-30 16:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-30 16:05 - 2013-09-30 16:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-30 16:05 - 2013-09-30 16:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-30 16:05 - 2013-09-30 16:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-30 16:05 - 2013-04-04 22:03 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-30 16:05 - 2013-04-04 22:03 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-30 16:02 - 2013-09-30 16:02 - 00913832 _____ (Oracle Corporation) C:\Users\Samuel\Downloads\chromeinstall-7u40.exe
2013-09-30 14:03 - 2012-09-18 00:24 - 00000000 ____D C:\Users\Samuel\AppData\Local\LogMeIn Hamachi
2013-09-30 13:38 - 2013-08-15 09:41 - 00003316 _____ C:\Windows\System32\Tasks\gg_uac_daemon_Samuel
2013-09-30 13:38 - 2012-12-11 00:26 - 00000032 _____ C:\Windows\vb_mconf.ini
2013-09-30 13:38 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-30 11:19 - 2010-11-20 19:47 - 00680986 _____ C:\Windows\PFRO.log
2013-09-25 08:53 - 2013-09-25 08:53 - 02592256 _____ C:\Users\Samuel\Downloads\LandformPracticeSusanCox.ppt
2013-09-25 08:51 - 2013-09-25 08:51 - 00169984 _____ C:\Users\Samuel\Downloads\LandformPractice(2) (2).ppt
2013-09-25 08:50 - 2013-09-25 08:50 - 00167936 _____ C:\Users\Samuel\Downloads\LandformPractice(2).ppt
2013-09-25 08:50 - 2013-09-25 08:50 - 00167936 _____ C:\Users\Samuel\Downloads\LandformPractice(2) (1).ppt
2013-09-19 17:31 - 2012-04-19 17:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 17:31 - 2012-04-19 17:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-19 17:31 - 2012-04-19 17:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-18 17:30 - 2009-07-13 21:13 - 00778834 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-18 11:08 - 2013-08-22 14:30 - 00000000 ____D C:\Users\Samuel\Desktop\School Stuff
2013-09-12 15:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 14:31 - 2009-07-13 21:08 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-12 04:02 - 2009-07-13 20:45 - 00416688 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-12 03:40 - 2012-08-12 14:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 03:40 - 2012-08-07 23:12 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\uninstaller.exe


Some content of TEMP:
====================
C:\Users\Samuel\AppData\Local\Temp\nsb9571.exe
C:\Users\Samuel\AppData\Local\Temp\nsv541A.exe
C:\Users\Samuel\AppData\Local\Temp\PCPSetup-8-.exe
C:\Users\Samuel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Samuel\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Samuel\AppData\Local\Temp\SPStub.exe


==================== Known DLLs (Whitelisted) ================

C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION!

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

7
Restore point made on: 2013-09-30 11:30:00
Restore point made on: 2013-09-30 16:04:19
Restore point made on: 2013-10-04 04:46:41
Restore point made on: 2013-10-08 03:40:07
Restore point made on: 2013-10-11 06:11:22
Restore point made on: 2013-10-11 07:40:38
Restore point made on: 2013-10-11 07:41:18

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 5609.37 MB
Available physical RAM: 4789.64 MB
Total Pagefile: 5607.52 MB
Available Pagefile: 4780.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:576.32 GB) (Free:348.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Recovery) (Fixed) (Total:19.55 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
Drive h: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
Drive i: (LEIGHANA'S) (Removable) (Total:14.91 GB) (Free:6.85 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 1EF827A5)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=576 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 000E760D)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0B)


LastRegBack: 2013-10-01 07:21

==================== End Of Log ============================

Attached Files

  • Attached File  FRST.txt   27.69KB   169 downloads

  • 0

Advertisements

#2
emeraldnzl
Posted 13 October 2013 - 04:01 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello samespinoza,

Welcome to Geekstogo.

Please download the attached fixlist.txt file to your flashdrive .

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Next

1.Open an elevated command prompt. To do this, go to Start > All Programs > Accessories right-click Command Prompt and click Run as administrator. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
2.At the command prompt, type the following command, and then press ENTER:

sfc /scannow

Note the space... it should be there.

The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions.

Finally in this post

Please run another scan with FRST and post the scan result back here.

So when you return please post
  • Fixlog.txt
  • FRST.txt
  • 0

#3
emeraldnzl
Posted 03 November 2013 - 09:26 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP