Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

help creating fixlist text file [Closed]

Started by thewriter30 , May 31 2015 06:04 AM

  • This topic is locked This topic is locked

#1
thewriter30
Posted 31 May 2015 - 06:04 AM

thewriter30

    New Member

  • Member
  • Pip
  • 1 posts
hi
I attached my
I have no idea how to create fixlist.txt
 
my windows 7 only works in recovery mode... if not black screen

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by SYSTEM on MININT-SBICBFS on 31-05-2015 21:00:16
Running from J:\
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => "G:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\...\Run: [AthBtTray] => "G:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-13] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2020952 2015-05-04] (Trend Micro Inc.)
HKLM\...\Run: [Samsung Link] => "G:\Program Files (x86)\Samsung Link\Samsung Link Tray Agent.exe"
HKLM-x32\...\Run: [Ttesports] => g:\Program Files (x86)\Ttesports\MEKA G UNIT\MEKA G Unit HID.exe
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-08-23] (Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-07] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => G:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [BCSSync] => "H:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-29] (Hewlett-Packard)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-22] (Affinegy, Inc.)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2015-03-16] (Microsoft Corporation)
HKU\hernan\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-16] (Hewlett-Packard Co.)
HKU\hernan\...\Run: [GoogleChromeAutoLaunch_45E24D13F95E468BB10DE9D155D4B27B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\hernan\...\Run: [OfficeSyncProcess] => "H:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\hernan\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-13] (Microsoft Corporation)
HKU\Invitados\...\RunOnce: [Adobe Speed Launcher] => 1421637374
Startup: C:\Users\hernan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-19]
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\hernan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk [2014-02-16]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\hernan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014-05-23]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> H:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-22] (Affinegy, Inc.)
S2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-20] (Samsung)
S2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-18] ()
S2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-08] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-10] (Hewlett-Packard Company)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
S2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-02-17] ()
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-02-17] ()
S2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [333848 2015-05-04] (Trend Micro Inc.)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
S2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-19] (Microsoft Corporation)
S2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-19] (Microsoft Corporation)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S4 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1772056 2014-02-16] (AVG Secure Search)
S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]
S3 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [X]
S3 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [X]
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [X]
S2 AtherosSvc; G:\Program Files (x86)\Bluetooth Suite\adminservice.exe [X]
S3 CVPND; "G:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe" [X]
S2 MBAMService; "h:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [X]
S3 Microsoft SharePoint Workspace Audit Service; "H:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice [X]
S2 NvNetworkService; "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" [X]
S2 OracleMTSRecoveryService; \bin\OMTSRECO.EXE OracleMTSRecoveryService [X]
S3 Origin Client Service; "H:\Program Files (x86)\Origin\OriginClientService.exe" [X]
S2 Samsung Link Service; "G:\Program Files (x86)\Samsung Link\Samsung Link.exe" [X]
S3 SandraAgentSrv; h:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011\RpcAgentSrv.exe [X]
S2 SkypeUpdate; "G:\Program Files (x86)\Skype\Updater\Updater.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-07] (ASUSTek Computer Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-02-16] (AVG Technologies)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [38400 2011-02-08] (CSR plc.)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-22] ()
S2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-10-15] (Intel Corporation)
S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2015-01-29] (Trend Micro Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-13] (Malwarebytes Corporation)
S3 MK1FLTR; C:\Windows\System32\Drivers\MK1FLTR.sys [31104 2011-04-23] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-06] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-06] ()
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
S1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
S3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-21] (silex technology, Inc.)
S1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)
S0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)
S0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
S2 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
S1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)
S2 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
S2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [411648 2011-01-20] (10Moons Technologies Co.,Ltd)
S3 UDXTTM6010; C:\Windows\System32\Drivers\UDXTTM6010.sys [668288 2008-04-30] ()
S3 UDXTTM6010HID; C:\Windows\System32\drivers\UDXTTM6010HID.sys [21504 2007-02-22] (DTV-DVB)
S3 WinRing0_1_2_0; C:\Users\hernan\Desktop\Test\RealTemp_340\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S3 SANDRA; \??\h:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2011\WNt500x64\Sandra.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S2 TMAgent; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 20:54 - 2015-05-31 21:00 - 00000000 ____D () C:\FRST
2015-05-30 21:15 - 2015-05-30 21:15 - 00003344 ____N () C:\bootsqm.dat
2015-05-30 06:01 - 2015-05-30 06:01 - 00000729 _____ () C:\Users\Rosario\Desktop\WinDirStat.lnk
2015-05-30 06:01 - 2015-05-30 06:01 - 00000729 _____ () C:\Users\Invitados\Desktop\WinDirStat.lnk
2015-05-30 06:01 - 2015-05-30 06:01 - 00000729 _____ () C:\Users\hernan\Desktop\WinDirStat.lnk
2015-05-23 03:34 - 2015-05-23 03:34 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-22 09:01 - 2015-05-22 09:01 - 00262144 _____ () C:\Windows\Minidump\052415-11700-01.dmp
2015-05-22 05:52 - 2008-07-11 14:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-22 05:52 - 2008-07-11 14:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-05-22 05:52 - 2008-07-11 14:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-05-22 05:51 - 2015-05-22 05:51 - 00001503 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2015-05-22 05:45 - 2015-05-22 05:52 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Riot Games
2015-05-20 21:08 - 2015-05-20 21:08 - 00000000 ____D () C:\Download
2015-05-20 21:07 - 2015-05-20 21:07 - 00002034 _____ () C:\Users\Public\Desktop\Samsung AllShare.lnk
2015-05-20 21:07 - 2015-05-20 21:07 - 00000000 ____D () C:\AllShare
2015-05-19 03:31 - 2015-05-19 03:31 - 00000000 __RDL () C:\Users\hernan\dropbox
2015-05-19 03:25 - 2015-05-23 03:43 - 00001025 _____ () C:\Users\hernan\Desktop\Dropbox.lnk
2015-05-19 02:22 - 2015-05-19 02:22 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-05-19 02:22 - 2012-06-09 09:21 - 00178688 _____ () C:\Windows\SysWOW64\unrar.dll
2015-05-19 00:34 - 2015-05-19 02:21 - 00001154 _____ () C:\Users\hernan\Desktop\Samsung Link [email protected]
2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Users\hernan\Samsung Link
2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Users\hernan\.swt
2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Upload
2015-05-19 00:34 - 2015-05-19 00:34 - 00000000 ____D () C:\Program Files\Samsung
2015-05-17 06:12 - 2015-05-17 06:12 - 00000961 _____ () C:\Users\Public\Desktop\Xilisoft YouTube Video Converter.lnk
2015-05-15 04:44 - 2015-05-15 04:44 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\PFStaticIP
2015-05-15 04:39 - 2015-05-15 05:27 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\PortForward.com

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 15:00 - 2015-04-04 08:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-31 15:00 - 2015-04-04 08:00 - 00000000 ___SD () C:\Windows\System32\GWX
2015-05-31 15:00 - 2014-02-18 01:57 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\BitTorrent
2015-05-31 15:00 - 2009-07-13 23:46 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-31 15:00 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\AdvancedInstallers
2015-05-31 15:00 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2015-05-31 15:00 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-31 02:16 - 2009-07-13 21:13 - 00823040 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-05-31 02:08 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-31 02:08 - 2009-07-13 20:51 - 00102752 _____ () C:\Windows\setupact.log
2015-05-30 23:34 - 2009-07-13 20:45 - 00006144 _____ () C:\Windows\System32\umstartup.etl
2015-05-30 21:23 - 2009-07-13 20:45 - 00013440 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-30 21:23 - 2009-07-13 20:45 - 00013440 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 21:19 - 2014-02-15 22:15 - 02084840 _____ () C:\Windows\WindowsUpdate.log
2015-05-30 19:27 - 2014-08-27 16:10 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1493236807-3844070063-1385112149-1000.job
2015-05-30 19:27 - 2014-02-16 00:24 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 19:04 - 2015-02-02 00:32 - 00000000 ____D () C:\Program Files\WinRAR
2015-05-30 18:55 - 2015-04-02 18:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-30 06:27 - 2014-02-16 00:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 05:57 - 2014-02-15 22:19 - 00000000 ____D () C:\users\hernan
2015-05-30 05:20 - 2014-02-18 00:47 - 00000000 ____D () C:\Windows\Minidump
2015-05-30 05:12 - 2014-02-18 03:19 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\vlc
2015-05-30 04:39 - 2014-02-17 05:45 - 00000000 ____D () C:\Users\hernan\AppData\Local\CrashDumps
2015-05-29 06:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2015-05-29 04:37 - 2015-01-13 05:27 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Dropbox
2015-05-29 04:34 - 2014-02-16 04:07 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Skype
2015-05-29 01:49 - 2014-05-15 02:40 - 00007610 _____ () C:\Users\hernan\AppData\Local\resmon.resmoncfg
2015-05-28 22:16 - 2015-04-15 19:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-05-28 18:40 - 2014-02-15 22:43 - 00112440 _____ () C:\Users\hernan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-28 18:40 - 2009-07-13 20:45 - 00414568 _____ () C:\Windows\System32\FNTCACHE.DAT
2015-05-28 05:53 - 2014-02-18 00:52 - 00000000 ____D () C:\Users\hernan\AppData\Local\Microsoft Help
2015-05-24 03:09 - 2014-02-16 02:28 - 03289482 _____ () C:\Windows\PFRO.log
2015-05-23 21:32 - 2014-02-18 00:21 - 00000000 _____ () C:\Windows\System32\Drivers\lvuvc.hs
2015-05-23 02:41 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-22 04:38 - 2015-04-21 02:16 - 00000000 ____D () C:\Users\hernan\AppData\Local\Windows Live
2015-05-20 21:07 - 2015-04-17 16:24 - 00000000 ____D () C:\Users\hernan\AppData\Roaming\Samsung
2015-05-20 21:07 - 2015-04-17 16:20 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-05-20 21:07 - 2014-02-15 23:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-20 21:06 - 2015-04-17 16:19 - 00000000 ____D () C:\Users\hernan\AppData\Local\Downloaded Installations
2015-05-19 05:08 - 2015-04-15 19:08 - 00000821 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-17 05:43 - 2014-08-26 03:03 - 00000000 ____D () C:\Users\hernan\AppData\Local\Adobe
2015-05-17 04:57 - 2015-04-02 18:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-17 04:57 - 2014-02-16 00:42 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-17 04:57 - 2014-02-16 00:42 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-16 06:22 - 2014-02-16 00:24 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 06:22 - 2014-02-16 00:24 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 02:06 - 2014-08-13 18:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 02:06 - 2014-08-13 18:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 06:12 - 2014-02-16 04:31 - 00000000 ____D () C:\Windows\System32\MRT
2015-05-13 06:08 - 2014-02-16 04:31 - 140425016 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe

Some files in TEMP:
====================
C:\Users\hernan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmlyo6z.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 6%
Total physical RAM: 16351.15 MB
Available physical RAM: 15209.75 MB
Total Pagefile: 16349.3 MB
Available Pagefile: 15210.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (SSD-C) (Fixed) (Total:60.42 GB) (Free:3.91 GB) NTFS
Drive d: (SSD-F) (Fixed) (Total:58.59 GB) (Free:47.16 GB) NTFS
Drive e: (D) (Fixed) (Total:298.09 GB) (Free:93.48 GB) NTFS
Drive f: (G) (Fixed) (Total:465.76 GB) (Free:251.35 GB) NTFS
Drive g: () (Fixed) (Total:298.08 GB) (Free:200.27 GB) NTFS
Drive i: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
Drive j: (NANO) (Removable) (Total:1.92 GB) (Free:1.89 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: BF7A04F7)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 69737369)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 298.1 GB) (Disk ID: 02C902C8)

Partition: GPT Partition Type.

========================================================
Disk: 4 (Size: 1.9 GB) (Disk ID: 86535F3E)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)


LastRegBack: 2015-05-23 09:29

==================== End of log ============================

Attached Files

  • Attached File  FRST.TXT   22.68KB   215 downloads

  • 0

Advertisements

#2
Essexboy
Posted 01 June 2015 - 08:11 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I can see nothing apparent at this stage, what happened prior to this ? Are you able to boot into safe mode ?
  • 0

#3
Essexboy
Posted 04 June 2015 - 07:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP