Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows Antivirus somehow de-activated resulting in infection

infection antivirus de-activated

  • Please log in to reply

#106
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Wow! It's gone berserk! Couldn't paste into FRST because it says New update found please wait. Then it flashed to: Update completed The tool is ready to use. Non-stop, hundreds of times. I can't turn it off. Gonna have to just power off at the power button. Thank you.


  • 0

Advertisements


#107
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Control Alt Delete and select Task Manager and you should be able to kill it if you are fast.  Guess the last update has a flaw.  Will report it to Farber.


  • 0

#108
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Farber says he has fixed the problem.  Tried it on mine and it no longer loops so try again.


  • 0

#109
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Brilliant. Thank you very much.

Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by David Jackson (13-10-2019 08:31:24)
Running from C:\Users\David Jackson\Desktop
Boot Mode: Normal
 
================== Search Files: "user32.dll;win32u.dll;gdi32.dll;gdi32full.dll;gdi32full.dll;uxtheme.dll;clbcatq.dll;R000000000001.clb;rpcss.dll;wrpintapi.dll" =============
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_18f6e5fe609ff932\win32u.dll
[2019-10-04 19:14][2019-10-04 19:14] 000089544 _____ (Microsoft Corporation) 65118C76385BE74DAB6F0A176E93764D [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_18f6e5fe609ff932\r\win32u.dll
[2019-10-04 18:52][2019-09-30 20:42] 000002708 _____ () 0D4663A89D421707D8E0273044BC5476 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_18f6e5fe609ff932\f\win32u.dll
[2019-10-04 18:52][2019-09-30 20:42] 000002876 _____ () E61C703FD068D217FC2C875E8570A15B [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.356_none_1916557860888c08\win32u.dll
[2019-09-12 19:27][2019-09-12 19:27] 000089328 _____ (Microsoft Corporation) 6653EE0DBBEF4490249C73A5B9415A3C [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.356_none_1916557860888c08\r\win32u.dll
[2019-09-12 19:14][2019-09-08 17:40] 000002519 _____ () 5A7B257F888C78FFE278F0EC71D30EBE [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.356_none_1916557860888c08\f\win32u.dll
[2019-09-12 19:14][2019-09-08 17:40] 000002529 _____ () 28F4AB4BF763E9FCDEA00F57E2D51605 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.295_none_18ea139860a9e54e\win32u.dll
[2019-08-26 09:26][2019-08-26 09:26] 000089328 _____ (Microsoft Corporation) 93DBB234433E92F9E6CD9D26E4790E92 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.295_none_18ea139860a9e54e\r\win32u.dll
[2019-08-26 09:26][2019-08-26 09:26] 000002577 _____ () 50177D7C28AB1A2DAC85255BF46E052A [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.295_none_18ea139860a9e54e\f\win32u.dll
[2019-08-26 09:26][2019-08-26 09:26] 000002590 _____ () 06BF06699009374DA8CE5FA86B6BA849 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_05e80717cca8ca84\uxtheme.dll
[2019-10-04 19:14][2019-10-04 19:14] 000476672 _____ (Microsoft Corporation) 21E4625D82915B672EC808319F832EE7 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_05e80717cca8ca84\r\uxtheme.dll
[2019-10-04 18:52][2019-09-30 20:41] 000000189 _____ () D05F2D8FAAC9B6A29F93C1DC28414F8B [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_05e80717cca8ca84\f\uxtheme.dll
[2019-10-04 18:52][2019-09-30 20:41] 000000194 _____ () FCBBD3B63CC7DA23A3522B18172DBCBB [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.329_none_062ae733cc76558c\uxtheme.dll
[2019-09-12 19:27][2019-09-12 19:27] 000476672 _____ (Microsoft Corporation) 8CEE7B05072FC1CE146CF945D7BC5DF3 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.329_none_062ae733cc76558c\r\uxtheme.dll
[2019-09-12 19:14][2019-09-08 17:39] 000000189 _____ () D05F2D8FAAC9B6A29F93C1DC28414F8B [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.329_none_062ae733cc76558c\f\uxtheme.dll
[2019-09-12 19:14][2019-09-08 17:39] 000000194 _____ () 085B61A1ABEE727CABAC95351C065FBA [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.1_none_8296b521b828cbed\uxtheme.dll
[2019-03-19 06:45][2019-03-19 06:45] 000476672 _____ (Microsoft Corporation) 35DBBC0752636C8165ECE4CD9E8B1237 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.418_none_2d888a29333c018b\user32.dll
[2019-10-09 15:34][2019-10-09 15:34] 001664928 _____ (Microsoft Corporation) 4FAE44C596DABF42F1D7093D7B39A426 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.418_none_2d888a29333c018b\r\user32.dll
[2019-10-09 15:16][2019-10-06 23:36] 000036639 _____ () 0EB3FB8E67BF0D9A4609ED6D11C255AE [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.418_none_2d888a29333c018b\f\user32.dll
[2019-10-09 15:16][2019-10-06 23:36] 000038220 _____ () BE2D6CAAAFF7F8DC64D5182230BA6676 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_2d5176773365799b\user32.dll
[2019-08-26 09:26][2019-08-26 09:26] 001661544 _____ (Microsoft Corporation) 13EF48D0755A489F5BED67BFD5E145A0 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_2d5176773365799b\r\user32.dll
[2019-08-26 09:26][2019-08-26 09:26] 000003193 _____ () 407F6644BFB3C7764DC3C897ABB51983 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_2d5176773365799b\f\user32.dll
[2019-08-26 09:26][2019-08-26 09:26] 000003177 _____ () CFC98854C0B0FD1573606B90F373F6F1 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-gdi32_31bf3856ad364e35_10.0.18362.1_none_3630c449faeabc46\gdi32.dll
[2019-03-19 06:45][2019-03-19 06:45] 000127552 _____ (Microsoft Corporation) 4E7FBE38E5A7B6054DC7C33C62B87651 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_b60e4f2ded44b98c\gdi32full.dll
[2019-09-12 19:28][2019-09-12 19:28] 001413624 _____ (Microsoft Corporation) C94DD83D7DD5A1497E09CE9B362AE549 [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_b60e4f2ded44b98c\r\gdi32full.dll
[2019-09-12 19:16][2019-09-08 17:41] 000037300 _____ () 4EE5A67646BC68696282C215E6002450 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_b60e4f2ded44b98c\f\gdi32full.dll
[2019-09-12 19:16][2019-09-08 17:41] 000036477 _____ () 0BC523A1675E83DB0407298AAE548414 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.295_none_b5e20d4ded6612d2\gdi32full.dll
[2019-08-26 09:27][2019-08-26 09:27] 001413328 _____ (Microsoft Corporation) 21A28552F97047A96578B0C4D784775B [File is digitally signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.295_none_b5e20d4ded6612d2\r\gdi32full.dll
[2019-08-26 09:26][2019-08-26 09:26] 000037312 _____ () EEDC4DDDEEC17B320EBC938A18357B91 [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.295_none_b5e20d4ded6612d2\f\gdi32full.dll
[2019-08-26 09:26][2019-08-26 09:26] 000036696 _____ () 69599F826A19D1B0EC3AFEFFD3DB802E [File not signed]
 
C:\Windows\WinSxS\wow64_microsoft-windows-c..complus-runtime-qfe_31bf3856ad364e35_10.0.18362.1_none_481548cf2a2803b4\clbcatq.dll
[2019-03-19 06:45][2019-03-19 06:45] 000512304 _____ (Microsoft Corporation) 1B3B5CB4A08EAB184CC704A678B80A46 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-wrp-integrity-api_31bf3856ad364e35_10.0.18362.1_none_db162ae2571eaff0\wrpintapi.dll
[2019-03-19 06:44][2019-03-19 06:44] 000013824 _____ (Microsoft Corporation) C635FEDB960E06580AE3F58C5A5C7FC9 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_0ea23bac2c3f3737\win32u.dll
[2019-10-04 19:11][2019-10-04 19:11] 000127064 _____ (Microsoft Corporation) 1F5B62F43DDD3ECA0C2E58C89912754A [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_0ea23bac2c3f3737\r\win32u.dll
[2019-10-04 18:52][2019-09-30 20:41] 000002859 _____ () 0B32F150B40B6E966DB83D5DF2F97541 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_0ea23bac2c3f3737\f\win32u.dll
[2019-10-04 18:52][2019-09-30 20:41] 000002706 _____ () B185267783A93B14E82957668CB5DE22 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.356_none_0ec1ab262c27ca0d\win32u.dll
[2019-09-12 19:26][2019-09-12 19:26] 000127064 _____ (Microsoft Corporation) A37A15F5A8EDAA8E66100C7E57540C2E [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.356_none_0ec1ab262c27ca0d\r\win32u.dll
[2019-09-12 19:14][2019-09-08 17:41] 000002867 _____ () 0901EFF0536FB001D0AA6F5437FFBC4C [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.356_none_0ec1ab262c27ca0d\f\win32u.dll
[2019-09-12 19:14][2019-09-08 17:41] 000002697 _____ () D7050BEA9028D5F8E91BDDCDD650B122 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.295_none_0e9569462c492353\win32u.dll
[2019-08-26 09:25][2019-08-26 09:25] 000127280 _____ (Microsoft Corporation) 39BE0994FDBBEF39A5703E2E8A4AF70D [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.295_none_0e9569462c492353\r\win32u.dll
[2019-08-26 09:25][2019-08-26 09:25] 000002669 _____ () F2E4148729CF15E0D07E498A49042738 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.295_none_0e9569462c492353\f\win32u.dll
[2019-08-26 09:25][2019-08-26 09:25] 000002673 _____ () 14DDAFBF569971392883275C83C70432 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_fb935cc598480889\uxtheme.dll
[2019-10-04 19:12][2019-10-04 19:12] 000606208 _____ (Microsoft Corporation) 6950B2B959627486339BDCB149DB4838 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_fb935cc598480889\r\uxtheme.dll
[2019-10-04 18:52][2019-09-30 20:40] 000000188 _____ () 606A57EAFAF080EF7B836BEF3DC404F0 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_fb935cc598480889\f\uxtheme.dll
[2019-10-04 18:52][2019-09-30 20:40] 000000192 _____ () 3E3A584AACCBFCFBC45B6E43EB87F5E3 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.329_none_fbd63ce198159391\uxtheme.dll
[2019-09-12 19:27][2019-09-12 19:27] 000606208 _____ (Microsoft Corporation) 99650523D0E968FE01B7927B4B530434 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.329_none_fbd63ce198159391\r\uxtheme.dll
[2019-09-12 19:14][2019-09-08 17:40] 000000188 _____ () 606A57EAFAF080EF7B836BEF3DC404F0 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.329_none_fbd63ce198159391\f\uxtheme.dll
[2019-09-12 19:14][2019-09-08 17:40] 000000192 _____ () D30BFE84A38588BF01892789F5EB9556 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.1_none_78420acf83c809f2\uxtheme.dll
[2019-03-19 06:44][2019-03-19 06:44] 000606208 _____ (Microsoft Corporation) 0556742D0B884E434013016F3C100F68 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.418_none_2333dfd6fedb3f90\user32.dll
[2019-10-09 15:33][2019-10-09 15:33] 001656392 _____ (Microsoft Corporation) 4BDBC4CF9685010B81F74A40D40BEF9F [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.418_none_2333dfd6fedb3f90\r\user32.dll
[2019-10-09 15:16][2019-10-06 23:35] 000035902 _____ () 16CAA9B3B2D31D9E3C9C7BDE1F5813FD [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.418_none_2333dfd6fedb3f90\f\user32.dll
[2019-10-09 15:16][2019-10-06 23:35] 000037172 _____ () 75907B65D34CB333C3C7CE57BAB0A002 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_22fccc24ff04b7a0\user32.dll
[2019-08-26 09:25][2019-08-26 09:25] 001654520 _____ (Microsoft Corporation) 7728E3DDB4422490ABA0CC60A1764B93 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_22fccc24ff04b7a0\r\user32.dll
[2019-08-26 09:25][2019-08-26 09:25] 000002733 _____ () 65945B9363B7F62C04F3F5A44AB1DF65 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_22fccc24ff04b7a0\f\user32.dll
[2019-08-26 09:25][2019-08-26 09:25] 000002702 _____ () C31C0CA38F6BFFC68983B3B03BF7DEE5 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-gdi32_31bf3856ad364e35_10.0.18362.1_none_2bdc19f7c689fa4b\gdi32.dll
[2019-03-19 06:44][2019-03-19 06:44] 000147912 _____ (Microsoft Corporation) 2839609118F48DEA292084E43FAA72D8 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_abb9a4dbb8e3f791\gdi32full.dll
[2019-09-12 19:27][2019-09-12 19:27] 001647072 _____ (Microsoft Corporation) 9A74D4D7F92A41173D4A15A6A6A396E2 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_abb9a4dbb8e3f791\r\gdi32full.dll
[2019-09-12 19:16][2019-09-08 17:36] 000066693 _____ () 9F44727FF81709CAA0EC5AE7C03A7108 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_abb9a4dbb8e3f791\f\gdi32full.dll
[2019-09-12 19:16][2019-09-08 17:36] 000063482 _____ () 95D19477874EED208F9F223691010F7B [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.295_none_ab8d62fbb90550d7\gdi32full.dll
[2019-08-26 09:26][2019-08-26 09:26] 001647280 _____ (Microsoft Corporation) 20983117011FD90547D44FE1CEAC2815 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.295_none_ab8d62fbb90550d7\r\gdi32full.dll
[2019-08-26 09:26][2019-08-26 09:26] 000066113 _____ () E71C1FD796866D5BEAB7F37D1DC35CE7 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.295_none_ab8d62fbb90550d7\f\gdi32full.dll
[2019-08-26 09:26][2019-08-26 09:26] 000063248 _____ () 907375E55ECD3AE5DDFD948AF9F5879E [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-com-complus-runtime_31bf3856ad364e35_10.0.18362.1_none_2c282f0d51e9fc6a\R000000000001.clb
[2019-03-19 07:01][2019-03-19 09:12] 000022588 _____ () 108449833C397C96842158F3E200254A [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\rpcss.dll
[2019-08-26 09:25][2019-08-26 09:25] 001259008 _____ (Microsoft Corporation) 39A5C2364B79B050AA530FF4ADA168E0 [File is digitally signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\r\rpcss.dll
[2019-08-26 09:25][2019-08-26 09:25] 000060106 _____ () 7D93E63C700E81FE0CA98AD51BA7DFD9 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\f\rpcss.dll
[2019-08-26 09:25][2019-08-26 09:25] 000058599 _____ () E0482E80355E119123D16EA0A24CA1D2 [File not signed]
 
C:\Windows\WinSxS\amd64_microsoft-windows-c..complus-runtime-qfe_31bf3856ad364e35_10.0.18362.1_none_3dc09e7cf5c741b9\clbcatq.dll
[2019-03-19 06:44][2019-03-19 06:44] 000643752 _____ (Microsoft Corporation) 4B179D7C6AA9424831847BA6BACDB260 [File is digitally signed]
 
C:\Windows\SysWOW64\clbcatq.dll
[2019-03-19 06:45][2019-03-19 06:45] 000512304 _____ (Microsoft Corporation) 1B3B5CB4A08EAB184CC704A678B80A46 [File is digitally signed]
 
C:\Windows\SysWOW64\gdi32.dll
[2019-03-19 06:45][2019-03-19 06:45] 000127552 _____ (Microsoft Corporation) 4E7FBE38E5A7B6054DC7C33C62B87651 [File is digitally signed]
 
C:\Windows\SysWOW64\gdi32full.dll
[2019-09-12 19:28][2019-09-12 19:28] 001413624 _____ (Microsoft Corporation) C94DD83D7DD5A1497E09CE9B362AE549 [File is digitally signed]
 
C:\Windows\SysWOW64\user32.dll
[2019-10-09 15:34][2019-10-09 15:34] 001664928 _____ (Microsoft Corporation) 4FAE44C596DABF42F1D7093D7B39A426 [File is digitally signed]
 
C:\Windows\SysWOW64\uxtheme.dll
[2019-10-04 19:14][2019-10-04 19:14] 000476672 _____ (Microsoft Corporation) 21E4625D82915B672EC808319F832EE7 [File is digitally signed]
 
C:\Windows\SysWOW64\win32u.dll
[2019-10-04 19:14][2019-10-04 19:14] 000089544 _____ (Microsoft Corporation) 65118C76385BE74DAB6F0A176E93764D [File is digitally signed]
 
C:\Windows\System32\clbcatq.dll
[2019-03-19 06:44][2019-03-19 06:44] 000643752 _____ (Microsoft Corporation) 4B179D7C6AA9424831847BA6BACDB260 [File is digitally signed]
 
C:\Windows\System32\gdi32.dll
[2019-03-19 06:44][2019-03-19 06:44] 000147912 _____ (Microsoft Corporation) 2839609118F48DEA292084E43FAA72D8 [File is digitally signed]
 
C:\Windows\System32\gdi32full.dll
[2019-09-12 19:27][2019-09-12 19:27] 001647072 _____ (Microsoft Corporation) 9A74D4D7F92A41173D4A15A6A6A396E2 [File is digitally signed]
 
C:\Windows\System32\rpcss.dll
[2019-08-26 09:25][2019-08-26 09:25] 001259008 _____ (Microsoft Corporation) 39A5C2364B79B050AA530FF4ADA168E0 [File is digitally signed]
 
C:\Windows\System32\user32.dll
[2019-10-09 15:33][2019-10-09 15:33] 001656392 _____ (Microsoft Corporation) 4BDBC4CF9685010B81F74A40D40BEF9F [File is digitally signed]
 
C:\Windows\System32\uxtheme.dll
[2019-10-04 19:12][2019-10-04 19:12] 000606208 _____ (Microsoft Corporation) 6950B2B959627486339BDCB149DB4838 [File is digitally signed]
 
C:\Windows\System32\win32u.dll
[2019-10-04 19:11][2019-10-04 19:11] 000127064 _____ (Microsoft Corporation) 1F5B62F43DDD3ECA0C2E58C89912754A [File is digitally signed]
 
C:\Windows\servicing\wrpintapi.dll
[2019-03-19 06:44][2019-03-19 06:44] 000013824 _____ (Microsoft Corporation) C635FEDB960E06580AE3F58C5A5C7FC9 [File is digitally signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_18f6e5fe609ff932\r\win32u.dll
[2019-10-09 15:16][2019-10-06 23:37] 000002708 _____ () 0D4663A89D421707D8E0273044BC5476 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\wow64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_18f6e5fe609ff932\f\win32u.dll
[2019-10-09 15:16][2019-10-06 23:37] 000002876 _____ () E61C703FD068D217FC2C875E8570A15B [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_05e80717cca8ca84\r\uxtheme.dll
[2019-10-09 15:16][2019-10-06 23:36] 000000189 _____ () D05F2D8FAAC9B6A29F93C1DC28414F8B [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_05e80717cca8ca84\f\uxtheme.dll
[2019-10-09 15:16][2019-10-06 23:36] 000000194 _____ () FCBBD3B63CC7DA23A3522B18172DBCBB [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_b60e4f2ded44b98c\r\gdi32full.dll
[2019-10-09 15:20][2019-10-06 23:36] 000037300 _____ () 4EE5A67646BC68696282C215E6002450 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_b60e4f2ded44b98c\f\gdi32full.dll
[2019-10-09 15:20][2019-10-06 23:36] 000036477 _____ () 0BC523A1675E83DB0407298AAE548414 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_0ea23bac2c3f3737\r\win32u.dll
[2019-10-09 15:16][2019-10-06 23:36] 000002859 _____ () 0B32F150B40B6E966DB83D5DF2F97541 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-win32k_31bf3856ad364e35_10.0.18362.387_none_0ea23bac2c3f3737\f\win32u.dll
[2019-10-09 15:16][2019-10-06 23:35] 000002706 _____ () B185267783A93B14E82957668CB5DE22 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_fb935cc598480889\r\uxtheme.dll
[2019-10-09 15:16][2019-10-06 23:36] 000000188 _____ () 606A57EAFAF080EF7B836BEF3DC404F0 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_10.0.18362.387_none_fb935cc598480889\f\uxtheme.dll
[2019-10-09 15:16][2019-10-06 23:35] 000000192 _____ () 3E3A584AACCBFCFBC45B6E43EB87F5E3 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_abb9a4dbb8e3f791\r\gdi32full.dll
[2019-10-09 15:20][2019-10-06 23:31] 000066693 _____ () 9F44727FF81709CAA0EC5AE7C03A7108 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_abb9a4dbb8e3f791\f\gdi32full.dll
[2019-10-09 15:20][2019-10-06 23:31] 000063482 _____ () 95D19477874EED208F9F223691010F7B [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\r\rpcss.dll
[2019-10-09 15:17][2019-10-06 23:30] 000060106 _____ () 7D93E63C700E81FE0CA98AD51BA7DFD9 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\f\rpcss.dll
[2019-10-09 15:17][2019-10-06 23:30] 000058599 _____ () E0482E80355E119123D16EA0A24CA1D2 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.418_none_f84061b4fe389745\r\gdi32.dll
[2019-10-09 15:20][2019-10-06 23:28] 000000178 _____ () 8B9FA7CBAE407661374D405D8EC06FDE [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.418_none_f84061b4fe389745\r\user32.dll
[2019-10-09 15:16][2019-10-06 23:28] 000000184 _____ () 0144D3586DC08B5A902B1C5D8361BC91 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.418_none_f84061b4fe389745\f\gdi32.dll
[2019-10-09 15:20][2019-10-06 23:28] 000000182 _____ () FA7E6A21201531C21EDDF633FBC460F5 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.418.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.418_none_f84061b4fe389745\f\user32.dll
[2019-10-09 15:16][2019-10-06 23:28] 000000188 _____ () 9491BA8333E9AF0ADD7E4673BD4D297A [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_2d5176773365799b\r\user32.dll
[2019-10-04 18:52][2019-09-30 20:41] 000003193 _____ () 407F6644BFB3C7764DC3C897ABB51983 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_2d5176773365799b\f\user32.dll
[2019-10-04 18:52][2019-09-30 20:41] 000003177 _____ () CFC98854C0B0FD1573606B90F373F6F1 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_b60e4f2ded44b98c\r\gdi32full.dll
[2019-10-04 18:55][2019-09-30 20:40] 000037300 _____ () 4EE5A67646BC68696282C215E6002450 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_b60e4f2ded44b98c\f\gdi32full.dll
[2019-10-04 18:55][2019-09-30 20:40] 000036477 _____ () 0BC523A1675E83DB0407298AAE548414 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_22fccc24ff04b7a0\r\user32.dll
[2019-10-04 18:52][2019-09-30 20:40] 000002733 _____ () 65945B9363B7F62C04F3F5A44AB1DF65 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_22fccc24ff04b7a0\f\user32.dll
[2019-10-04 18:52][2019-09-30 20:40] 000002702 _____ () C31C0CA38F6BFFC68983B3B03BF7DEE5 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_abb9a4dbb8e3f791\r\gdi32full.dll
[2019-10-04 18:55][2019-09-30 20:37] 000066693 _____ () 9F44727FF81709CAA0EC5AE7C03A7108 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.18362.356_none_abb9a4dbb8e3f791\f\gdi32full.dll
[2019-10-04 18:55][2019-09-30 20:37] 000063482 _____ () 95D19477874EED208F9F223691010F7B [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\r\rpcss.dll
[2019-10-04 18:53][2019-09-30 20:35] 000060106 _____ () 7D93E63C700E81FE0CA98AD51BA7DFD9 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\f\rpcss.dll
[2019-10-04 18:53][2019-09-30 20:35] 000058599 _____ () E0482E80355E119123D16EA0A24CA1D2 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.387_none_f7f3b010fe72445e\r\gdi32.dll
[2019-10-04 18:55][2019-09-30 20:33] 000000178 _____ () 8B9FA7CBAE407661374D405D8EC06FDE [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.387_none_f7f3b010fe72445e\r\user32.dll
[2019-10-04 18:52][2019-09-30 20:33] 000000184 _____ () 0144D3586DC08B5A902B1C5D8361BC91 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.387_none_f7f3b010fe72445e\f\gdi32.dll
[2019-10-04 18:55][2019-09-30 20:33] 000000183 _____ () 7385DDBEC19EDC870D80AAA80D58D1B2 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.388.1.0\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.387_none_f7f3b010fe72445e\f\user32.dll
[2019-10-04 18:52][2019-09-30 20:33] 000000189 _____ () 32CC8E9514D0F33258A61B4F6CCE33BF [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_2d5176773365799b\r\user32.dll
[2019-09-12 19:14][2019-09-08 17:41] 000003193 _____ () 407F6644BFB3C7764DC3C897ABB51983 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\wow64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_2d5176773365799b\f\user32.dll
[2019-09-12 19:14][2019-09-08 17:41] 000003177 _____ () CFC98854C0B0FD1573606B90F373F6F1 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_22fccc24ff04b7a0\r\user32.dll
[2019-09-12 19:14][2019-09-08 17:40] 000002733 _____ () 65945B9363B7F62C04F3F5A44AB1DF65 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-windows-user32_31bf3856ad364e35_10.0.18362.267_none_22fccc24ff04b7a0\f\user32.dll
[2019-09-12 19:14][2019-09-08 17:40] 000002702 _____ () C31C0CA38F6BFFC68983B3B03BF7DEE5 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\r\rpcss.dll
[2019-09-12 19:15][2019-09-08 17:36] 000060106 _____ () 7D93E63C700E81FE0CA98AD51BA7DFD9 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_10.0.18362.295_none_bf6ccb87cfa257cf\f\rpcss.dll
[2019-09-12 19:15][2019-09-08 17:36] 000058599 _____ () E0482E80355E119123D16EA0A24CA1D2 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.329_none_f836902cfe3fcf66\r\gdi32.dll
[2019-09-12 19:16][2019-09-08 17:33] 000000178 _____ () 8B9FA7CBAE407661374D405D8EC06FDE [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.329_none_f836902cfe3fcf66\r\user32.dll
[2019-09-12 19:14][2019-09-08 17:33] 000000184 _____ () 0144D3586DC08B5A902B1C5D8361BC91 [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.329_none_f836902cfe3fcf66\f\gdi32.dll
[2019-09-12 19:16][2019-09-08 17:33] 000000183 _____ () 0F311892A052E690797D23371ACBB2EA [File not signed]
 
C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~18362.356.1.9\amd64_microsoft-onecore-reverseforwarders_31bf3856ad364e35_10.0.18362.329_none_f836902cfe3fcf66\f\user32.dll
[2019-09-12 19:14][2019-09-08 17:33] 000000189 _____ () 67427DD4B23E5447410B448A11CDB973 [File not signed]
 
C:\Windows\Registration\R000000000001.clb
[2019-03-19 06:49][2019-03-19 06:49] 000022588 _____ () 108449833C397C96842158F3E200254A [File is digitally signed]

  • 0

#110
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

All files are the same as mine so that's not the problem.  I was thinking that sfc had run before but I now think it didn't since there was nothing in the junk file.

 

rerun sfc /scannow.

 

When it fails go to C:\Windows\logs\cbs\ and right click on cbs.log and copy.  Go to your desktop and Ctrl + v.  You should now have a copy of cbs.log on your desktop.

 

Go to https://wetransfer.com/

 

Click on the + Add your Files and point it at the cbs.log on your desktop.  Hit Open.

 

Put in my email address in the email to: box (I'll send it to you in a PM) hit Transfer.  That should give me a copy of your cbs.log which may have some useful info.


  • 0

#111
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thank you for your continuing support. I feel very stupid. I got as far as cbs.log by copying and pasting the C windows thing. I copied it but then I came a cropper at the instruction: 'go to desktop'. How do you 'go to desktop'? I first minimised all my windows and put my cursor on the desktop and tried Ctr + v. Nothing. So then I put desktop in the shell thing and tried Ctr + v, still nothing. I apologise for being very dim. Kindly advise.


  • 0

#112
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Copy the next line:

 

copy C:\Windows\logs\cbs\cbs.log "C:\Users\David Jackson\Desktop"

 

Open an elevated command prompt

 

right click (and Paste or Edit and Paste) and the copied line should appear.  Hit Enter.

 

That should copy the cbs.log to your desktop


  • 0

#113
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thanks. Sent.


  • 0

#114
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

CBS.log seems to indicate that it's hitting a folder when it expected a file.  Sometimes this is just something in a temp file so let's clean the temp files.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   218bytes   157 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Try SFC /SCANNOW again and see if it goes any further.


  • 0

#115
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by David Jackson (13-10-2019 20:05:40) Run:3
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson (Available Profiles: defaultuser0 & David Jackson)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
EmptyTemp:
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
 
 
 
 
 
*****************
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log AirSpaceChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log DebugChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-RMS-MSIPC/Debug.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 13022064 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16003393 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 31209 B
Edge => 974 B
Chrome => 198948 B
Firefox => 21684050 B
Opera => 32949689 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15130 B
NetworkService => 15130 B
defaultuser0 => 22298 B
David Jackson => 74907612 B
 
RecycleBin => 218 B
EmptyTemp: => 151.5 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 20:07:33 ====

  • 0

Advertisements


#116
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Stopped at 16% :(


  • 0

#117
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Open an elevated command prompt and let it sit.

 

download Process Monitor https://live.sysinte...com/Procmon.exe
Save it to your desktop.  Run Process Monitor by right click and run as admin.

As soon as it starts,switch back to the elevated command prompt and type sfc /scannow and hit Enter.  When it stops go back to Process Monitor and File  then uncheck Capture Events.  Once it stops,

File, Save, All Events, then OK.  It should save the file to logfile.pml which should be on your desktop.  (if you don't manage to save Process Monitor to your desktop then the logfile will be in the same folder where you downloaded it)  Close Process Monitor.  Go to https://wetransfer.com/and choose the file and put in my email address and hit transfer.


  • 0

#118
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Okay, thanks. So I'm transferring it now but it says it's a 1.1Gb file. Did I do something wrong? Seems awfully big.


  • 0

#119
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Unfortunately that's normal.  Will take a while to upload.  Hopefully it works.


  • 0

#120
daba

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Fingers crossed. Thank you, Mr Kinner.


  • 0






Similar Topics


Also tagged with one or more of these keywords: infection, antivirus de-activated

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP