Results 1 to 10 of 25

Thread: A number of odd issues

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2017-06-27, 07:30 #1
    Luciel
    Luciel is offline
    Junior Member
    Join Date
    Jun 2017
    Posts
    11

    Default A number of odd issues

    I have very recently gained possession of this machine. Technically it's shared between myself and the former owner, however, she has a new one so rarely uses this one. It's having issues and doing weird things. She is the one who advised me to come here and get it checked out. I do know that the other day while watching hulu, I received a BSOD with wdf_violation error and the machine had to restart. I looked up said error on my phone while waiting for the reboot and it stated it's usually revolving around itunes and such. i dont think this machine has itunes on it and i dont personally use it myself or even have an iphone or ipad/ipod (android for life!). when the machine restarted, i noticed a brand new icon on my task bar by the name of Turno.net Launcher. I also noticed a spoon-console.exe thing in my task manager. I had no idea where they came from and though the internet claimed spoon-console.exe as "safe", it also listed it as a key logger/mouse tracker thing which made me super uncomfortable so i went to my programs and uninstalled. it worried me greatly though.

    Had to attach Addition.txt as a zip because it was too big otherwise? if that is wrong im sorry

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
    Ran by Owner (administrator) on 7360BE7 (26-06-2017 20:54:44)
    Running from C:\Users\Owner\Desktop
    Loaded Profiles: Owner (Available Profiles: Owner)
    Platform: Windows 8 (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
    (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
    () C:\Windows\System32\valWBFPolicyService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
    (Flux Software LLC) C:\Users\Owner\AppData\Local\FluxSoftware\Flux\flux.exe
    () C:\Users\Owner\Downloads\MonitorES.exe
    (AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
    (Octoshape ApS) C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
    (Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
    (Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    (Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
    (ALCPU) C:\Program Files\Core Temp\Core Temp.exe
    (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
    (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
    (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    (Hammer & Chisel, Inc.) C:\Users\Owner\AppData\Local\Discord\app-0.0.297\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Owner\AppData\Local\Discord\app-0.0.297\Discord.exe
    (Hammer & Chisel, Inc.) C:\Users\Owner\AppData\Local\Discord\app-0.0.297\Discord.exe
    (Dragon's Eye Productions, Inc.) C:\Program Files (x86)\Furcadia\Furcadia.exe
    (Dragon's Eye Productions, Inc.) C:\Program Files (x86)\Furcadia\furc_on.exe
    (Dragon's Eye Productions, Inc.) C:\Program Files (x86)\Furcadia\Furcadia.exe
    (Dragon's Eye Productions, Inc.) C:\Program Files (x86)\Furcadia\Furcadia.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
    HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4374072 2014-12-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
    HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
    HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-07-16] (cyberlink)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe [1025656 2015-02-15] (Link64 GmbH) <==== ATTENTION
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [f.lux] => C:\Users\Owner\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [MonitorES] => C:\Users\Owner\Downloads\MonitorES.exe [32768 2010-09-16] ()
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [Octoshape Streaming Services] => C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS)
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\MountPoints2: {8ae1db9c-54db-11e4-be96-082e5f79e668} - "G:\ToolLauncher-Bootstrap.exe"
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\MountPoints2: {b03b2a49-3f65-11e5-bed8-082e5f79e668} - "E:\CMADownloader.exe"
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\MountPoints2: {b4418b01-b416-11e3-be74-082e5f79e668} - "F:\autorun.exe"
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\MountPoints2: {f67dbadf-862b-11e6-bf07-082e5f79e668} - "G:\VerizonWirelessUpgradeAssistantSetup.exe" -a
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => No File
    AppInit_DLLs-x32: _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => No File
    SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation(R).lnk [2015-10-08]
    ShortcutTarget: Content Manager Assistant for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2014-12-07]
    ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
    Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TurboLauncher.lnk [2017-06-25]
    ShortcutTarget: TurboLauncher.lnk -> C:\Users\Owner\AppData\Local\Spoon\3.33.1538.0\Spoon-Console.exe (No File)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{46A9D7A3-BA03-426C-BC76-F9A4C3EB1832}: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{E3015422-23A8-485B-81DA-8FE3412980B8}: [DhcpNameServer] 75.75.75.75 75.75.76.76

    Internet Explorer:
    ==================
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
    HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
    SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4167589968-2693423342-2315446607-1002 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4167589968-2693423342-2315446607-1002 -> {66F8021A-0B2E-4DE4-B753-12504A711C26} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-4167589968-2693423342-2315446607-1002 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-10] (Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-10] (Oracle Corporation)
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

    FireFox:
    ========
    FF DefaultProfile: zy6ct8pm.default-1408609993675
    FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675 [2017-06-26]
    FF DefaultSearchUrl: Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675 -> hxxps://www.google.com/search
    FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675 -> Google
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675 -> Google
    FF Homepage: Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675 -> hxxps://www.google.com/
    FF Keyword.URL: Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675 -> hxxps://www.google.com/search
    FF Extension: (LavaFox V2-Blue) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675\Extensions\djziggy@gmail.com [2017-05-18]
    FF Extension: (Pin It button) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2017-05-08]
    FF Extension: (Video DownloadHelper) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-08]
    FF Extension: (Adblock Plus) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
    FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\zy6ct8pm.default-1408609993675\searchplugins\google-avast.xml [2014-11-20]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2015-07-11] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
    FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-10] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-10] (Oracle Corporation)
    FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
    FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2012-08-10] ( HP)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin HKU\S-1-5-21-4167589968-2693423342-2315446607-1002: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
    FF Plugin HKU\S-1-5-21-4167589968-2693423342-2315446607-1002: @spoon.net/Spoon Plugin 3.33 -> C:\Users\Owner\AppData\Local\Spoon\3.33.6.270\npMozillaSpoonPlugin.dll [No File]
    FF Plugin HKU\S-1-5-21-4167589968-2693423342-2315446607-1002: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\Owner\AppData\Local\Spoon\3.33.1538.0\npMozillaSpoonPlugin.dll [No File]
    FF Plugin HKU\S-1-5-21-4167589968-2693423342-2315446607-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-07] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-04-22] (Octoshape ApS)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR HomePage: Default -> hxxp://www.rprepository.com/c/tenebris
    CHR StartupUrls: Default -> "hxxp://www.rprepository.com/c/tenebris","hxxps://cdn.discordapp.com/attachments/166346126662828033/288502705272389633/20170306_214618.jpg"
    CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2017-06-26]
    CHR Extension: (Flash Video Downloader) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-02-25]
    CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
    CHR Extension: (OpticRed Hubble1-1600 Theme) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmpcjpbnfggoobceakkkcojmnnhkehom [2016-06-18]
    CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-25]
    CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-06-16]
    CHR Extension: (Pinterest Save Button) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-22]
    CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2017-06-01]
    CHR Extension: (Linkclump) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2017-06-16]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13]
    CHR Extension: (Senet Online) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmcegikaljcfolenjkadbbaicbgjcpb [2015-05-13]
    CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-17]
    CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-18]
    CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx <not found>

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-18] (Advanced Micro Devices, Inc.) [File not signed]
    S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
    S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [245264 2012-07-09] (CyberLink)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [234856 2016-01-04] (EasyAntiCheat Ltd)
    R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2016-01-21] (GOG.com)
    S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-29] (Electronic Arts)
    R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
    S3 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4374072 2014-12-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
    S3 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
    R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
    R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
    R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
    R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-07-18] () [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AIDA64Driver; C:\Users\Owner\Downloads\aida64extreme520\kerneld.x64 [34136 2015-03-23] ()
    R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
    R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-28] (Disc Soft Ltd)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
    R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [28768 2014-07-03] (SoftEther VPN Project at University of Tsukuba, Japan.)
    R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
    S3 sjcst; C:\Windows\system32\sjcsu64.sys [86352 2015-04-23] ()
    R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
    S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
    S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
    S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [43648 2016-09-05] (Samsung Electronics Co., Ltd.)
    S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-02-11] (Microsoft Corporation)
    R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
    R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
    R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-15] (BigNox Corporation)
    R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-15] (BigNox Corporation)
    S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
    R3 ALSysIO; \??\C:\Users\Owner\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
    S3 VBoxDrv; \??\C:\Program Files\Oracle\VirtualBox\VBoxDrv.sys [X]
    S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-06-26 20:54 - 2017-06-26 20:56 - 00026004 _____ C:\Users\Owner\Desktop\FRST.txt
    2017-06-26 20:53 - 2017-06-26 20:53 - 00013721 _____ C:\Users\Owner\Downloads\FRST.txt
    2017-06-26 20:52 - 2017-06-26 20:52 - 02441216 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
    2017-06-26 20:50 - 2017-06-26 20:50 - 00000207 _____ C:\Windows\tweaking.com-regbackup-7360BE7-Windows-8-(64-bit).dat
    2017-06-26 20:48 - 2017-06-26 20:48 - 00002239 _____ C:\Users\Owner\Desktop\Tweaking.com - Registry Backup.lnk
    2017-06-26 20:48 - 2017-06-26 20:48 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2017-06-26 20:46 - 2017-06-26 20:46 - 05766144 _____ (Tweaking.com) C:\Users\Owner\Downloads\tweaking.com_registry_backup_setup.exe
    2017-06-25 04:37 - 2017-06-25 04:37 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbo.net
    2017-06-25 04:32 - 2017-06-25 04:32 - 00280752 _____ C:\Windows\Minidump\062517-81089-01.dmp
    2017-06-25 04:31 - 2017-06-25 04:31 - 540046701 _____ C:\Windows\MEMORY.DMP
    2017-06-18 20:00 - 2017-06-18 20:00 - 02329859 _____ C:\Users\Owner\Downloads\SMAPI-1.14.1.zip
    2017-06-18 20:00 - 2017-06-18 20:00 - 00000000 ____D C:\Users\Owner\Downloads\SMAPI-1.14.1
    2017-06-18 15:18 - 2017-06-18 15:18 - 00000139 _____ C:\Users\Owner\Desktop\CAT CONTACT.txt
    2017-06-18 13:25 - 2017-06-18 13:25 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
    2017-06-18 13:20 - 2017-06-18 13:20 - 00000000 ____D C:\Users\Owner\Desktop\OpenOffice 4.1.3 (en-US) Installation Files
    2017-06-18 13:18 - 2017-06-18 13:19 - 140742472 _____ C:\Users\Owner\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_en-US.exe
    2017-06-18 03:27 - 2017-06-18 03:27 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Owner\Downloads\AVG_Protection_Free_1606.exe
    2017-05-31 14:08 - 2017-05-31 14:08 - 06754944 _____ (ESET spol. s r.o.) C:\Users\Owner\Downloads\esetonlinescanner_enu (1).exe
    2017-05-29 13:17 - 2017-05-29 13:17 - 30931000 _____ (Open Media LLC ) C:\Users\Owner\Downloads\4kvideodownloader_4.2 (1).exe
    2017-05-29 13:15 - 2017-05-29 13:15 - 30931000 _____ (Open Media LLC ) C:\Users\Owner\Downloads\4kvideodownloader_4.2.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-06-26 20:53 - 2014-06-05 12:44 - 00000000 ____D C:\FRST
    2017-06-26 20:48 - 2014-12-01 02:33 - 00034815 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
    2017-06-26 20:47 - 2017-01-15 12:30 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla
    2017-06-26 20:47 - 2014-03-21 21:01 - 00000000 ____D C:\Users\Owner\AppData\Roaming\vlc
    2017-06-26 11:57 - 2016-02-22 14:17 - 00003162 _____ C:\Windows\System32\Tasks\HPCeeScheduleForOwner
    2017-06-26 11:57 - 2016-02-22 14:17 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForOwner.job
    2017-06-26 11:57 - 2014-02-09 03:52 - 00000000 ____D C:\Users\Owner
    2017-06-26 10:25 - 2016-10-31 17:44 - 00000000 ____D C:\Program Files (x86)\Steam
    2017-06-26 10:20 - 2014-07-03 08:34 - 00000000 ____D C:\Program Files\SoftEther VPN Client
    2017-06-25 22:06 - 2016-03-02 04:26 - 00000000 ____D C:\Users\Owner\AppData\Roaming\StardewValley
    2017-06-25 19:31 - 2014-02-09 03:59 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4167589968-2693423342-2315446607-1002
    2017-06-25 04:45 - 2016-01-23 13:58 - 00000000 ____D C:\Users\Owner\AppData\Roaming\discord
    2017-06-25 04:43 - 2014-07-17 03:45 - 00000000 ____D C:\Users\Owner\AppData\Local\Spoon
    2017-06-25 04:34 - 2014-02-09 03:52 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\AuthenTec
    2017-06-25 04:33 - 2012-07-26 01:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-06-25 04:31 - 2016-01-20 15:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVG
    2017-06-25 04:31 - 2016-01-20 15:19 - 00000000 ____D C:\ProgramData\Avg
    2017-06-25 04:31 - 2016-01-20 15:19 - 00000000 ____D C:\Program Files (x86)\AVG
    2017-06-25 04:30 - 2014-03-21 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2017-06-24 20:37 - 2014-03-21 18:12 - 00000000 ___RD C:\Users\Owner\Desktop\PHOENIX
    2017-06-24 18:54 - 2017-04-17 23:42 - 00000000 ____D C:\Users\Owner\Desktop\RP FILES
    2017-06-21 11:57 - 2016-04-09 23:45 - 00000000 ____D C:\Users\Owner\Desktop\altnamecheck
    2017-06-21 11:55 - 2014-03-21 19:21 - 00000000 ____D C:\Users\Owner\Documents\Furcadia
    2017-06-18 14:02 - 2016-01-20 15:18 - 00000000 ____D C:\Users\Owner\AppData\Local\AvgSetupLog
    2017-06-18 13:57 - 2014-06-13 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2017-06-18 13:27 - 2014-03-21 22:54 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
    2017-06-18 13:27 - 2014-03-21 22:54 - 00001112 _____ C:\Users\Public\Desktop\WinRAR.lnk
    2017-06-18 13:27 - 2014-03-21 22:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2017-06-18 13:27 - 2014-03-21 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2017-06-18 13:27 - 2014-03-21 22:53 - 00000000 ____D C:\Program Files\WinRAR
    2017-06-18 13:25 - 2017-03-09 00:51 - 00000000 ____D C:\Program Files (x86)\Minecraft
    2017-06-18 13:25 - 2014-03-21 15:39 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
    2017-06-18 13:24 - 2016-04-08 04:42 - 00000000 ____D C:\Users\Owner\AppData\Roaming\IMVU
    2017-06-18 13:24 - 2016-03-24 02:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania
    2017-06-18 13:24 - 2016-01-19 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAMB
    2017-06-18 13:24 - 2014-11-21 04:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
    2017-06-18 13:24 - 2014-06-23 17:42 - 00000000 ____D C:\Windows\Minidump
    2017-06-18 13:24 - 2014-03-22 17:15 - 00000000 ____D C:\Users\Owner\AppData\Local\Battle.net
    2017-06-18 13:24 - 2014-03-07 16:00 - 00000000 ____D C:\Users\Owner\AppData\Roaming\hpqlog
    2017-06-18 13:24 - 2014-02-09 01:39 - 00000000 ____D C:\ProgramData\Temp
    2017-06-18 13:24 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\system32\Sysprep
    2017-06-18 13:24 - 2012-07-25 23:37 - 00000000 ____D C:\Windows\Inf
    2017-06-18 13:07 - 2016-08-15 22:20 - 00001065 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alt Existance Checker.lnk
    2017-06-18 12:58 - 2016-01-20 15:18 - 00000000 ____D C:\Users\Owner\AppData\Local\Avg
    2017-06-18 02:06 - 2012-07-26 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-06-18 02:06 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2017-06-17 23:43 - 2014-03-21 17:51 - 00000000 ___RD C:\Users\Owner\Desktop\PHOENIX PICTURES
    2017-06-14 16:31 - 2017-02-01 01:21 - 00000992 _____ C:\Users\Owner\Desktop\Core Temp.lnk
    2017-06-10 19:24 - 2016-03-27 17:52 - 00000000 ____D C:\Users\Owner\Desktop\FURC CHARA STUFF
    2017-06-10 19:12 - 2015-05-06 20:13 - 00000000 ____D C:\Users\Owner\Desktop\FF CONVERT
    2017-06-04 14:25 - 2014-03-21 21:38 - 00000000 ___RD C:\Users\Owner\Desktop\VIDEO
    2017-06-02 21:16 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
    2017-06-02 20:33 - 2014-03-21 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2017-06-02 20:30 - 2012-07-25 23:26 - 00262144 ___SH C:\Windows\system32\config\BBI
    2017-05-29 13:18 - 2015-08-09 03:04 - 00001264 _____ C:\Users\Owner\Desktop\4K Video Downloader.lnk
    2017-05-29 13:18 - 2015-08-09 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download

    ==================== Files in the root of some directories =======

    2014-11-20 01:51 - 2014-11-20 01:51 - 0000046 _____ () C:\Users\Owner\AppData\Roaming\WB.CFG
    2014-03-21 16:41 - 2017-04-10 18:40 - 0007605 _____ () C:\Users\Owner\AppData\Local\resmon.resmoncfg
    2014-10-17 16:33 - 2014-10-17 16:35 - 0000000 _____ () C:\Users\Owner\AppData\Local\{32E64994-79B7-45FD-9074-C147C167A2F4}

    Files to move or delete:
    ====================
    C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe


    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-06-19 04:15

    ==================== End of FRST.txt ============================

    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2017-06-26 21:12:35
    -----------------------------
    21:12:35.107 OS Version: Windows x64 6.2.9200
    21:12:35.107 Number of processors: 4 586 0x1001
    21:12:35.108 ComputerName: 7360BE7 UserName: Owner
    21:12:36.309 Initialize success
    21:12:36.310 VM: initialized successfully
    21:12:36.312 VM: Amd CPU BiosDisabled
    21:14:37.094 AVAST engine defs: 17030301
    21:14:43.726 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000044
    21:14:43.728 Disk 0 Vendor: ST640LM001_HN-M640MBB 2AR10002 Size: 610480MB BusType: 11
    21:14:43.928 Disk 0 MBR read successfully
    21:14:43.933 Disk 0 MBR scan
    21:14:43.961 Disk 0 unknown MBR code
    21:14:43.964 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
    21:14:44.653 Disk 0 scanning C:\Windows\system32\drivers
    21:15:06.544 Service scanning
    21:15:41.091 Modules scanning
    21:15:41.104 Disk 0 trace - called modules:
    21:15:41.148 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
    21:15:41.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80065ff060]
    21:15:41.163 3 CLASSPNP.SYS[fffff8800153ce0a] -> nt!IofCallDriver -> [0xfffffa8006579b10]
    21:15:41.168 5 hpdskflt.sys[fffff88001d8b339] -> nt!IofCallDriver -> [0xfffffa8006384600]
    21:15:41.173 7 amd_xata.sys[fffff8800128d634] -> nt!IofCallDriver -> \Device\00000044[0xfffffa8006386060]
    21:15:42.258 AVAST engine scan C:\Windows
    21:15:44.920 AVAST engine scan C:\Windows\system32
    21:19:39.959 AVAST engine scan C:\Windows\system32\drivers
    21:19:58.640 AVAST engine scan C:\Users\Owner
    22:30:08.954 AVAST engine scan C:\ProgramData
    22:33:43.169 Disk 0 statistics 5471843/0/0 @ 0.63 MB/s
    22:33:43.170 Scan finished successfully
    22:40:07.576 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
    22:40:07.580 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"
    Attached Files Attached Files
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules