Jump to content


Photo

sluggish comp


  • This topic is locked This topic is locked
34 replies to this topic

#1 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 10 March 2016 - 07:56 PM

computer really slow and graphics chopppy

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28/01/2016
Scan Time: 22:02:36
Logfile: kljjljj.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.01.28.06
Rootkit Database: v2016.01.20.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Chris

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 324756
Time Elapsed: 23 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.OpenCandy, C:\Users\Chris\AppData\Local\temp\HYD4EC2.tmp.1453925631\HTA\install.1453925631.zip, , [13f3db64e9b02412943afb3c9d65b44c],
PUP.Optional.OpenCandy, C:\Users\Chris\AppData\Local\temp\HYD4EC2.tmp.1453925631\HTA\3rdparty\OCSetupHlp.dll, , [d531ea5537624fe7bb722cb4ed17f808],

Physical Sectors: 0
(No malicious items detected)


(end)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Chris (administrator) on DELL-530 (11-03-2016 00:23:05)
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available Profiles: Chris)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
() C:\Program Files\HDD Health\HDDHealthService.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-09] (AVAST Software)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-17] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2014-03-25]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pass Access.lnk [2016-03-06]
ShortcutTarget: Pass Access.lnk -> C:\Users\Chris\AppData\Local\temp\Rar$EXa0.430\Pass_Access_Setup.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{1C860157-7FDA-473E-B46D-C45B490DF184}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: [DhcpNameServer] 192.168.0.203
Tcpip\..\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-17] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-04] [not signed]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-05-06] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-08] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-17]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-17]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-17]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [119128 2016-02-17] (AVAST Software)
R2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-17] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-02-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-09] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2014-08-02] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [268424 2016-02-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-02-17] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-23] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [171608 2016-02-17] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67088 2016-02-17] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-17] (AVAST Software)
R3 gttap1; C:\Windows\System32\DRIVERS\gttap1.sys [32552 2013-09-12] (The OpenVPN Project)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 MOSUMAC; C:\Windows\System32\DRIVERS\MOSUMAC.SYS [43520 2009-12-10] (--)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-11-23] (wisecleaner.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 eapihdrv; \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-11 00:23 - 2016-03-11 00:23 - 00013939 _____ C:\Users\Chris\Desktop\FRST.txt
2016-03-11 00:22 - 2016-03-11 00:23 - 00000000 ____D C:\FRST
2016-03-11 00:22 - 2016-03-11 00:22 - 00001925 _____ C:\Users\Chris\Desktop\eetre.txt
2016-03-11 00:01 - 2016-03-11 00:01 - 02870984 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_enu.exe
2016-03-11 00:00 - 2016-03-11 00:00 - 00897536 _____ C:\Users\Chris\Desktop\RGSA.exe
2016-03-10 23:58 - 2016-03-10 23:58 - 01725440 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe
2016-03-10 14:28 - 2016-03-10 23:59 - 00000000 ____D C:\Users\Chris\Downloads\sp6
2016-03-10 03:14 - 2016-02-19 21:34 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-10 03:14 - 2016-02-06 02:17 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-10 03:14 - 2016-02-06 02:17 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-10 03:14 - 2016-02-06 02:12 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-10 03:14 - 2016-02-06 02:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-10 03:14 - 2016-02-06 02:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-10 03:14 - 2016-02-06 00:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-10 03:14 - 2015-11-20 14:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-10 03:13 - 2016-02-06 02:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-10 03:13 - 2016-02-06 02:11 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-10 03:13 - 2016-02-06 00:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-10 03:13 - 2016-02-02 15:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-10 03:12 - 2016-02-03 17:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-10 03:12 - 2016-02-03 17:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-10 03:12 - 2016-02-03 17:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-10 03:01 - 2016-02-04 15:25 - 02068992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 22:02 - 2016-02-09 00:17 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 22:02 - 2016-02-09 00:15 - 12392960 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 22:02 - 2016-02-09 00:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 22:02 - 2016-02-09 00:12 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 22:02 - 2016-02-09 00:12 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 22:02 - 2016-02-09 00:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 22:02 - 2016-02-09 00:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 22:02 - 2016-02-09 00:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 22:02 - 2016-02-09 00:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-03-09 22:02 - 2016-02-09 00:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-03-06 17:13 - 2016-03-06 18:54 - 00001041 _____ C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2016-03-02 19:24 - 2016-03-10 23:55 - 00102436 _____ C:\Windows\ntbtlog.txt
2016-02-27 11:51 - 2016-02-27 11:52 - 00000000 ____D C:\Users\Chris\Downloads\WANNABE
2016-02-27 11:44 - 2016-02-27 11:44 - 00000000 ____D C:\Users\Chris\Downloads\ACTIV
2016-02-24 14:25 - 2016-03-11 00:00 - 00008192 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-17 23:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-17 23:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-17 23:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-17 23:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-17 23:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-17 23:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-17 23:47 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-17 23:47 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-17 23:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-17 23:27 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-17 23:16 - 2016-02-18 01:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-17 20:22 - 2016-02-17 20:23 - 45702448 _____ C:\Users\Chris\Downloads\Firefox Setup 43.0.1.exe
2016-02-17 19:36 - 2016-02-17 19:35 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-17 19:35 - 2016-02-17 19:35 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-10 23:55 - 2014-06-02 21:10 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2016-03-10 23:54 - 2014-06-02 21:04 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-10 23:54 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-10 23:54 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-10 23:54 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-10 23:54 - 2006-11-02 12:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-10 23:50 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files\PeerBlock
2016-03-10 23:47 - 2012-12-13 19:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-10 22:47 - 2012-12-13 19:48 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-10 22:47 - 2012-12-13 19:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-10 21:53 - 2013-07-23 21:29 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2016-03-10 14:32 - 2013-05-06 13:42 - 00000069 _____ C:\Windows\NeroDigital.ini
2016-03-10 14:31 - 2011-12-31 13:09 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2016-03-10 14:23 - 2006-11-02 13:01 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-10 03:51 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache
2016-03-10 03:40 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf
2016-03-10 03:40 - 2006-11-02 10:33 - 00755252 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-10 03:35 - 2016-01-28 13:43 - 03612480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 03:31 - 2006-11-02 12:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-10 03:31 - 2006-11-02 11:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-10 03:09 - 2013-08-14 02:08 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 03:03 - 2006-11-02 10:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-03-09 20:18 - 2014-08-02 21:53 - 00816304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-03-09 20:18 - 2014-08-02 21:53 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-03-06 18:54 - 2015-03-30 20:39 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Vso
2016-03-06 18:07 - 2011-12-28 14:53 - 00000000 ____D C:\Users\Chris\Documents\ConvertXToDVD
2016-02-24 16:47 - 2016-01-26 13:34 - 00056088 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-24 14:25 - 2012-12-19 18:53 - 00000000 ____D C:\Users\Chris\AppData\Roaming\dvdcss
2016-02-23 19:39 - 2014-08-02 21:53 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-19 20:45 - 2014-06-02 21:05 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 20:45 - 2014-06-02 21:05 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 10:28 - 2013-10-31 00:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-18 00:08 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-18 00:08 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-17 20:24 - 2013-10-31 00:26 - 00000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-17 20:24 - 2013-10-31 00:26 - 00000806 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-17 19:39 - 2014-08-02 21:53 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-17 19:36 - 2015-09-13 13:11 - 00171608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00067088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-17 19:34 - 2014-08-02 21:53 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-02-17 19:33 - 2014-08-02 21:53 - 00268424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys

==================== Files in the root of some directories =======

2016-03-06 17:13 - 2016-03-06 18:54 - 0001041 _____ () C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2016-02-24 14:25 - 2016-03-11 00:00 - 0008192 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Files to move or delete:
====================
C:\Windows\system32\EhStorShell.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-11 00:16

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Chris (2016-03-11 00:23:32)
Running from C:\Users\Chris\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2011-02-04 10:32:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3299710142-3868310564-1978959094-500 - Administrator - Disabled)
Chris (S-1-5-21-3299710142-3868310564-1978959094-1001 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-3299710142-3868310564-1978959094-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Internet Security (HKLM\...\Avast) (Version: 11.1.2253 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
ConvertXtoDVD 4.0.9.322 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - )
EasyBCD 1.7 (HKLM\...\EasyBCD) (Version: 1.7 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ffdshow [rev 2180] [2008-10-04] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HDD Health v4.2 (HKLM\...\HDD Health_is1) (Version:  - )
InPlay IPTV (HKLM\...\{4CE87481-C78C-4543-9AA0-2117CD5BF917}) (Version: 4.0.0 - Cobain ltd)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Leawo Video Converter version  5.1.0.0 (HKLM\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{A55747C1-4651-433D-B082-478874FF7516}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MPC-HC 1.7.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Lite 7.10.1.2 (HKLM\...\Nero7Lite_is1) (Version: 7.10.1.2 - UpdatePack.nl)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
SafeZone Stable 1.48.2066.44 (Version: 1.48.2066.44 - Avast Software) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skitch (HKLM\...\Skitch 1.0.2.0) (Version: 2.2.0.4 - Evernote Corp.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.2.2 - Addpcs, LLC)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Care 365 3.95 (HKLM\...\Wise Care 365_is1) (Version: 3.95 - WiseCleaner.com, Inc.)
YouTube Downloader App 3.00 (HKLM\...\YouTube Downloader App) (Version: 3.00 - Regensoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E8A34C-9F61-46D8-9845-A9A333189C63} - System32\Tasks\SafeZone scheduled Autoupdate 1449186754 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {6092D648-6209-4D6F-9B67-908F6DA777DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {677CD573-8156-4B83-8781-B7646D6B0415} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {85281012-34B8-4BAA-9EF3-93B5EA5F07FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8A6403D3-82D2-4E66-8DBE-0E6A1517755E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A54D19FC-F66A-4A61-A70A-ACA7AD2C0A44} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-17] (AVAST Software)
Task: {C0BB004D-9824-4D0E-9F70-09C1D3B6DBDB} - System32\Tasks\WiseCleaner\AidSkipUAC => C:\Program Files\Wise\Wise PC 1stAid\WisePCAid.exe [2015-08-21] (WiseCleaner.com)
Task: {DC0B49E4-3258-40BE-81A6-B40E45F2E425} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 17:32 - 2016-02-17 19:35 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-20 17:32 - 2016-02-17 19:34 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-10 22:26 - 2016-03-10 22:26 - 02838528 _____ () C:\Program Files\AVAST Software\Avast\defs\16031003\algo.dll
2015-12-03 23:36 - 2016-02-17 19:35 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-03-25 05:27 - 2013-03-08 09:54 - 00017760 _____ () C:\Program Files\HDD Health\HDDHealthService.exe
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-03-14 02:20 - 2015-12-03 23:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-26 07:44 - 2015-08-26 07:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2016-03-10 22:47 - 2016-03-10 22:47 - 19397824 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5317 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-01-28 15:22 - 2016-01-29 01:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{F4CFD83A-D58B-4331-9FC7-226F9784CDC4}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{12BEC677-E9D6-44B9-BABE-F2063712476A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{63B46E60-3403-4499-A84A-2E131052042D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{CB3C9927-8511-4003-A2F9-0F8653F9F993}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{89F6D647-8024-4E1F-8497-2A7AE8708831}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B0445748-C9F0-4B94-BC0C-0FE10A3A055B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BCB8D66D-EAE0-4619-B7B9-76176D0CC46B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{7B0956BD-F3D2-483D-B46D-8A8571258DC6}] => (Allow) LPort=80
FirewallRules: [{8AB470CC-8166-471A-8F5F-8CF24CBF9CE7}] => (Allow) LPort=80
FirewallRules: [{E72885C9-C635-4DBF-9775-C607C77F0F91}] => (Allow) LPort=80
FirewallRules: [{F6F8D12F-6C77-4C0C-8395-F2847BE4826A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-03-2016 17:11:58 Scheduled Checkpoint
05-03-2016 00:49:18 Scheduled Checkpoint
06-03-2016 00:00:06 Scheduled Checkpoint
06-03-2016 18:39:58 Scheduled Checkpoint
08-03-2016 00:00:01 Scheduled Checkpoint
08-03-2016 09:18:59 Windows Update
09-03-2016 22:06:44 Scheduled Checkpoint
10-03-2016 03:00:16 Windows Update
10-03-2016 16:26:08 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\RARBG.COM.NFO> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\4 SAMIA DUARTE, VALENTINA NAPPI, SAMANTHA BENTLEY.MP4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\3 ROSELLA VISOCNTI, JENNY SMART.MP4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 02:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application vlc.exe, version 2.2.1.0, time stamp 0x00000004, faulting module libqt4_plugin.dll, version 2.2.1.0, time stamp 0x00020002, exception code 0x40000015, fault offset 0x007ca10a,
process id 0x14dc, application start time 0xvlc.exe0.

Error: (03/10/2016 03:09:21 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/10/2016 03:09:21 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/02/2016 06:33:18 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (03/02/2016 06:33:16 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (03/02/2016 06:31:59 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (03/02/2016 06:31:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.


System errors:
=============
Error: (03/10/2016 11:54:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:53:16 on 10/03/2016 was unexpected.

Error: (03/09/2016 08:00:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:46:29 on 08/03/2016 was unexpected.

Error: (03/06/2016 04:29:19 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.1.3 for the Network Card with network address 001EC982BAAF has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/06/2016 04:29:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 16:02:43 on 06/03/2016 was unexpected.

Error: (02/17/2016 07:25:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (02/08/2016 06:44:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (02/06/2016 11:28:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (02/06/2016 11:28:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:39:56 on 06/02/2016 was unexpected.

Error: (02/06/2016 05:19:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (02/06/2016 05:19:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:08:11 on 06/02/2016 was unexpected.


CodeIntegrity:
===================================
  Date: 2016-03-11 00:14:40.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:40.429
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:40.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:39.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:39.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:39.221
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:38.891
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:38.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:38.191
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 00:14:37.821
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 51%
Total physical RAM: 3060.45 MB
Available physical RAM: 1492.9 MB
Total Virtual: 6351.95 MB
Available Virtual: 4566.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.32 GB) (Free:201.41 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.88 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 5ED7C68A)
Partition 1: (Active) - (Size=288.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ======================

 

Result of Security Analysis by Rocket Grannie (x86) version: 10th March 2016
Running from:C:\Users\Chris\Desktop (01:54:57 - 03/11/2016)
***---------------------------------------------------------***
Microsoft® Windows Vista™ Home Premium X86 Service Pack 2
UAC is Enabled!
Internet Explorer 8
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
***-----------------Anti-Virus - Firewall-------------------***
avast! Antivirus 270336 up to Date!
Windows Firewall is Enabled!
Searching for any other Firewall
avast! Antivirus
***----------------AntiSpyware - Miscellaneous---------------***
Adobe flash Player Plugin (version 21.0.0.182)
Adobe Reader XI (version 11.0.0.15)
CCleaner -- An older version than '5.15' is installed.
Google Chrome (version 48)
Malwarebytes Anti-Malware (version 2.2.0.1024)
Microsoft Silverlight (version 5)
Mozilla Firefox (version 44)
CCleaner (version 5.13) is *out of Date*

***----------------Analysis Complete-------------------------***



#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 12 March 2016 - 07:12 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

If not already done enable Avast.

===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pass Access.lnk [2016-03-06]
ShortcutTarget: Pass Access.lnk -> C:\Users\Chris\AppData\Local\temp\Rar$EXa0.430\Pass_Access_Setup.exe ()
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR Extension: (Avast Online Security) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-17]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S3 eapihdrv; \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pass Access.lnk
C:\Users\Chris\AppData\Local\temp\Rar$EXa0.430\Pass_Access_Setup.exe

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Please post the logs and let me know if the problem persists.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 12 March 2016 - 08:59 AM

seems a bit better

 

 

Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Chris (2016-03-12 13:28:54) Run:1
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available Profiles: Chris)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pass Access.lnk [2016-03-06]
ShortcutTarget: Pass Access.lnk -> C:\Users\Chris\AppData\Local\temp\Rar$EXa0.430\Pass_Access_Setup.exe ()
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR Extension: (Avast Online Security) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-17]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S3 eapihdrv; \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pass Access.lnk
C:\Users\Chris\AppData\Local\temp\Rar$EXa0.430\Pass_Access_Setup.exe

End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pass Access.lnk => moved successfully
C:\Users\Chris\AppData\Local\temp\Rar$EXa0.430\Pass_Access_Setup.exe => moved successfully
Chrome HomePage => removed successfully.
Chrome StartupUrls => removed successfully.
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully.
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
AvastVBoxSvc => service could not remove
eapihdrv => service not found.
VBoxAswDrv => service could not remove
"C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pass Access.lnk" => not found.
"C:\Users\Chris\AppData\Local\temp\Rar$EXa0.430\Pass_Access_Setup.exe" => not found.
EmptyTemp: => 163.4 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-12 13:38:11)

"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Could not move

==== End of Fixlog 13:38:11 ====

 

# AdwCleaner v5.101 - Logfile created 12/03/2016 at 14:54:39
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (x86)
# Username : Chris - DELL-530
# Running from : C:\Users\Chris\Desktop\adwcleaner_5.101.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [628 bytes] - [12/03/2016 14:54:39]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [714 bytes] ##########
 



#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 13 March 2016 - 06:43 AM

There could be some remnant items.

Run an online scan with Eset (easiest with Internet Explorer): http://www.eset.com/onlinescan/
To shorten the scanning time disable your antivirus program while scanning.

Select Enable detection of potentially unwanted applications.
Click Advanced Settings.

Select:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology


Click Start.

When the scan is finished, click on List of found threats and then Export to text file. Copy the content of the text file and paste its content in your reply.

This may take awhile, run it when you know you will not need the computer for an hour or two.
<<<>>>
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 13 March 2016 - 06:06 PM

did you find anythung bad?

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=15616
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-10-24 02:21:01
# local_time=2013-10-24 03:21:01 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 167635 220157189 0 0
# scanned=122304
# found=0
# cleaned=0
# scan_time=7691
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=15640
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-10-26 05:58:48
# local_time=2013-10-26 06:58:48 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 16724 220299856 0 0
# scanned=121860
# found=0
# cleaned=0
# scan_time=7032
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=15700
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-10-30 09:14:47
# local_time=2013-10-30 09:14:47 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 67815 220700415 0 0
# scanned=117655
# found=0
# cleaned=0
# scan_time=3023
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=15949
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-11-20 12:36:59
# local_time=2013-11-20 12:36:59 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 408912 222440547 0 0
# scanned=122722
# found=0
# cleaned=0
# scan_time=7990
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16048
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-11-27 07:15:02
# local_time=2013-11-27 07:15:02 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 66101 223112430 0 0
# scanned=126487
# found=0
# cleaned=0
# scan_time=8435
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16141
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-05 01:35:02
# local_time=2013-12-05 01:35:02 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 124762 223740030 0 0
# scanned=126600
# found=0
# cleaned=0
# scan_time=7873
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16247
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-12 04:44:47
# local_time=2013-12-12 04:44:47 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 202157 224399415 0 0
# scanned=24424
# found=0
# cleaned=0
# scan_time=1351
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16247
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-12 07:32:41
# local_time=2013-12-12 07:32:41 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 212231 224409489 0 0
# scanned=127302
# found=2
# cleaned=2
# scan_time=8375
sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Downloads\ccsetup406.exe"
sh=DD6E088E22874B283348A15DB5159C7B20CC6D22 ft=1 fh=fe9dda6ca79832a6 vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Downloads\ccsetup407.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16283
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-16 02:13:19
# local_time=2013-12-16 02:13:19 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 264100 224735927 0 0
# scanned=52208
# found=2
# cleaned=0
# scan_time=6716
sh=3D84C7C0E316EAD02DD7A59E746EC798DAB8BC0C ft=1 fh=ce50a11e70bad71c vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Chris\Documents\Leawo\ccsetup328(1).exe"
sh=6525F85F423A8ACB9DE261FCE7C1BFDCAF0651EC ft=1 fh=e751b5239200023c vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Chris\Downloads\ccsetup404.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16286
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-16 04:48:44
# local_time=2013-12-16 04:48:44 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 273425 224745252 0 0
# scanned=127288
# found=6
# cleaned=0
# scan_time=9128
sh=749AD8CCAE232FD32A9EC072E120D353C851ECDB ft=1 fh=5447fa426d093a2c vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Chris\Documents\Shockwave_Installer_Full.exe"
sh=3D84C7C0E316EAD02DD7A59E746EC798DAB8BC0C ft=1 fh=ce50a11e70bad71c vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Chris\Documents\Leawo\ccsetup328(1).exe"
sh=6525F85F423A8ACB9DE261FCE7C1BFDCAF0651EC ft=1 fh=e751b5239200023c vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Chris\Downloads\ccsetup404.exe"
sh=13ACF4276037B3AB8F8BEECAFB2C92DF61EA1F6B ft=1 fh=a72cb49ddbed545b vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Chris\Downloads\Shockwave_Installer_Full(1).exe"
sh=0D456C5DD71E8E11AF9008D9187D57158DF47C29 ft=1 fh=861d7dc9ec3e933a vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Chris\Downloads\Shockwave_Installer_Full.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16298
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-17 02:28:34
# local_time=2013-12-17 02:28:34 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 16943 224823242 0 0
# scanned=35129
# found=0
# cleaned=0
# scan_time=3146
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16463
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-31 02:30:27
# local_time=2013-12-31 02:30:27 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 306199 226032955 0 0
# scanned=127603
# found=5
# cleaned=5
# scan_time=6820
sh=749AD8CCAE232FD32A9EC072E120D353C851ECDB ft=1 fh=5447fa426d093a2c vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Documents\Shockwave_Installer_Full.exe"
sh=3D84C7C0E316EAD02DD7A59E746EC798DAB8BC0C ft=1 fh=ce50a11e70bad71c vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Documents\Leawo\ccsetup328(1).exe"
sh=6525F85F423A8ACB9DE261FCE7C1BFDCAF0651EC ft=1 fh=e751b5239200023c vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Downloads\ccsetup404.exe"
sh=13ACF4276037B3AB8F8BEECAFB2C92DF61EA1F6B ft=1 fh=a72cb49ddbed545b vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Downloads\Shockwave_Installer_Full(1).exe"
sh=0D456C5DD71E8E11AF9008D9187D57158DF47C29 ft=1 fh=861d7dc9ec3e933a vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Downloads\Shockwave_Installer_Full.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16496
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-03 01:20:23
# local_time=2014-01-03 01:20:23 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 171059 226244751 0 0
# scanned=127623
# found=0
# cleaned=0
# scan_time=7659
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16616
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-11 03:19:22
# local_time=2014-01-11 03:19:22 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 47530 226986290 0 0
# scanned=129177
# found=1
# cleaned=1
# scan_time=7152
sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Downloads\ccsetup409.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16724
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-20 11:47:59
# local_time=2014-01-20 11:47:59 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 250783 227794407 0 0
# scanned=48256
# found=0
# cleaned=0
# scan_time=6088
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16832
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-28 08:54:23
# local_time=2014-01-28 08:54:23 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 326717 228475191 0 0
# scanned=133012
# found=2
# cleaned=2
# scan_time=8282
sh=03659459CF218748D115AB0EBD09E04AE43D9BC4 ft=1 fh=b7fea6e53bda36e3 vn="Win32/Bundled.Toolbar.Google.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Documents\ccsetup323.exe"
sh=9EBEEAD23C136B3C8E6CC0220B4F47C3D67B9B4D ft=1 fh=f7cfbc4528e170a2 vn="Win32/Bundled.Toolbar.Google.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Chris\Documents\ccsetup324.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16859
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-30 05:49:43
# local_time=2014-01-30 05:49:43 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 95059 228593711 0 0
# scanned=133260
# found=0
# cleaned=0
# scan_time=7962
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=16958
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-06 10:30:30
# local_time=2014-02-06 10:30:30 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 190145 229215358 0 0
# scanned=137210
# found=0
# cleaned=0
# scan_time=6962
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17000
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-09 01:11:50
# local_time=2014-02-09 01:11:50 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 419425 229441038 0 0
# scanned=140087
# found=1
# cleaned=1
# scan_time=8083
sh=A9D2B6DC6668EED798B9CD265597FE301996DBE8 ft=1 fh=c03f5a0eeeaf3edb vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Chris\Downloads\ZASPSetupWeb_120_104_000.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17018
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-11 12:35:35
# local_time=2014-02-11 12:35:35 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 108164 229611663 0 0
# scanned=128505
# found=0
# cleaned=0
# scan_time=7036
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17033
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-12 12:53:00
# local_time=2014-02-12 12:53:00 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 54654 229699108 0 0
# scanned=129926
# found=3
# cleaned=3
# scan_time=7561
sh=736822488433A57CD303A7F991FE04C443141C6D ft=1 fh=f9c7beb9adca324d vn="a variant of Win32/PrimeCasino.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Microgaming\Casino\32red\install.exe"
sh=736822488433A57CD303A7F991FE04C443141C6D ft=1 fh=f9c7beb9adca324d vn="a variant of Win32/PrimeCasino.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Chris\Downloads\32Red(1).exe"
sh=0F66A3D9ED05300CA804F02113BE1E3F955D7FF6 ft=1 fh=e93baf5004dc46ad vn="a variant of Win32/PrimeCasino.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Chris\Downloads\32Red.exe"
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17036
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-12 03:29:36
# local_time=2014-02-12 03:29:36 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 64050 229708504 0 0
# scanned=130063
# found=0
# cleaned=0
# scan_time=7259
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17045
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-12 09:18:39
# local_time=2014-02-12 09:18:39 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 128193 229772647 0 0
# scanned=135513
# found=0
# cleaned=0
# scan_time=9202
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17147
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-20 05:43:54
# local_time=2014-02-20 05:43:54 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 103467 230407762 0 0
# scanned=130111
# found=0
# cleaned=0
# scan_time=7672
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17265
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-28 04:31:13
# local_time=2014-02-28 04:31:13 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 569399 231137801 0 0
# scanned=130096
# found=0
# cleaned=0
# scan_time=10279
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17558
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-22 03:30:26
# local_time=2014-03-22 03:30:26 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 51797 233034954 0 0
# scanned=131189
# found=0
# cleaned=0
# scan_time=9349
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=17745
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-03 11:27:51
# local_time=2014-04-04 12:27:51 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776573 100 100 9325 234100399 0 0
# scanned=130653
# found=0
# cleaned=0
# scan_time=7205
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=18126
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-04 01:03:34
# local_time=2014-05-04 02:03:34 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=772 16777213 66 79 108281 108375 0 0
# compatibility_mode=5892 16776573 100 100 98086 236698142 0 0
# scanned=128408
# found=0
# cleaned=0
# scan_time=3365
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=19458
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-01 08:19:42
# local_time=2014-08-01 09:19:42 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 7853 38398804 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 269216 244457110 0 0
# scanned=202712
# found=0
# cleaned=0
# scan_time=7406
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=19835
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-25 09:55:50
# local_time=2014-08-25 10:55:50 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 263249 5202035 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 259704 246536478 0 0
# scanned=131452
# found=0
# cleaned=0
# scan_time=3207
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=19847
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-26 12:15:36
# local_time=2014-08-26 01:15:36 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 314835 5253621 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 311290 246588064 0 0
# scanned=131783
# found=0
# cleaned=0
# scan_time=2617
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=20328
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-27 02:32:58
# local_time=2014-09-27 03:32:58 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 6770 8026663 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 5532 249361106 0 0
# scanned=143437
# found=0
# cleaned=0
# scan_time=4895
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=20562
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-12 11:50:14
# local_time=2014-10-13 12:50:14 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 1336206 9356099 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 0 250690542 0 0
# scanned=133283
# found=0
# cleaned=0
# scan_time=3098
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=20634
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-16 08:23:39
# local_time=2014-10-16 09:23:39 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 2934 9689304 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 0 251023747 0 0
# scanned=62753
# found=0
# cleaned=0
# scan_time=1658
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=20939
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-05 01:54:26
# local_time=2014-11-05 01:54:26 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 444921 11393951 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 390007 252728394 0 0
# scanned=131835
# found=0
# cleaned=0
# scan_time=3595
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=21008
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-09 10:14:36
# local_time=2014-11-09 10:14:36 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 96 824131 11769561 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 197124 253104004 0 0
# scanned=148723
# found=0
# cleaned=0
# scan_time=3227
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=21263
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-25 11:20:30
# local_time=2014-11-25 11:20:30 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 162010 254490358 0 0
# scanned=189362
# found=0
# cleaned=0
# scan_time=4396
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=21335
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-30 05:25:50
# local_time=2014-11-30 05:25:50 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 180911 254901078 0 0
# scanned=178446
# found=0
# cleaned=0
# scan_time=4382
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=22452
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-13 10:32:37
# local_time=2015-02-13 10:32:37 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 234092 261356285 0 0
# scanned=134749
# found=0
# cleaned=0
# scan_time=2984
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=23274
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-07 11:22:21
# local_time=2015-04-08 12:22:21 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 9179 265981669 0 0
# scanned=165050
# found=0
# cleaned=0
# scan_time=3492
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2015-06-23 02:17:38
# local_time=2015-06-23 03:17:38 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 24464
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2015-06-23 02:20:31
# local_time=2015-06-23 03:20:31 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=24464
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-23 03:34:02
# local_time=2015-06-23 04:34:02 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 310754 272606370 0 0
# scanned=204357
# found=0
# cleaned=0
# scan_time=4410
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2015-06-27 05:19:14
# local_time=2015-06-27 06:19:14 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 24533
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2015-06-27 05:19:48
# local_time=2015-06-27 06:19:48 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=24533
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-27 06:35:00
# local_time=2015-06-27 07:35:00 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 62931 272962828 0 0
# scanned=198085
# found=0
# cleaned=0
# scan_time=4511
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2015-09-08 10:15:18
# local_time=2015-09-08 11:15:18 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 25657
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2015-09-08 10:17:16
# local_time=2015-09-08 11:17:16 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=25657
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-08 11:06:52
# local_time=2015-09-08 12:06:52 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 325232 279243140 0 0
# scanned=157590
# found=0
# cleaned=0
# scan_time=2975
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2015-11-17 12:13:59
# local_time=2015-11-17 12:13:59 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 26755
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2015-11-17 12:17:51
# local_time=2015-11-17 12:17:51 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=26755
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-17 01:13:34
# local_time=2015-11-17 01:13:34 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 312875 285255542 0 0
# scanned=159558
# found=0
# cleaned=0
# scan_time=3342
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2015-11-27 03:59:22
# local_time=2015-11-27 03:59:22 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 26922
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2015-11-27 04:02:51
# local_time=2015-11-27 04:02:51 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=26922
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-27 05:40:48
# local_time=2015-11-27 05:40:48 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 102852 286135576 0 0
# scanned=158314
# found=0
# cleaned=0
# scan_time=5876
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2015-12-23 06:33:26
# local_time=2015-12-23 06:33:26 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
DLL:pipe not connected. attempts=120
Update Init
Update Download
Update Finalize
Updated modules version: 27336
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2015-12-23 06:51:39
# local_time=2015-12-23 06:51:39 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=27336
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-23 08:44:09
# local_time=2015-12-23 08:44:09 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 69966 288436177 0 0
# scanned=146961
# found=0
# cleaned=0
# scan_time=6749
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2016-02-27 12:00:40
# local_time=2016-02-27 12:00:40 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 28332
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2016-02-27 02:58:41
# local_time=2016-02-27 02:58:41 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=28332
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-27 03:53:38
# local_time=2016-02-27 03:53:38 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=786 16777213 100 98 418459 49572064 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 50670 294121146 0 0
# scanned=156235
# found=0
# cleaned=0
# scan_time=3296
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2016-03-11 12:26:44
# local_time=2016-03-11 12:26:44 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 28524
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2016-03-11 12:30:18
# local_time=2016-03-11 12:30:18 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=28524
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-11 01:23:27
# local_time=2016-03-11 01:23:27 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=786 16777213 100 98 8957 50643053 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 232876 295192135 0 0
# scanned=144305
# found=0
# cleaned=0
# scan_time=3188
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=init
# utc_time=2016-03-13 10:44:28
# local_time=2016-03-13 10:44:28 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 28560
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# end=updated
# utc_time=2016-03-13 10:46:29
# local_time=2016-03-13 10:46:29 (+0000, GMT Standard Time)
# country="United Kingdom"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=248a4aeb50dc944eb1ebd7a4e77799b7
# engine=28560
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-14 12:00:09
# local_time=2016-03-14 12:00:09 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=786 16777213 100 98 124041 50897255 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 212700 295446337 0 0
# scanned=141753
# found=0
# cleaned=0
# scan_time=4419
 



#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 14 March 2016 - 05:57 AM

Everything bad (not malicious) was cleaned and quarantined.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingc...best-practices/
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 17 March 2016 - 09:30 PM

thanks, when you say bad what do you mean



#8 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 17 March 2016 - 09:38 PM

my brother has been on my computer and now keeps locking, can you just take a quick look please

do i run adware cleaner again?



#9 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 18 March 2016 - 05:03 AM

I need to see a fresh FRST and Addition.txt logs.

Run the Farbar tool and make sure the the box to create a new Addition.txt file is marked.

Post both logs for my review.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#10 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 18 March 2016 - 12:09 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Chris (administrator) on DELL-530 (18-03-2016 18:08:16)
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available Profiles: Chris)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
() C:\Program Files\HDD Health\HDDHealthService.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-09] (AVAST Software)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-17] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2014-03-25]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{1C860157-7FDA-473E-B46D-C45B490DF184}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: [DhcpNameServer] 192.168.0.203
Tcpip\..\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-17] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-04] [not signed]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-05-06] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-08] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-17]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-17]

Chrome:
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-15]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [119128 2016-02-17] (AVAST Software)
R2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-17] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-02-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-09] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2014-08-02] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [268424 2016-02-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-02-17] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-23] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [171608 2016-02-17] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67088 2016-02-17] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-17] (AVAST Software)
R3 gttap1; C:\Windows\System32\DRIVERS\gttap1.sys [32552 2013-09-12] (The OpenVPN Project)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 MOSUMAC; C:\Windows\System32\DRIVERS\MOSUMAC.SYS [43520 2009-12-10] (--)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-11-23] (wisecleaner.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-18 18:08 - 2016-03-18 18:08 - 00012941 _____ C:\Users\Chris\Desktop\FRST.txt
2016-03-18 16:22 - 2016-03-18 17:39 - 00014494 _____ C:\Windows\ntbtlog.txt
2016-03-18 03:37 - 2016-03-18 16:19 - 00000000 ____D C:\Users\Chris\Downloads\mg2
2016-03-18 03:36 - 2016-03-18 16:19 - 00000000 ____D C:\Users\Chris\Downloads\mg1
2016-03-18 03:32 - 2016-03-18 03:33 - 02094080 _____ (BitTorrent Inc.) C:\Users\Chris\Downloads\uTorrent.exe
2016-03-18 03:31 - 2016-03-18 03:31 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Chris\Downloads\PeerBlock-Setup_v1.2_r693.exe
2016-03-13 22:43 - 2016-03-13 22:43 - 02870984 _____ (ESET) C:\Users\Chris\Downloads\esetsmartinstaller_enu.exe
2016-03-12 14:53 - 2016-03-12 15:01 - 00000000 ____D C:\Program Files\AdwCleaner
2016-03-12 13:28 - 2016-03-12 13:38 - 00002776 _____ C:\Users\Chris\Desktop\Fixlog.txt
2016-03-12 13:27 - 2016-03-12 13:27 - 01524224 _____ C:\Users\Chris\Desktop\adwcleaner_5.101.exe
2016-03-11 00:22 - 2016-03-18 18:08 - 00000000 ____D C:\FRST
2016-03-11 00:01 - 2016-03-11 00:01 - 02870984 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_enu.exe
2016-03-11 00:00 - 2016-03-11 00:00 - 00897536 _____ C:\Users\Chris\Desktop\RGSA.exe
2016-03-10 23:58 - 2016-03-10 23:58 - 01725440 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe
2016-03-10 14:28 - 2016-03-10 23:59 - 00000000 ____D C:\Users\Chris\Downloads\sp6
2016-03-10 03:14 - 2016-02-19 21:34 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-10 03:14 - 2016-02-06 02:17 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-10 03:14 - 2016-02-06 02:17 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-10 03:14 - 2016-02-06 02:12 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-10 03:14 - 2016-02-06 02:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-10 03:14 - 2016-02-06 02:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-10 03:14 - 2016-02-06 00:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-10 03:14 - 2015-11-20 14:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-10 03:14 - 2015-11-20 14:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-10 03:13 - 2016-02-06 02:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-10 03:13 - 2016-02-06 02:11 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-10 03:13 - 2016-02-06 00:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-10 03:13 - 2016-02-02 15:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-10 03:12 - 2016-02-03 17:06 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-10 03:12 - 2016-02-03 17:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-10 03:12 - 2016-02-03 17:05 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-10 03:01 - 2016-02-04 15:25 - 02068992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 22:02 - 2016-02-09 00:17 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 22:02 - 2016-02-09 00:15 - 12392960 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 22:02 - 2016-02-09 00:13 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 22:02 - 2016-02-09 00:12 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 22:02 - 2016-02-09 00:12 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 22:02 - 2016-02-09 00:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 22:02 - 2016-02-09 00:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-03-09 22:02 - 2016-02-09 00:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 22:02 - 2016-02-09 00:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 22:02 - 2016-02-09 00:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-03-09 22:02 - 2016-02-09 00:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-03-09 22:02 - 2016-02-09 00:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-03-06 17:13 - 2016-03-06 18:54 - 00001041 _____ C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2016-02-27 11:51 - 2016-02-27 11:52 - 00000000 ____D C:\Users\Chris\Downloads\WANNABE
2016-02-27 11:44 - 2016-02-27 11:44 - 00000000 ____D C:\Users\Chris\Downloads\ACTIV
2016-02-24 14:25 - 2016-03-18 16:23 - 00011264 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-17 23:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-17 23:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-17 23:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-17 23:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-17 23:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-17 23:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-17 23:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-17 23:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-17 23:47 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-17 23:47 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-17 23:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-17 23:27 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-17 23:16 - 2016-02-18 01:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-17 20:22 - 2016-02-17 20:23 - 45702448 _____ C:\Users\Chris\Downloads\Firefox Setup 43.0.1.exe
2016-02-17 19:36 - 2016-02-17 19:35 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-17 19:35 - 2016-02-17 19:35 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-18 17:47 - 2012-12-13 19:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-18 17:39 - 2014-06-02 21:10 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2016-03-18 16:23 - 2013-05-06 13:42 - 00000069 _____ C:\Windows\NeroDigital.ini
2016-03-18 16:23 - 2006-11-02 12:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-18 16:22 - 2014-06-02 21:04 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-18 16:22 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-18 16:22 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-18 16:22 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-18 16:21 - 2006-11-02 13:01 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-18 11:11 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files\PeerBlock
2016-03-18 09:46 - 2015-03-30 20:39 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Vso
2016-03-18 04:50 - 2011-12-31 13:09 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2016-03-18 04:50 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf
2016-03-18 04:47 - 2012-03-30 07:47 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-03-18 04:46 - 2012-10-25 15:53 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-18 04:46 - 2012-10-25 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-18 04:46 - 2008-10-23 12:07 - 00000000 ____D C:\Program Files\WinRAR
2016-03-15 03:59 - 2013-07-23 21:29 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2016-03-15 00:10 - 2014-06-02 21:05 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 00:10 - 2014-06-02 21:05 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-10 22:47 - 2012-12-13 19:48 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-10 22:47 - 2012-12-13 19:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-10 03:51 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache
2016-03-10 03:40 - 2006-11-02 10:33 - 00755252 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-10 03:35 - 2016-01-28 13:43 - 03612480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 03:31 - 2006-11-02 12:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-10 03:31 - 2006-11-02 11:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-10 03:09 - 2013-08-14 02:08 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 03:03 - 2006-11-02 10:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-03-09 20:18 - 2014-08-02 21:53 - 00816304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-03-09 20:18 - 2014-08-02 21:53 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-03-06 18:07 - 2011-12-28 14:53 - 00000000 ____D C:\Users\Chris\Documents\ConvertXToDVD
2016-02-24 16:47 - 2016-01-26 13:34 - 00056088 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-24 14:25 - 2012-12-19 18:53 - 00000000 ____D C:\Users\Chris\AppData\Roaming\dvdcss
2016-02-23 19:39 - 2014-08-02 21:53 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-19 10:28 - 2013-10-31 00:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-18 00:08 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-18 00:08 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-17 20:24 - 2013-10-31 00:26 - 00000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-17 20:24 - 2013-10-31 00:26 - 00000806 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-17 19:39 - 2014-08-02 21:53 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-17 19:36 - 2015-09-13 13:11 - 00171608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00067088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-17 19:36 - 2014-08-02 21:53 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-17 19:34 - 2014-08-02 21:53 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-02-17 19:33 - 2014-08-02 21:53 - 00268424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys

==================== Files in the root of some directories =======

2016-03-06 17:13 - 2016-03-06 18:54 - 0001041 _____ () C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2016-02-24 14:25 - 2016-03-18 16:23 - 0011264 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-18 16:29

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by Chris (2016-03-18 18:08:47)
Running from C:\Users\Chris\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2011-02-04 10:32:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3299710142-3868310564-1978959094-500 - Administrator - Disabled)
Chris (S-1-5-21-3299710142-3868310564-1978959094-1001 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-3299710142-3868310564-1978959094-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Internet Security (HKLM\...\Avast) (Version: 11.1.2253 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
ConvertXtoDVD 4.0.9.322 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - )
EasyBCD 1.7 (HKLM\...\EasyBCD) (Version: 1.7 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ffdshow [rev 2180] [2008-10-04] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HDD Health v4.2 (HKLM\...\HDD Health_is1) (Version:  - )
InPlay IPTV (HKLM\...\{4CE87481-C78C-4543-9AA0-2117CD5BF917}) (Version: 4.0.0 - Cobain ltd)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Leawo Video Converter version  5.1.0.0 (HKLM\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{A55747C1-4651-433D-B082-478874FF7516}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MPC-HC 1.7.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Lite 7.10.1.2 (HKLM\...\Nero7Lite_is1) (Version: 7.10.1.2 - UpdatePack.nl)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
SafeZone Stable 1.48.2066.44 (Version: 1.48.2066.44 - Avast Software) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skitch (HKLM\...\Skitch 1.0.2.0) (Version: 2.2.0.4 - Evernote Corp.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.2.2 - Addpcs, LLC)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wise Care 365 3.95 (HKLM\...\Wise Care 365_is1) (Version: 3.95 - WiseCleaner.com, Inc.)
YouTube Downloader App 3.00 (HKLM\...\YouTube Downloader App) (Version: 3.00 - Regensoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E8A34C-9F61-46D8-9845-A9A333189C63} - System32\Tasks\SafeZone scheduled Autoupdate 1449186754 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {6092D648-6209-4D6F-9B67-908F6DA777DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {677CD573-8156-4B83-8781-B7646D6B0415} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {85281012-34B8-4BAA-9EF3-93B5EA5F07FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8A6403D3-82D2-4E66-8DBE-0E6A1517755E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A54D19FC-F66A-4A61-A70A-ACA7AD2C0A44} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-17] (AVAST Software)
Task: {C0BB004D-9824-4D0E-9F70-09C1D3B6DBDB} - System32\Tasks\WiseCleaner\AidSkipUAC => C:\Program Files\Wise\Wise PC 1stAid\WisePCAid.exe [2015-08-21] (WiseCleaner.com)
Task: {DC0B49E4-3258-40BE-81A6-B40E45F2E425} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 17:32 - 2016-02-17 19:35 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-20 17:32 - 2016-02-17 19:34 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-18 15:34 - 2016-03-18 15:34 - 02856960 _____ () C:\Program Files\AVAST Software\Avast\defs\16031801\algo.dll
2015-12-03 23:36 - 2016-02-17 19:35 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-03-25 05:27 - 2013-03-08 09:54 - 00017760 _____ () C:\Program Files\HDD Health\HDDHealthService.exe
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-03-14 02:20 - 2015-12-03 23:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-26 07:44 - 2015-08-26 07:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5317 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-01-28 15:22 - 2016-01-29 01:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{F4CFD83A-D58B-4331-9FC7-226F9784CDC4}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{12BEC677-E9D6-44B9-BABE-F2063712476A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{63B46E60-3403-4499-A84A-2E131052042D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{CB3C9927-8511-4003-A2F9-0F8653F9F993}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{89F6D647-8024-4E1F-8497-2A7AE8708831}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B0445748-C9F0-4B94-BC0C-0FE10A3A055B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BCB8D66D-EAE0-4619-B7B9-76176D0CC46B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{7B0956BD-F3D2-483D-B46D-8A8571258DC6}] => (Allow) LPort=80
FirewallRules: [{8AB470CC-8166-471A-8F5F-8CF24CBF9CE7}] => (Allow) LPort=80
FirewallRules: [{E72885C9-C635-4DBF-9775-C607C77F0F91}] => (Allow) LPort=80
FirewallRules: [{B39663AA-5F65-4E60-BA29-084F880A6533}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-03-2016 13:28:54 Restore Point Created by FRST
14-03-2016 00:58:56 Scheduled Checkpoint
15-03-2016 00:00:01 Scheduled Checkpoint
18-03-2016 04:40:25 Windows Update
18-03-2016 16:52:47 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2016 10:52:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application vlc.exe, version 2.2.1.0, time stamp 0x00000004, faulting module libqt4_plugin.dll, version 2.2.1.0, time stamp 0x00020002, exception code 0x40000015, fault offset 0x007ca10a,
process id 0x1030, application start time 0xvlc.exe0.

Error: (03/12/2016 01:29:54 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\TWEY4IXW.DEFAULT-1447721945575\SAFEBROWSING-BACKUP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\RARBG.COM.NFO> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\4 SAMIA DUARTE, VALENTINA NAPPI, SAMANTHA BENTLEY.MP4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\3 ROSELLA VISOCNTI, JENNY SMART.MP4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 02:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application vlc.exe, version 2.2.1.0, time stamp 0x00000004, faulting module libqt4_plugin.dll, version 2.2.1.0, time stamp 0x00020002, exception code 0x40000015, fault offset 0x007ca10a,
process id 0x14dc, application start time 0xvlc.exe0.

Error: (03/10/2016 03:09:21 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/10/2016 03:09:21 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/02/2016 06:33:18 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (03/02/2016 06:33:16 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.


System errors:
=============
Error: (03/12/2016 03:01:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Player Network Sharing Service1300001Restart the service

Error: (03/12/2016 03:01:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: RealNetworks Downloader Resolver Service1

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: MBAMService1

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: MBAMScheduler1

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: HDDHealth1

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Center Scheduler Service1100001Restart the service

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Center Receiver Service1100001Restart the service

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Andrea RT Filters Service1

Error: (03/12/2016 03:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Adobe Acrobat Update Service1


CodeIntegrity:
===================================
  Date: 2016-03-18 17:39:46.283
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:46.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:45.628
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:45.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:45.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:44.739
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:43.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:43.585
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:43.319
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 17:39:43.054
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 52%
Total physical RAM: 3060.45 MB
Available physical RAM: 1465.79 MB
Total Virtual: 6347.9 MB
Available Virtual: 4485.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.32 GB) (Free:198.68 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.88 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 5ED7C68A)
Partition 1: (Active) - (Size=288.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#11 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 18 March 2016 - 12:22 PM

my brother has been on my computer and now keeps locking,
Nothing suspicious was found in the logs.

What problem exactly are you experiencing and what are you doing at the time.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#12 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 18 March 2016 - 12:23 PM

just really slow and freezing when online



#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 19 March 2016 - 08:52 AM

Check your RAM.

http://www.howtogeek...iagnostic-tool/

===

If the problem persists.

Please Download and run the ComboFix tool.

How to use ComboFix
http://www.bleepingc...to-use-combofix

Follow the instructions on the page.

Post the content of the C:\ComboFix.txt file for my review.

p.s.
When all is well you can remove the tool by following the Uninstall instructions on the same page.

====
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#14 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 25 March 2016 - 05:45 PM

SORRY FOR DELAY

firefox keeps freezing and so does computer

I got a message saying new update to MBAM and i got Blue screen of death when  downloading

 

IRQL_NOT_LESS_OR_EQUAL it said amonst other things



#15 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 25 March 2016 - 06:46 PM

memory is fine

 

got an error message during combofix  about unable to scan sytsem file

 

ComboFix 16-03-19.01 - Chris 26/03/2016   0:26.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.44.1033.18.3060.1212 [GMT 0:00]
Running from: c:\users\Chris\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
(((((((((((((((((((((((((   Files Created from 2016-02-26 to 2016-03-26  )))))))))))))))))))))))))))))))
.
.
2016-03-26 00:34 . 2016-03-26 00:38    --------    d-----w-    c:\users\Chris\AppData\Local\temp
2016-03-26 00:34 . 2016-03-26 00:34    --------    d-----w-    c:\users\Public\AppData\Local\temp
2016-03-26 00:34 . 2016-03-26 00:34    --------    d-----w-    c:\users\Default\AppData\Local\temp
2016-03-25 18:07 . 2016-02-19 01:31    9067696    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{55CF31CB-CEE1-4568-92D2-9F787EC80B6E}\mpengine.dll
2016-03-12 14:53 . 2016-03-12 15:01    --------    d-----w-    c:\program files\AdwCleaner
2016-03-11 00:22 . 2016-03-18 18:09    --------    d-----w-    C:\FRST
2016-03-10 03:13 . 2016-02-06 02:12    19968    ----a-w-    c:\windows\system32\seclogon.dll
2016-03-10 03:13 . 2016-02-06 02:11    34304    ----a-w-    c:\windows\system32\atmlib.dll
2016-03-10 03:13 . 2016-02-06 00:33    297472    ----a-w-    c:\windows\system32\atmfd.dll
2016-03-10 03:13 . 2016-02-06 02:12    707584    ----a-w-    c:\program files\Common Files\System\wab32.dll
2016-03-10 03:13 . 2016-02-06 02:12    41984    ----a-w-    c:\program files\Windows Mail\wabimp.dll
2016-03-10 03:13 . 2016-02-06 02:12    33280    ----a-w-    c:\program files\Windows Mail\wabfind.dll
2016-03-10 03:13 . 2016-02-06 00:37    65536    ----a-w-    c:\program files\Windows Mail\wabmig.exe
2016-03-10 03:13 . 2016-02-06 00:37    515584    ----a-w-    c:\program files\Windows Mail\wab.exe
2016-03-10 03:12 . 2016-02-03 17:06    89600    ----a-w-    c:\windows\system32\olepro32.dll
2016-03-10 03:12 . 2016-02-03 17:06    564736    ----a-w-    c:\windows\system32\oleaut32.dll
2016-03-10 03:12 . 2016-02-03 17:05    67072    ----a-w-    c:\windows\system32\asycfilt.dll
2016-03-10 03:01 . 2016-02-04 15:25    2068992    ----a-w-    c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-26 00:37 . 2014-06-02 21:10    170200    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2016-03-24 10:47 . 2012-12-13 19:48    797376    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2016-03-24 10:47 . 2012-12-13 19:48    142528    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2016-03-09 20:18 . 2014-08-02 21:53    816304    ----a-w-    c:\windows\system32\drivers\aswsnx.sys
2016-03-09 20:18 . 2014-08-02 21:53    91168    ----a-w-    c:\windows\system32\drivers\aswmonflt.sys
2016-02-23 19:39 . 2014-08-02 21:53    447848    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2016-02-17 19:39 . 2014-08-02 21:53    221240    ----a-w-    c:\windows\system32\drivers\aswvmm.sys
2016-02-17 19:36 . 2015-09-13 13:11    171608    ----a-w-    c:\windows\system32\drivers\aswStmXP.sys
2016-02-17 19:36 . 2014-08-02 21:53    67088    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2016-02-17 19:36 . 2014-08-02 21:53    58776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2016-02-17 19:36 . 2014-08-02 21:53    32792    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2016-02-17 19:36 . 2014-08-02 21:53    64272    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2016-02-17 19:35 . 2016-02-17 19:36    334280    ----a-w-    c:\windows\system32\aswBoot.exe
2016-02-17 19:35 . 2016-02-17 19:35    52184    ----a-w-    c:\windows\avastSS.scr
2016-02-17 19:34 . 2014-08-02 21:53    35096    ----a-w-    c:\windows\system32\drivers\aswKbd.sys
2016-02-17 19:33 . 2014-08-02 21:53    268424    ----a-w-    c:\windows\system32\drivers\aswNdis2.sys
2016-02-04 23:13 . 2016-02-04 23:13    875720    ----a-w-    c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 23:13 . 2016-02-04 23:13    536776    ----a-w-    c:\windows\system32\msvcp120_clr0400.dll
2016-01-30 03:09 . 2016-02-17 23:49    324608    ----a-w-    c:\windows\system32\sdohlp.dll
2016-01-30 03:09 . 2016-02-17 23:49    323072    ----a-w-    c:\windows\system32\sbe.dll
2016-01-30 03:09 . 2016-02-17 23:49    153088    ----a-w-    c:\windows\system32\sbeio.dll
2016-01-30 03:09 . 2016-02-17 23:49    429056    ----a-w-    c:\windows\system32\EncDec.dll
2016-01-30 03:09 . 2016-02-17 23:49    293376    ----a-w-    c:\windows\system32\psisdecd.dll
2016-01-30 03:09 . 2016-02-17 23:49    217600    ----a-w-    c:\windows\system32\psisrndr.ax
2016-01-30 03:09 . 2016-02-17 23:47    1316864    ----a-w-    c:\windows\system32\ole32.dll
2016-01-30 03:08 . 2016-02-17 23:49    107520    ----a-w-    c:\windows\system32\mtxoci.dll
2016-01-30 03:08 . 2016-02-17 23:49    80896    ----a-w-    c:\windows\system32\MSNP.ax
2016-01-30 03:08 . 2016-02-17 23:49    180224    ----a-w-    c:\windows\system32\msorcl32.dll
2016-01-30 03:08 . 2016-02-17 23:49    57856    ----a-w-    c:\windows\system32\MSDvbNP.ax
2016-01-30 03:08 . 2016-02-17 23:49    69632    ----a-w-    c:\windows\system32\Mpeg2Data.ax
2016-01-30 03:08 . 2016-02-17 23:49    48128    ----a-w-    c:\windows\system32\iasdatastore.dll
2016-01-30 03:08 . 2016-02-17 23:49    57344    ----a-w-    c:\windows\system32\iasads.dll
2016-01-30 03:08 . 2016-02-17 23:49    119296    ----a-w-    c:\windows\system32\iasrecst.dll
2016-01-30 01:32 . 2016-02-17 23:49    17408    ----a-w-    c:\windows\system32\iashost.exe
2016-01-28 21:33 . 2013-06-02 11:53    24688    ----a-w-    c:\windows\system32\drivers\TrueSight.sys
2016-01-09 17:06 . 2016-02-17 23:27    501760    ----a-w-    c:\windows\system32\kerberos.dll
2016-01-07 15:18 . 2016-02-17 23:33    115200    ----a-w-    c:\windows\system32\drivers\mrxdav.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-17 19:35    770088    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-12-08 6602152]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-03-23 7139256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HDDHealth.lnk - c:\program files\HDD Health\hddhealth.exe [2014-3-25 3246944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-15 00:00    1106072    ----a-w-    c:\program files\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2016-03-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-13 10:47]
.
2016-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-06-02 01:54]
.
2016-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-06-02 01:54]
.
2016-03-26 c:\windows\Tasks\Wise Care 365.job
- c:\program files\Wise\Wise Care 365\WiseTray.exe [2015-11-23 15:04]
.
2016-03-25 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files\Wise\Wise Care 365\WiseTurbo.exe [2015-11-23 14:22]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575\
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-03-26 00:37
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
   34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
   8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:e8,16,bc,d7,82,28,d1,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\AVAST Software\Avast\afwServ.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\ehome\ehsched.exe
c:\program files\HDD Health\HDDHealthService.exe
c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes Anti-Malware\mbamservice.exe
c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files\Malwarebytes Anti-Malware\mbam.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2016-03-26  00:44:36 - machine was rebooted
ComboFix-quarantined-files.txt  2016-03-26 00:44
.
Pre-Run: 213,054,193,664 bytes free
Post-Run: 212,933,193,728 bytes free
.
- - End Of File - - 59FFC8E1582FBC5BA530460862CD9592
5C616939100B85E558DA92B899A0FC36
 



#16 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 26 March 2016 - 05:54 AM

The error may be caused by a bad or wrong version of a Driver.

Navigate to this page.
http://secunia.com/v...nning/personal/

Download and install the Secunia PSI.

Run the application and updates all the programs/drivers that needs to be updated.

===
p.s.

Secunia will start looking for new updates every time you boot the system.
This is an overkill. When all is well you can remove it using the Add/Remove programs applet.
===

If the problem persists then run this scan

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#17 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 26 March 2016 - 03:55 PM

OK i have done all that

am I good now?



#18 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 26 March 2016 - 03:57 PM

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Chris (administrator) on 26-03-2016 at 21:56:16
Running from "C:\Users\Chris\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Model: Inspiron 530 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================

Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset



popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : DELL-530
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : GoTrusted Adapter
   Physical Address. . . . . . . . . : 00-FF-79-3E-D1-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection
   Physical Address. . . . . . . . . : 00-1E-C9-82-BA-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3010:def5:a2ad:9e00%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 26 March 2016 03:20:02
   Lease Expires . . . . . . . . . . : 27 March 2016 15:20:07
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 251666121
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-DD-8D-BF-00-1E-C9-82-BA-AF
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       0.0.0.0
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{C010AF49-0C76-4353-BB35-19AE24C74C4F}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5cf2:8410:2492:e7c:3f57:fefd(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2492:e7c:3f57:fefd%10(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2a00:1450:4009:810::200e
      216.58.213.142



Pinging google.com [216.58.213.142] with 32 bytes of data:

General failure.

Reply from 216.58.213.142: bytes=32 time=32ms TTL=55



Ping statistics for 216.58.213.142:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 32ms, Maximum = 32ms, Average = 32ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      98.139.183.24
      206.190.36.45
      98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

General failure.

Reply from 206.190.36.45: bytes=32 time=187ms TTL=51



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 187ms, Maximum = 187ms, Average = 187ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 13 ...00 ff 79 3e d1 cd ...... GoTrusted Adapter
 11 ...00 1e c9 82 ba af ...... Intel® 82562V 10/100 Network Connection
  1 ........................... Software Loopback Interface 1
 15 ...00 00 00 00 00 00 00 e0  isatap.{C010AF49-0C76-4353-BB35-19AE24C74C4F}
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 24 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 10     18 2001::/32                On-link
 10    266 2001:0:5cf2:8410:2492:e7c:3f57:fefd/128
                                    On-link
 11    276 fe80::/64                On-link
 10    266 fe80::/64                On-link
 10    266 fe80::2492:e7c:3f57:fefd/128
                                    On-link
 11    276 fe80::3010:def5:a2ad:9e00/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/25/2016 11:32:41 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 44.0.2.5884 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1510
Start Time: 01d1814304790655
Termination Time: 322

Error: (03/13/2016 10:52:34 PM) (Source: Application Error) (User: )
Description: Faulting application vlc.exe, version 2.2.1.0, time stamp 0x00000004, faulting module libqt4_plugin.dll, version 2.2.1.0, time stamp 0x00020002, exception code 0x40000015, fault offset 0x007ca10a,
process id 0x1030, application start time 0xvlc.exe0.

Error: (03/12/2016 01:29:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\TWEY4IXW.DEFAULT-1447721945575\SAFEBROWSING-BACKUP> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\RARBG.COM.NFO> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\4 SAMIA DUARTE, VALENTINA NAPPI, SAMANTHA BENTLEY.MP4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\3 ROSELLA VISOCNTI, JENNY SMART.MP4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/10/2016 02:31:05 PM) (Source: Application Error) (User: )
Description: Faulting application vlc.exe, version 2.2.1.0, time stamp 0x00000004, faulting module libqt4_plugin.dll, version 2.2.1.0, time stamp 0x00020002, exception code 0x40000015, fault offset 0x007ca10a,
process id 0x14dc, application start time 0xvlc.exe0.

Error: (03/10/2016 03:09:21 AM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/10/2016 03:09:21 AM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/02/2016 06:33:18 PM) (Source: MsiInstaller) (User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.


System errors:
=============
Error: (03/26/2016 09:32:03 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/26/2016 09:32:03 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (03/26/2016 09:32:02 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (03/26/2016 12:34:27 AM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (03/26/2016 12:34:11 AM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (03/26/2016 12:30:51 AM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (03/26/2016 12:26:27 AM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (03/26/2016 12:26:24 AM) (Source: Service Control Manager) (User: )
Description: HDDHealth1

Error: (03/25/2016 11:36:19 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 23:33:29 on 25/03/2016 was unexpected.

Error: (03/19/2016 07:37:06 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}


Microsoft Office Sessions:
=========================
Error: (03/25/2016 11:32:41 PM) (Source: Application Hang)(User: )
Description: firefox.exe44.0.2.5884151001d1814304790655322

Error: (03/13/2016 10:52:34 PM) (Source: Application Error)(User: )
Description: vlc.exe2.2.1.000000004libqt4_plugin.dll2.2.1.00002000240000015007ca10a103001d17d7abfede2ee

Error: (03/12/2016 01:29:54 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\TWEY4IXW.DEFAULT-1447721945575\SAFEBROWSING-BACKUP

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\RARBG.COM.NFO

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\4 SAMIA DUARTE, VALENTINA NAPPI, SAMANTHA BENTLEY.MP4

Error: (03/10/2016 09:53:21 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\DOWNLOADS\ROCCO'S ITALIAN PORN BOOT CAMP 2 2016 WEB-DL 540P SPLIT SCENES MP4-RARBG\3 ROSELLA VISOCNTI, JENNY SMART.MP4

Error: (03/10/2016 02:31:05 PM) (Source: Application Error)(User: )
Description: vlc.exe2.2.1.000000004libqt4_plugin.dll2.2.1.00002000240000015007ca10a14dc01d17ad933b9c98a

Error: (03/10/2016 03:09:21 AM) (Source: Perflib)(User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/10/2016 03:09:21 AM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/02/2016 06:33:18 PM) (Source: MsiInstaller)(User: DELL-530)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2016-03-26 21:40:51.018
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:40:50.746
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:40:50.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:40:50.177
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:40:49.880
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:40:49.569
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:37:04.515
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:37:04.040
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:37:03.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-26 21:37:03.268
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


**** End of log ****
 



#19 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 27 March 2016 - 06:05 AM

Is Firefox still an issue?

Error: (03/25/2016 11:32:41 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 44.0.2.5884 stopped interacting with Windows and was closed.
To see if more information about the problem is available, check the problem history in the Problem Reports and
Solutions control panel.


Check it out.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#20 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 27 March 2016 - 08:27 PM

its crashes every now and again yes



#21 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 28 March 2016 - 05:47 AM

Download and run this uninstaller.
http://www.revounins...e_download.html

Remove everything associated with Firefox.

Restart the computer normally.


Reinstall the browser from this site.
https://www.mozilla....US/firefox/new/

How is it now?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#22 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 28 March 2016 - 06:15 PM

i give it a day or so and let you know?



#23 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 30 March 2016 - 10:21 AM

was on something that uised basic graphics and get freezing



#24 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 30 March 2016 - 11:47 AM

Navigate to this page.
http://secunia.com/v...nning/personal/

Download and install the Secunia PSI.

Run the application and updates all the programs/drivers that needs to be updated.

===
p.s.

Secunia will start looking for new updates every time you boot the system.
This is an overkill. When all is well you can remove it using the Add/Remove programs applet.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#25 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 01 April 2016 - 02:14 PM

got an error message about shock player being unresposive?



#26 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 02 April 2016 - 05:50 AM

Do you get this error on all the browsers?


Check if you have the latest version.

https://get.adobe.com/flashplayer/
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#27 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 April 2016 - 05:39 AM

yep sorted thanks



#28 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 03 April 2016 - 05:41 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingc...best-practices/
===
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#29 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 April 2016 - 03:09 PM

thanks

can i delete everything now?



#30 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 04 April 2016 - 05:27 AM

I would keep the Farbar and the AdwCleaner tools.

Use Farbar to report any future problems.

Run the AdwCleaner after installing new programs to ensure you to not get anything that you did not ask for.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#31 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 05 April 2016 - 06:51 AM

thank you for all your help



#32 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 05 April 2016 - 08:29 AM

do i just run adaware and delete if ever finds anything?



#33 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 05 April 2016 - 09:35 AM

yes, unless you installed the application and all is well.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#34 burns2092

burns2092

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 07 April 2016 - 08:49 AM

thasnk you for all your time



#35 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,278 posts

Posted 23 April 2016 - 05:26 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button