Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My sons computer is a mess! [Closed]


  • This topic is locked This topic is locked

#1
swetnich

swetnich

    Member

  • Member
  • PipPip
  • 86 posts

Hi there, My son plays computer games and his computer is a mess. He has a ton of pop ups and his internet explorer disappeared completely. I tried to re download it but it will not let me saying that it is already downloaded but I can not find it anywhere. The computer is very slow. The pop ups are just crazy. I appreciate any help you can give us. You guys helped me out with my computer and it is running great! 


  • 0

Advertisements


#2
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts
OTL logfile created on: 12/5/2014 10:30:50 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tyler\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.17 Gb Total Physical Memory | 0.09 Gb Available Physical Memory | 2.86% Memory free
6.33 Gb Paging File | 1.70 Gb Available in Paging File | 26.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.11 Gb Total Space | 162.15 Gb Free Space | 69.86% Space Free | Partition Type: NTFS
 
Computer Name: TYLER-PC | User Name: Tyler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/05 22:30:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tyler\Downloads\OTL.exe
PRC - [2014/10/23 20:52:27 | 000,176,552 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
PRC - [2014/10/21 23:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/02/11 20:45:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/08/01 19:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/29 23:31:25 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/12/14 17:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2011/12/14 17:53:44 | 000,303,360 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2011/11/09 18:38:04 | 000,132,768 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IPROSetMonitor.exe
PRC - [2011/07/01 14:28:34 | 001,131,520 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
PRC - [2011/05/27 18:39:28 | 002,605,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
PRC - [2011/05/27 18:39:18 | 000,214,384 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
PRC - [2010/11/06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 00:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/10/04 13:38:08 | 002,697,832 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe
PRC - [2010/10/01 17:55:28 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2010/09/15 12:14:36 | 000,057,168 | ---- | M] (UPEK Inc.) -- C:\Program Files\Common Files\SPBA\upeksvr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/03/29 14:37:13 | 000,079,224 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008/03/29 14:37:02 | 000,144,760 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008/03/29 14:36:22 | 000,247,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008/03/29 14:30:47 | 000,345,464 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008/03/29 14:11:18 | 000,017,272 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/05 19:17:22 | 000,967,168 | ---- | M] () -- C:\Users\Tyler\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_L_A4\1.7.10-OptiFine_L_A4-natives-10308276039657\twitchsdk.dll
MOD - [2014/12/05 19:17:22 | 000,394,810 | ---- | M] () -- C:\Users\Tyler\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_L_A4\1.7.10-OptiFine_L_A4-natives-10308276039657\libmp3lame-ttv.dll
MOD - [2014/12/05 19:17:22 | 000,390,144 | ---- | M] () -- C:\Users\Tyler\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_L_A4\1.7.10-OptiFine_L_A4-natives-10308276039657\OpenAL32.dll
MOD - [2014/12/05 19:17:22 | 000,298,496 | ---- | M] () -- C:\Users\Tyler\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_L_A4\1.7.10-OptiFine_L_A4-natives-10308276039657\lwjgl.dll
MOD - [2014/12/05 19:17:22 | 000,246,332 | ---- | M] () -- C:\Users\Tyler\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_L_A4\1.7.10-OptiFine_L_A4-natives-10308276039657\avutil-ttv-51.dll
MOD - [2014/12/05 19:17:22 | 000,113,171 | ---- | M] () -- C:\Users\Tyler\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_L_A4\1.7.10-OptiFine_L_A4-natives-10308276039657\swresample-ttv-0.dll
MOD - [2014/11/12 19:39:34 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\82fb26570c888a04480408d950d9b016\IAStorUtil.ni.dll
MOD - [2014/11/12 18:44:56 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll
MOD - [2014/10/21 23:05:00 | 014,902,600 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
MOD - [2014/10/21 23:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014/10/21 23:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014/10/21 23:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014/10/21 23:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014/10/17 15:46:07 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/17 15:45:56 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/17 15:45:44 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/17 15:45:38 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/17 15:45:24 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/17 15:45:20 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/13 02:32:37 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\f473a3fb0073a13849f5206103f64a99\IAStorCommon.ni.dll
MOD - [2014/09/13 02:27:44 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2011/12/14 17:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2011/12/14 10:43:04 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2011/06/10 13:49:32 | 013,906,944 | ---- | M] () -- C:\Windows\System32\ig4icd32.dll
MOD - [2011/06/10 13:36:34 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/11/28 22:16:06 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/18 15:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/11/05 21:59:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/02/11 21:27:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/26 23:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/12/14 17:53:44 | 000,303,360 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100v2)
SRV - [2011/11/09 18:38:04 | 000,132,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\IPROSetMonitor.exe -- (Intel®
SRV - [2011/07/01 14:28:34 | 001,131,520 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe -- (Wave Authentication Manager Service)
SRV - [2011/05/27 18:39:28 | 002,605,424 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2011/05/24 16:13:38 | 001,508,232 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2011/02/17 10:08:52 | 001,633,280 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2010/11/06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/03/29 14:37:02 | 000,144,760 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008/03/29 14:36:22 | 000,247,160 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008/03/29 14:30:47 | 000,345,464 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008/03/29 14:11:18 | 000,017,272 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2014/11/26 13:43:47 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2013/10/01 19:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/08/23 09:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/10 22:43:26 | 000,358,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1c6232.sys -- (e1cexpress)
DRV - [2011/12/12 17:42:00 | 001,093,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2011/07/22 10:35:16 | 000,021,472 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2010/11/20 16:29:03 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netvsc60.sys -- (netvsc)
DRV - [2010/11/20 16:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 16:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 16:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 16:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 16:29:03 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusVideoM.sys -- (SynthVid)
DRV - [2010/11/20 16:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 16:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/15 04:27:18 | 000,269,824 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010/10/04 13:38:20 | 002,749,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTDVHDA.sys -- (IntcAzAudAddService)
DRV - [2010/07/21 14:13:40 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/03/29 14:35:49 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/03/29 14:32:42 | 000,050,768 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2008/03/29 14:31:34 | 000,075,856 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2008/03/29 14:29:08 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008/03/29 14:27:33 | 000,042,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {C8ECA1B2-129E-4EC0-AABB-FBFCFECD0E91}
IE - HKLM\..\SearchScopes\{C8ECA1B2-129E-4EC0-AABB-FBFCFECD0E91}: "URL" = http://www.bing.com/...IE9TR&pc=MDDRJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13-comm.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{370B453C-D487-4F85-B706-792C98B2BB1A}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52104;https=127.0.0.1:52104
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: Color Icons for Gmail = C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioomoieildjihcajfoobhhiecjkmfn\235\
 
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_4545F8CD8D4F27E1A21B4718264FF5F7] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{384E15F0-F970-4372-A793-A8E161BE845A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5EC38C4-E170-4834-9CD3-A7193D4EDF0E}: DhcpNameServer = 65.32.5.111 65.32.5.112
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{81e4a370-9392-11e3-9961-1803733d8cf5}\Shell - "" = AutoRun
O33 - MountPoints2\{81e4a370-9392-11e3-9961-1803733d8cf5}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/26 13:37:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/26 13:30:40 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/11/26 13:24:36 | 000,000,000 | ---D | C] -- C:\FRST
[2014/11/22 12:08:54 | 000,000,000 | ---D | C] -- C:\Users\Tyler\AppData\Roaming\BANDISOFT
[2014/11/22 12:08:35 | 000,000,000 | ---D | C] -- C:\Users\Tyler\Documents\Bandicam
[2014/11/17 17:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\LizardSales
[2014/11/17 17:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\WWE
[2014/11/12 18:52:53 | 000,000,000 | -HSD | C] -- C:\Users\Tyler\AppData\Local\EmieBrowserModeList
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/05 22:36:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\CIMT_S-1-5-21-2040279239-802615254-577133662-1001.job
[2014/12/05 22:16:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/05 21:45:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/05 19:16:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/05 16:33:11 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/05 16:33:11 | 000,031,312 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/05 16:26:07 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/05 16:25:38 | 2548,862,976 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/26 18:55:28 | 000,662,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/11/26 18:55:28 | 000,122,252 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/11/26 14:02:23 | 000,000,324 | ---- | M] () -- C:\Users\Tyler\Desktop\Ie.reg
[2014/11/26 14:02:09 | 000,000,324 | ---- | M] () -- C:\Users\Tyler\Documents\Ie.reg
[2014/11/26 13:43:47 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/17 17:27:37 | 000,002,259 | ---- | M] () -- C:\Users\Tyler\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/11/17 17:27:37 | 000,002,082 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/12 18:43:59 | 000,407,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2014/11/26 14:02:22 | 000,000,324 | ---- | C] () -- C:\Users\Tyler\Desktop\Ie.reg
[2014/11/26 14:02:09 | 000,000,324 | ---- | C] () -- C:\Users\Tyler\Documents\Ie.reg
[2014/11/25 20:57:11 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\CIMT_S-1-5-21-2040279239-802615254-577133662-1001.job
[2014/11/17 17:17:46 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2014/04/20 16:07:12 | 000,000,044 | ---- | C] () -- C:\Users\Tyler\jagex_cl_runescape_LIVE.dat
[2014/04/20 16:07:12 | 000,000,024 | ---- | C] () -- C:\Users\Tyler\random.dat
[2014/04/20 16:07:09 | 000,000,023 | ---- | C] () -- C:\Users\Tyler\jagexappletviewer.preferences
[2014/02/16 23:12:43 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 16:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/12/05 22:01:13 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\.minecraft
[2014/11/22 12:08:54 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\BANDISOFT
[2014/10/24 19:35:21 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\java
[2014/07/21 23:50:58 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\Oracle
 
========== Purity Check ==========
 
 
 
< End of report >

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, I would like to use a different scanner as it will reveal more, then we can clear it up

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#4
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2014 01
Ran by Tyler (administrator) on TYLER-PC on 06-12-2014 11:11:58
Running from C:\Users\Tyler\Downloads
Loaded Profile: Tyler (Available profiles: Tyler)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALWIL Software) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashServ.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe [2697832 2010-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [214384 2011-05-27] (Wave Systems Corp.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM\...\Run: [avast!] => C:\Program Files\Alwil Software\Avast4\ashDisp.exe [79224 2008-03-29] (ALWIL Software)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-2040279239-802615254-577133662-1001\...\MountPoints2: {81e4a370-9392-11e3-9961-1803733d8cf5} - "E:\WD SmartWare.exe" autoplay=true
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081
ProxyServer: [S-1-5-21-2040279239-802615254-577133662-1001] => http=127.0.0.1:52104;https=127.0.0.1:52104
HKU\S-1-5-21-2040279239-802615254-577133662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2040279239-802615254-577133662-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13-comm.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2040279239-802615254-577133662-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-2040279239-802615254-577133662-1001 -> {370B453C-D487-4F85-B706-792C98B2BB1A} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2040279239-802615254-577133662-1001 -> {C8ECA1B2-129E-4EC0-AABB-FBFCFECD0E91} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

FireFox:
========
FF ProfilePath: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\wd4uwldd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Color Icons for Gmail) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioomoieildjihcajfoobhhiecjkmfn [2014-11-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswUpdSv; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [17272 2008-03-29] (ALWIL Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [144760 2008-03-29] (ALWIL Software)
R3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [247160 2008-03-29] (ALWIL Software)
R3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [345464 2008-03-29] (ALWIL Software)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation)
S3 SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [1508232 2011-05-24] (Wave Systems Corp.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1633280 2011-02-17] () [File not signed]
R2 TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2605424 2011-05-27] (Wave Systems Corp.)
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1131520 2011-07-01] (Wave Systems Corp.) [File not signed]
R2 WSWNDA3100v2; C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswFsBlk; C:\Windows\System32\DRIVERS\aswFsBlk.sys [20560 2008-03-29] (ALWIL Software)
R2 aswMonFlt; C:\Windows\System32\DRIVERS\aswMonFlt.sys [50768 2008-03-29] (ALWIL Software)
R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23152 2008-03-29] (ALWIL Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [75856 2008-03-29] (ALWIL Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [42912 2008-03-29] (ALWIL Software)
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1093888 2011-12-12] (Broadcom Corporation)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [358224 2012-08-10] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHDA.sys [2749416 2010-10-04] (Realtek Semiconductor Corp.)
S3 netvsc; C:\Windows\System32\DRIVERS\netvsc60.sys [126464 2010-11-20] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2010-07-21] (Dell Inc)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows ® Win 7 DDK provider)
S3 SynthVid; C:\Windows\System32\DRIVERS\VMBusVideoM.sys [19456 2010-11-20] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 11:11 - 2014-12-06 11:12 - 00012495 _____ () C:\Users\Tyler\Downloads\FRST.txt
2014-12-06 11:11 - 2014-12-06 11:11 - 01110528 _____ (Farbar) C:\Users\Tyler\Downloads\FRST.exe
2014-12-05 22:54 - 2014-12-05 22:54 - 00000000 ____D () C:\Users\Tyler\AppData\Local\Macromedia
2014-12-05 22:52 - 2014-12-05 22:53 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Mozilla
2014-12-05 22:52 - 2014-12-05 22:53 - 00000000 ____D () C:\Users\Tyler\AppData\Local\Mozilla
2014-12-05 22:52 - 2014-12-05 22:52 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-05 22:52 - 2014-12-05 22:52 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-05 22:52 - 2014-12-05 22:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-05 22:52 - 2014-12-05 22:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-05 22:52 - 2014-12-05 22:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-05 22:50 - 2014-12-05 22:50 - 00244104 _____ () C:\Users\Tyler\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 22:48 - 2014-12-05 22:48 - 29720784 _____ (Microsoft Corporation) C:\Users\Tyler\Downloads\IE11-Windows6.1-x86-en-us.exe
2014-12-05 22:38 - 2014-12-05 22:38 - 00059048 _____ () C:\Users\Tyler\Downloads\Extras.Txt
2014-12-05 22:38 - 2014-12-05 22:38 - 00054126 _____ () C:\Users\Tyler\Downloads\OTL.Txt
2014-12-05 22:30 - 2014-12-05 22:30 - 00602112 _____ (OldTimer Tools) C:\Users\Tyler\Downloads\OTL.exe
2014-11-26 21:48 - 2014-11-26 21:48 - 01037952 _____ (TODO: <Company name>) C:\Users\Tyler\Downloads\Chrome_Updater.exe
2014-11-26 14:02 - 2014-11-26 14:02 - 00000324 _____ () C:\Users\Tyler\Documents\Ie.reg
2014-11-26 13:50 - 2014-11-26 13:50 - 02077392 _____ (Microsoft Corporation) C:\Users\Tyler\Downloads\IE11-Windows6.1 (1).exe
2014-11-26 13:45 - 2014-11-26 13:45 - 02077392 _____ (Microsoft Corporation) C:\Users\Tyler\Downloads\IE11-Windows6.1.exe
2014-11-26 13:44 - 2014-11-26 13:45 - 31892616 _____ (Microsoft Corporation) C:\Users\Tyler\Downloads\EIE11_EN-US_WOL_WIN7.EXE
2014-11-26 13:41 - 2014-11-26 13:41 - 00185121 _____ () C:\Users\Tyler\Downloads\Setup v2 1.exe
2014-11-26 13:37 - 2014-11-26 13:41 - 00000000 ____D () C:\AdwCleaner
2014-11-26 13:37 - 2014-11-26 13:37 - 02148864 _____ () C:\Users\Tyler\Downloads\AdwCleaner.exe
2014-11-26 13:31 - 2014-11-26 13:31 - 00002364 _____ () C:\Users\Tyler\Desktop\JRT.txt
2014-11-26 13:30 - 2014-11-26 13:30 - 00000000 ____D () C:\Windows\ERUNT
2014-11-26 13:24 - 2014-12-06 11:12 - 00000000 ____D () C:\FRST
2014-11-25 20:57 - 2014-12-06 11:12 - 00000348 _____ () C:\Windows\Tasks\CIMT_S-1-5-21-2040279239-802615254-577133662-1001.job
2014-11-22 12:08 - 2014-11-25 20:35 - 00000000 ____D () C:\Users\Tyler\Documents\Bandicam
2014-11-22 12:08 - 2014-11-22 12:08 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\BANDISOFT
2014-11-18 16:57 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 16:57 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-17 17:57 - 2014-11-25 21:15 - 00000000 ____D () C:\ProgramData\LizardSales
2014-11-17 17:17 - 2014-11-20 16:25 - 00000000 ____D () C:\Program Files\WWE
2014-11-17 17:17 - 2011-06-21 11:24 - 00032768 _____ () C:\Windows\system32\Drivers\sp_rsdrv2.sys
2014-11-12 18:52 - 2014-11-12 18:52 - 00000000 __SHD () C:\Users\Tyler\AppData\Local\EmieBrowserModeList
2014-11-11 21:21 - 2014-11-05 12:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 21:21 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 21:21 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 21:21 - 2014-10-09 19:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 21:21 - 2014-10-02 20:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 21:21 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 21:21 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 21:21 - 2014-10-02 20:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 21:21 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 21:21 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 21:21 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 21:21 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 21:21 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 21:21 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 21:21 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 21:21 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 21:21 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 21:21 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 21:20 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 21:20 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 21:20 - 2014-11-05 22:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 21:20 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 21:20 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 21:20 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 21:20 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 21:20 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 21:20 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 21:20 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 21:20 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 21:20 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 21:20 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 21:20 - 2014-11-05 21:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 21:20 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 21:20 - 2014-11-05 21:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 21:20 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 21:20 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 21:20 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 21:20 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 21:20 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 21:20 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 21:20 - 2014-11-05 21:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 21:20 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 21:20 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 21:20 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 21:20 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 21:20 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 21:20 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 21:20 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 21:20 - 2014-11-05 12:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 21:20 - 2014-11-05 12:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 21:20 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 21:20 - 2014-10-13 20:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 21:20 - 2014-10-13 20:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 21:20 - 2014-10-13 20:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 21:20 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 21:20 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 11:10 - 2014-02-17 15:20 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\.minecraft
2014-12-06 11:08 - 2014-02-21 21:52 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 11:08 - 2012-11-29 21:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 11:08 - 2012-11-29 21:38 - 01128453 _____ () C:\Windows\WindowsUpdate.log
2014-12-05 23:21 - 2009-07-13 23:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:21 - 2009-07-13 23:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:14 - 2014-02-21 21:52 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-05 23:14 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 23:13 - 2012-11-29 21:52 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-12-05 23:13 - 2010-11-20 16:48 - 00250544 _____ () C:\Windows\PFRO.log
2014-12-05 23:13 - 2009-07-13 23:39 - 00042642 _____ () C:\Windows\setupact.log
2014-12-05 23:04 - 2014-07-11 23:47 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 23:04 - 2014-07-11 23:47 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-05 23:04 - 2014-07-11 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-05 23:04 - 2014-07-11 23:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-05 23:00 - 2014-02-21 21:52 - 00000000 ____D () C:\Program Files\Google
2014-12-05 22:48 - 2014-02-11 21:27 - 00015816 _____ () C:\Windows\IE11_main.log
2014-12-03 19:12 - 2014-09-26 16:57 - 00000000 ____D () C:\Program Files\Steam
2014-11-28 22:16 - 2012-11-29 21:39 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-28 22:16 - 2012-11-29 21:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-26 18:55 - 2010-11-20 16:01 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 13:33 - 2014-08-28 17:35 - 00000000 ____D () C:\Program Files\OpenDownloaderManager
2014-11-26 13:33 - 2014-02-11 20:33 - 00000000 ____D () C:\Users\Tyler
2014-11-23 18:41 - 2014-09-26 16:57 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-11-21 06:14 - 2014-07-11 23:47 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-07-11 23:47 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-07-11 23:47 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-17 20:41 - 2014-05-25 18:56 - 00000000 ____D () C:\Users\Tyler\AppData\Local\TeamSpeak 3 Client
2014-11-13 19:13 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-11-13 18:43 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 18:43 - 2009-07-13 23:33 - 00407384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 18:42 - 2014-05-16 02:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-11 22:23 - 2014-02-11 22:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-11 22:21 - 2014-02-11 20:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 22:19 - 2014-02-11 20:58 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Tyler\jagex_cl_runescape_LIVE.dat
C:\Users\Tyler\random.dat


Some content of TEMP:
====================
C:\Users\Tyler\AppData\Local\Temp\APNSetup.exe
C:\Users\Tyler\AppData\Local\Temp\bdfilters.dll
C:\Users\Tyler\AppData\Local\Temp\dsapi.exe
C:\Users\Tyler\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Tyler\AppData\Local\Temp\IEHistory.exe
C:\Users\Tyler\AppData\Local\Temp\InstalledPrograms.exe
C:\Users\Tyler\AppData\Local\Temp\install_flashplayer12x32ax_gtba_chra_dy_aaa_aih.exe
C:\Users\Tyler\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Tyler\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tyler\AppData\Local\Temp\pal_install_a5063_r110090.exe
C:\Users\Tyler\AppData\Local\Temp\PCFixSpeedSetup.exe
C:\Users\Tyler\AppData\Local\Temp\SCC.dll
C:\Users\Tyler\AppData\Local\Temp\sqlite3.dll
C:\Users\Tyler\AppData\Local\Temp\SymCCIS.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite32740.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite49404.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite56291.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite56454.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite63568.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite66501.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite67649.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite78508.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite78567.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite79066.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite89738.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite91227.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite93217.dll
C:\Users\Tyler\AppData\Local\Temp\System.Data.SQLite96350.dll
C:\Users\Tyler\AppData\Local\Temp\vlc-2.1.2-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-26 12:04

==================== End Of Log ============================


  • 0

#5
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-12-2014 01
Ran by Tyler at 2014-12-06 11:12:41
Running from C:\Users\Tyler\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
avast! Antivirus (HKLM\...\avast!) (Version: 4.8 - Alwil Software)
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5425 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Protection | Access (HKLM\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.1.00001.001 - Dell Inc.)
Dell Data Protection | Access (Version: 02.01.01.001 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 2.01.018 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 2.01.010 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
DellAccess (Version: 01.00.00.108 - Wave Systems Corp.) Hidden
EMBASSY Security Center (Version: 04.02.00.173 - Wave Systems Corp.) Hidden
Gemalto (Version: 01.01.01.0000 - Wave Systems Corp) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Network Connections 16.8.45.00 (HKLM\...\PROSetDX) (Version: 16.8.45.00 - Dell)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
NTRU TCG Software Stack (Version: 2.1.36 - Security Innovation, Inc.) Hidden
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
Preboot Manager (Version: 03.02.00.096 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.00.00.047 - Wave Systems Corp.) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5883 - Realtek Semiconductor Corp.)
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trusted Drive Manager (Version: 4.1.1.312 - Wave Systems Corp.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
Wave Infrastructure Installer (Version: 07.03.17.0010 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.12.00.036 - Wave Systems Corp) Hidden
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

12-11-2014 02:20:39 Windows Update
12-11-2014 03:17:58 Windows Update
18-11-2014 01:41:31 Removed RuneScape Launcher 1.2.3
18-11-2014 21:55:41 Windows Update
19-11-2014 03:44:16 Windows Update
25-11-2014 16:29:41 Windows Update
26-11-2014 18:47:26 Removed System Requirements Lab Detection
02-12-2014 22:12:33 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {29D5B7BC-E1B7-44AD-BA2C-4E4801D18F35} - System32\Tasks\CIMT_S-1-5-21-2040279239-802615254-577133662-1001 => C:\Program Files\Consumer Input\Monitoring\dca-monitoring.exe
Task: {4D0E079F-7D4E-44AF-B694-205D7FF4B690} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: {5A9F252F-B6E2-4F4E-BB24-17F2A127A8C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: {AD720626-49BF-40C3-8BA4-56D3640CFB12} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-28] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CIMT_S-1-5-21-2040279239-802615254-577133662-1001.job => C:\Program Files\Consumer Input\Monitoring\dca-monitoring.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-17 15:05 - 2011-12-14 17:53 - 00303360 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
2014-02-17 15:05 - 2011-12-14 10:22 - 00368640 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll
2012-11-29 23:25 - 2011-06-10 13:36 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2014-02-17 15:05 - 2011-12-14 17:55 - 08453376 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2014-02-17 15:05 - 2011-12-14 10:43 - 00278528 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2014-10-17 19:01 - 2014-10-17 19:01 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-11-29 21:46 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-12-05 22:52 - 2014-11-26 11:40 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-11-28 22:16 - 2014-11-28 22:16 - 16841392 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2040279239-802615254-577133662-500 - Administrator - Disabled)
Guest (S-1-5-21-2040279239-802615254-577133662-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2040279239-802615254-577133662-1002 - Limited - Enabled)
Tyler (S-1-5-21-2040279239-802615254-577133662-1001 - Administrator - Enabled) => C:\Users\Tyler

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2014 11:15:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 10:59:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program javaw.exe version 8.0.25.18 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 22ec

Start Time: 01d010ea01584958

Termination Time: 1024

Application Path: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe

Report Id: adc61e39-7cfb-11e4-bd95-1803733d8cf5

Error: (12/05/2014 10:58:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 38.0.2125.111 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5cb8

Start Time: 01d0110898ff040b

Termination Time: 4

Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Report Id: 08b83df0-7cfc-11e4-bd95-1803733d8cf5

Error: (12/05/2014 04:27:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2014 07:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x5462bb74
Faulting module name: tier0.dll, version: 0.0.0.0, time stamp: 0x546ef9d7
Exception code: 0x40000015
Fault offset: 0x0002051e
Faulting process id: 0x34e8
Faulting application start time: 0xcsgo.exe0
Faulting application path: csgo.exe1
Faulting module path: csgo.exe2
Report Id: csgo.exe3

Error: (12/03/2014 04:21:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2014 08:48:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2014 00:29:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2014 11:08:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2014 11:45:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/05/2014 11:14:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (12/05/2014 04:26:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (12/04/2014 06:00:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.9.
The computer with the IP address 192.168.0.10 did not allow the name to be claimed by
this computer.

Error: (12/03/2014 07:11:21 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer SWETNICHFAMILY
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EC38C4-E170-4834-9CD3-A71.
The master browser is stopping or an election is being forced.

Error: (12/03/2014 04:20:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (11/30/2014 08:46:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (11/29/2014 05:46:26 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer SWETNICHFAMILY
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EC38C4-E170-4834-9CD3-A71.
The master browser is stopping or an election is being forced.

Error: (11/29/2014 02:15:45 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer SWETNICHFAMILY
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EC38C4-E170-4834-9CD3-A71.
The master browser is stopping or an election is being forced.

Error: (11/29/2014 01:49:05 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer SWETNICHFAMILY
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5EC38C4-E170-4834-9CD3-A71.
The master browser is stopping or an election is being forced.

Error: (11/29/2014 00:28:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 37%
Total physical RAM: 3241.05 MB
Available physical RAM: 2035.31 MB
Total Pagefile: 6480.39 MB
Available Pagefile: 4421.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.63 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:232.11 GB) (Free:163.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 5E6A5FB7)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know how it is behaving after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081
ProxyServer: [S-1-5-21-2040279239-802615254-577133662-1001] => http=127.0.0.1:52104;https=127.0.0.1:52104
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2040279239-802615254-577133662-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-2040279239-802615254-577133662-1001 -> {C8ECA1B2-129E-4EC0-AABB-FBFCFECD0E91} URL =
CHR Profile: C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default
2014-11-26 13:50 - 2014-11-26 13:50 - 02077392 _____ (Microsoft Corporation) C:\Users\Tyler\Downloads\IE11-Windows6.1 (1).exe
2014-11-26 13:45 - 2014-11-26 13:45 - 02077392 _____ (Microsoft Corporation) C:\Users\Tyler\Downloads\IE11-Windows6.1.exe
2014-11-26 13:44 - 2014-11-26 13:45 - 31892616 _____ (Microsoft Corporation) C:\Users\Tyler\Downloads\EIE11_EN-US_WOL_WIN7.EXE
2014-11-26 13:41 - 2014-11-26 13:41 - 00185121 _____ () C:\Users\Tyler\Downloads\Setup v2 1.exe
2014-11-17 17:57 - 2014-11-25 21:15 - 00000000 ____D () C:\ProgramData\LizardSales
2014-11-26 13:33 - 2014-08-28 17:35 - 00000000 ____D () C:\Program Files\OpenDownloaderManager
C:\Users\Tyler\jagex_cl_runescape_LIVE.dat
C:\Users\Tyler\random.dat
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#7
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts

# AdwCleaner v4.104 - Report created 06/12/2014 at 15:40:48
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Tyler - TYLER-PC
# Running from : C:\Users\Tyler\Downloads\AdwCleaner(3).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Google Chrome v

[C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320418&octid=EB_ORIGINAL_CTID&ISID=M8F1C52CE-2F62-41BF-99F4-FB4E68658276&SearchSource=58&CUI=&UM=6&UP=SPF7429F63-7933-4665-A8E1-73E7C222B19D&q={searchTerms}&SSPV=
[C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320418&octid=EB_ORIGINAL_CTID&ISID=M8F1C52CE-2F62-41BF-99F4-FB4E68658276&SearchSource=58&CUI=&UM=6&UP=SPF7429F63-7933-4665-A8E1-73E7C222B19D&q={searchTerms}&SSPV=

*************************

AdwCleaner[R0].txt - [6467 octets] - [26/11/2014 13:37:37]
AdwCleaner[R1].txt - [2069 octets] - [06/12/2014 15:38:31]
AdwCleaner[S0].txt - [6372 octets] - [26/11/2014 13:41:24]
AdwCleaner[S1].txt - [2002 octets] - [06/12/2014 15:40:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2062 octets] ##########


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What problems are you experiencing now ?

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#9
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts

he still doesnt have the internet explorer. I deleted Google Chrome and it got rid of all the pop up he was having. I downloaded firefox and no more pop up either. Other than that he says the computer is doing great.

 

 

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-06 21:31:18
-----------------------------
21:31:18.931    OS Version: Windows 6.1.7601 Service Pack 1
21:31:18.931    Number of processors: 4 586 0x2A07
21:31:18.932    ComputerName: TYLER-PC  UserName: Tyler
21:31:36.324    Initialize success
21:31:36.369    VM: initialized successfully
21:31:36.370    VM: Intel CPU supported
21:31:39.260    VM: supported disk I/O iaStor.sys
21:32:57.738    AVAST engine defs: 14120601
21:33:12.512    The log file has been saved successfully to "C:\Users\Tyler\Desktop\aswMBR.txt"
 


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What error do you get when you try to open IE ?

Could you go to Control Panel > Internet Options > Programmes tab
Select Manage Add-ons
Right click Avast Online Security and select Disable
Capture.JPG
Restart IE and let me know if that works
  • 0

Advertisements


#11
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts

There is no where I can restart IE... I don't have it any where to restart it. I cant find it under programs, on the start menu no icons any where.


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Right click the listing in programs and select :
Send to...
Desktop as a shortcut
It will now appear on the desktop, does that launch it ?

Untitled.png
  • 0

#13
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts

I cant it is not there...I can not find IE anywhere on my computer.


  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Weird as it was being reported as present on the FRST scan

Download to your desktop a fresh copy from here http://www.microsoft...-7-details.aspx
Then install, if you get an error let me know what it is
  • 0

#15
swetnich

swetnich

    Member

  • Topic Starter
  • Member
  • PipPip
  • 86 posts

i know I have tried to install IE again...the error message I am getting is telling me that it will not finish installing: says: setup can not continue because a more recent version of IE is installed on your computer


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP