Hello Pyxis...
Thank you for your reply
Step 1
Fix result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01
Ran by 103096 (2015-08-09 22:44:31) Run:3
Running from C:\Users\103096\Desktop
Loaded Profiles: 103096 (Available Profiles: 103096)
Boot Mode: Normal
==============================================
fixlist content:
*****************
C:\Program Files\Enigma Software Group
C:\Users\103096\Downloads\Programs\SpyHunter-Installer.exe
C:\Users\103096\AppData\Roaming\Enigma Software Group
[-HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SpyHunter 4 Service]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter]
Reg: reg delete "HKEY_USERS\S-1-5-21-1591615944-4240288302-870138075-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted" /v "C:\Users\103096\Downloads\Programs\SpyHunter-Installer.exe"
*****************
C:\Program Files\Enigma Software Group => moved successfully.
C:\Users\103096\Downloads\Programs\SpyHunter-Installer.exe => moved successfully.
C:\Users\103096\AppData\Roaming\Enigma Software Group => moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoftwareGroup => key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup => key not found.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SpyHunter 4 Service => key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe => key removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter => key removed successfully
========= reg delete "HKEY_USERS\S-1-5-21-1591615944-4240288302-870138075-1000\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted" /v "C:\Users\103096\Downloads\Programs\SpyHunter-Installer.exe" =========
Delete the registry value C:\Users\103096\Downloads\Programs\SpyHunter-Installer.exe (Yes/No)? The operation completed successfully.
========= End of Reg: =========
==== End of Fixlog 22:46:07 ====
Step 2 FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-08-2015 01
Ran by 103096 (administrator) on 103096-PC (09-08-2015 22:49:10)
Running from C:\Users\103096\Desktop
Loaded Profiles: 103096 (Available Profiles: 103096)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(WordWeb Software) C:\Program Files (x86)\WordWeb\wweb32.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-04-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-04-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-04-04] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-02-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-02] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-03] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Run: [WordWeb] => C:\Program Files (x86)\WordWeb\wweb32.exe [65216 2009-11-08] (WordWeb Software)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-12] (MyCity)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-08-03] (Tonec Inc.)
ShellIconOverlayIdentifiers: [! IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-07-24] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-03] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-03] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-03] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{852DF80E-ECC5-4D31-B811-7B6970198DF9}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\103096\AppData\Roaming\Mozilla\Firefox\Profiles\2c98fm30.default-1430297367737
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Extension: Adblock Plus - C:\Users\103096\AppData\Roaming\Mozilla\Firefox\Profiles\2c98fm30.default-1430297367737\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-03]
FF HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Firefox\Extensions: [
[email protected]] - C:\Users\103096\AppData\Roaming\IDM\idmmzcc7
FF Extension: IDM integration - C:\Users\103096\AppData\Roaming\IDM\idmmzcc7 [2015-08-09]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-03]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-03] (AVAST Software)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 UDisk Monitor; C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe [406016 2011-05-09] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-04-03] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-03] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [42784 2007-09-18] (PCTEL Inc.)
R2 rimssne; C:\Windows\System32\DRIVERS\rimssne64.sys [102912 2012-04-03] (REDC)
S3 UsbModemDriver; C:\Windows\System32\DRIVERS\USB_MODEM_T.sys [28160 2011-04-08] ()
S3 USB_BusEnum_T; C:\Windows\System32\DRIVERS\USB_BusEnum_T.sys [44544 2009-11-05] ()
S3 USB_ETS_T; C:\Windows\System32\DRIVERS\USB_ETS_T.sys [21760 2008-05-30] (Via Telecom, Inc.)
S3 USB_WinMux_T; C:\Windows\System32\DRIVERS\USB_WinMux_T.sys [37376 2009-10-27] ()
U3 Winsock; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-09 22:07 - 2015-08-09 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-09 20:46 - 2015-08-09 20:46 - 00001157 _____ C:\Users\Public\Desktop\B1 Free Archiver.lnk
2015-08-09 20:46 - 2015-08-09 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B1 Free Archiver
2015-08-09 20:46 - 2015-08-09 20:46 - 00000000 ____D C:\Program Files (x86)\B1 Free Archiver
2015-08-09 13:53 - 2015-08-09 15:48 - 00000000 ____D C:\Users\103096\AppData\Roaming\IDM
2015-08-09 13:53 - 2015-08-09 13:53 - 00001015 _____ C:\Users\103096\Desktop\Internet Download Manager.lnk
2015-08-09 13:53 - 2015-08-09 13:53 - 00000000 ____D C:\Users\103096\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-08-09 13:53 - 2015-08-09 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-08-09 13:53 - 2015-08-09 13:53 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-08-08 20:01 - 2015-08-08 20:01 - 00001082 _____ C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2015-08-08 20:01 - 2015-08-08 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2015-08-08 20:01 - 2015-08-08 20:01 - 00000000 ____D C:\Program Files (x86)\MCShield
2015-08-07 00:24 - 2015-08-07 00:25 - 00562784 _____ (Oracle Corporation) C:\Users\103096\Downloads\jxpiinstall.exe
2015-08-07 00:24 - 2015-08-07 00:24 - 00001130 _____ C:\Users\103096\Desktop\Search.txt
2015-08-07 00:20 - 2015-08-09 22:43 - 02169856 _____ (Farbar) C:\Users\103096\Desktop\FRST64.exe
2015-08-07 00:18 - 2015-08-09 22:43 - 00000000 ____D C:\Users\103096\Desktop\FRST-OlderVersion
2015-08-05 01:08 - 2015-08-05 01:10 - 11782200 _____ C:\Users\103096\Downloads\Wonder Girls - REBOOT (VOL. 3) [www.k2nblog.com].7z.part
2015-08-05 00:54 - 2015-08-05 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-08-05 00:54 - 2015-08-05 00:54 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-08-05 00:08 - 2015-08-05 00:08 - 00852684 _____ C:\Users\103096\Desktop\SecurityCheck.exe
2015-08-04 23:56 - 2015-08-04 23:56 - 00000000 ____D C:\Users\103096\Desktop\Fix it portable
2015-08-04 23:50 - 2015-08-04 23:50 - 00347440 _____ (Microsoft Corporation) C:\Users\103096\Desktop\MicrosoftFixit-portable.exe
2015-08-04 02:00 - 2015-08-04 02:00 - 00000000 ____D C:\MATS
2015-08-04 00:51 - 2015-08-04 00:51 - 00001054 _____ C:\Users\103096\Desktop\TXT 2.txt
2015-08-04 00:50 - 2015-08-04 00:50 - 00001052 _____ C:\Users\103096\Desktop\TXT.txt
2015-08-04 00:14 - 2015-08-04 01:03 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 00:14 - 2015-08-04 00:14 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-04 00:14 - 2015-08-04 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-04 00:14 - 2015-08-04 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-04 00:14 - 2015-08-04 00:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-04 00:14 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-04 00:14 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 00:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 00:10 - 2015-08-04 00:12 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\103096\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-03 19:07 - 2015-06-12 09:00 - 00197616 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2015-08-03 11:42 - 2015-08-08 20:02 - 00000000 ____D C:\ProgramData\MCShield
2015-08-03 11:36 - 2015-08-03 11:36 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-03 11:36 - 2015-08-03 11:36 - 00001928 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-03 11:36 - 2015-08-03 11:36 - 00000000 ____D C:\Users\103096\AppData\Roaming\AVAST Software
2015-08-03 11:36 - 2015-08-03 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-03 11:35 - 2015-08-03 11:35 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-03 11:35 - 2015-08-03 11:35 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-03 11:35 - 2015-08-03 11:35 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-03 11:30 - 2015-08-03 11:30 - 00004004 _____ C:\Users\103096\Desktop\Lala.txt
2015-08-03 11:30 - 2015-08-03 11:30 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-03 11:19 - 2015-08-03 11:20 - 00438537 _____ C:\Users\103096\Downloads\avgremover.log
2015-08-03 11:04 - 2015-08-03 11:04 - 00001053 _____ C:\Users\103096\Desktop\JRT.txt
2015-08-03 11:00 - 2015-08-03 11:01 - 01798176 _____ (Malwarebytes Corporation) C:\Users\103096\Desktop\JRT.exe
2015-08-03 10:01 - 2015-08-03 10:02 - 00000410 _____ C:\Users\103096\Desktop\bookmarks_8_3_15.html
2015-08-03 09:53 - 2015-08-03 09:53 - 00931408 _____ (Google Inc.) C:\Users\103096\Desktop\ChromeSetup.exe
2015-08-02 17:12 - 2015-08-02 17:14 - 00000000 ____D C:\AdwCleaner
2015-08-02 17:12 - 2015-08-02 17:12 - 02248704 _____ C:\Users\103096\Desktop\AdwCleaner.exe
2015-08-02 17:02 - 2015-08-04 00:55 - 00023160 _____ C:\Users\103096\Desktop\Addition.txt
2015-08-02 11:55 - 2015-08-09 22:49 - 00013266 _____ C:\Users\103096\Desktop\FRST.txt
2015-08-02 11:51 - 2015-08-09 22:49 - 00000000 ____D C:\FRST
2015-08-01 23:32 - 2015-08-03 11:26 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-01 23:32 - 2015-08-01 23:32 - 05685584 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2015-08-01 22:35 - 2015-08-06 15:17 - 00373700 _____ C:\Windows\PFRO.log
2015-07-26 12:04 - 2015-07-26 12:04 - 00000000 _____ C:\Windows\setuperr.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-09 22:41 - 2015-01-29 12:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-09 22:36 - 2014-09-18 16:03 - 00000000 ____D C:\Users\103096\AppData\Roaming\DMCache
2015-08-09 22:07 - 2015-04-29 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-09 22:07 - 2014-09-18 15:31 - 01844784 _____ C:\Windows\WindowsUpdate.log
2015-08-09 22:03 - 2014-10-03 08:57 - 00000000 ____D C:\KMPlayer
2015-08-09 21:52 - 2014-09-18 16:03 - 00000000 ____D C:\Users\103096\Downloads\Video
2015-08-09 20:42 - 2014-09-18 16:03 - 00000000 ____D C:\Users\103096\Downloads\Compressed
2015-08-08 20:03 - 2009-07-14 12:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-08 20:00 - 2015-07-09 13:37 - 00002866 _____ C:\Windows\setupact.log
2015-08-08 14:10 - 2015-03-20 17:59 - 00000000 ____D C:\Users\103096\Desktop\PIC
2015-08-07 13:21 - 2009-07-14 11:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-07 13:21 - 2009-07-14 11:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-07 13:14 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 23:43 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-03 14:58 - 2009-07-14 12:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-03 11:10 - 2014-10-04 22:58 - 00000000 ____D C:\Program Files (x86)\SMADAV
2015-08-03 10:09 - 2015-04-02 05:54 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-03 10:05 - 2015-04-02 05:54 - 00000000 ____D C:\Users\103096\AppData\Local\Google
2015-08-03 09:57 - 2015-02-11 00:33 - 00000000 ____D C:\Users\103096\Desktop\I Must Read this
2015-08-02 17:14 - 2014-09-18 15:31 - 00001180 _____ C:\Users\103096\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-02 17:14 - 2014-09-18 15:31 - 00000997 _____ C:\Users\103096\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-08-02 12:19 - 2014-09-24 19:57 - 00000000 ____D C:\Program Files (x86)\IDM
2015-07-29 23:02 - 2014-09-19 15:25 - 00000000 ____D C:\Users\103096\AppData\Local\Microsoft Help
2015-07-18 21:42 - 2015-01-29 12:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 21:42 - 2014-09-18 16:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-18 21:42 - 2014-09-18 16:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-12-11 09:32 - 2015-01-12 12:33 - 0007617 _____ () C:\Users\103096\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\103096\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\103096\AppData\Local\Temp\Quarantine.exe
C:\Users\103096\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-04 21:16
==================== End of log ============================
Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01
Ran by 103096 (2015-08-09 22:50:11)
Running from C:\Users\103096\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
103096 (S-1-5-21-1591615944-4240288302-870138075-1000 - Administrator - Enabled) => C:\Users\103096
Administrator (S-1-5-21-1591615944-4240288302-870138075-500 - Administrator - Disabled)
Guest (S-1-5-21-1591615944-4240288302-870138075-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{BC3B8C54-7E10-0A4D-F6CA-52616DB1E96F}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.0.2.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.0.2.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
B1 Free Archiver (HKLM-x32\...\B1FreeArchiver) (Version: 0.0.0.0 - Catalina Group Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.6 - Dolby Laboratories Inc)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Icecream Ebook Reader version 1.41 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 1.41 - Icecream Apps)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.130 - PandoraTV)
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
LINE (HKLM-x32\...\LINE) (Version: 4.0.2.366 - LINE Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Oxford Advanced Learner's Dictionary - 8th Edition (HKLM-x32\...\NSIS_oald8) (Version: - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{E727B31A-8B24-4C1C-934A-69634E0D2C0B}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6573 - Realtek Semiconductor Corp.)
Smartfren Connex AC682 UI (HKLM\...\ZTEWireless-101_is1) (Version: - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.44.1 - Synaptics Incorporated)
Typer Shark (HKLM-x32\...\Typer Shark) (Version: - )
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.2.0.14230 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.11.0.13150 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - Ricoh Company MS Host Controller (11/11/2011 6.13.10.27) (HKLM\...\6D47B80B2C30F419177A60AC2FDBFA8F62F6A3F0) (Version: 11/11/2011 6.13.10.27 - Ricoh Company)
Windows Driver Package - Sony Corporation (SFEP) HIDClass (11/15/2011 8.0.2.3) (HKLM\...\D3980EE1930054D2BAB3D957A731D6C24AF9F739) (Version: 11/15/2011 8.0.2.3 - Sony Corporation)
WordWeb (HKLM-x32\...\WordWeb) (Version: 6 - WordWeb Software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
==================== Restore Points =========================
05-08-2015 00:20:43 Restore Point before Motorola Driver Installation was removed using Program Install and Uninstall troubleshooter
05-08-2015 00:21:18 Motorola Driver Installation
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 09:34 - 2009-06-11 04:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {445B3B36-A844-456B-A3E3-F584BF829D9F} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net
Task: {618C9751-7F97-46A2-AF6F-D0D29E8ABADC} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {6CF928A3-4007-4E3D-92DA-D50662E0719E} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {80197A6A-1E7C-4A80-ADEF-4F37C8BA5BE3} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {9156DC63-84B7-4F34-8811-331488A40FAA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-02-23] (Sony Corporation)
Task: {BFEC04E0-E892-4DBB-980F-C8E764C054D7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {DA12BCB6-2312-4022-B534-B2E6D808846B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-02-23] (Sony Corporation)
Task: {E3D69CA2-CD8D-425D-8972-908DDA85E9AC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-03] (AVAST Software)
Task: {EEFBE223-9B29-4B19-B77E-D7750CFE263B} - System32\Tasks\{1A601F3F-5C65-49A3-8F95-57E0F7A9D8E9} => Iexplore.exe
http://www.skype.com...8;LastError=404Task: {EFC75CAE-5C7C-4EE1-B66B-158B14EBBCD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-07 10:31 - 2011-05-09 14:07 - 00406016 _____ () C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe
2014-09-18 15:51 - 2012-04-03 05:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-03 11:35 - 2015-08-03 11:35 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-03 11:35 - 2015-08-03 11:35 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-07 00:28 - 2015-08-07 00:28 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080602\algo.dll
2015-08-09 13:53 - 2015-08-09 13:53 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080801\algo.dll
2015-08-09 17:54 - 2015-08-09 17:54 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080900\algo.dll
2014-09-18 20:12 - 2012-02-23 17:35 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2015-01-07 00:04 - 2009-08-19 20:59 - 00022736 ____N () C:\Program Files (x86)\WordWeb\WUCNT.dll
2015-08-03 11:35 - 2015-08-03 11:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-18 21:42 - 2015-07-18 21:42 - 17448624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\103096\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8C3C2EBA-1843-488F-B5E3-7FA08B967C6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{13AE7437-66E2-404C-A97C-4332907EC2F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/09/2015 10:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 39.0.3.5696, time stamp: 0x55c33d81
Faulting module name: mozalloc.dll, version: 39.0.3.5696, time stamp: 0x55c32c73
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x69c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (08/07/2015 06:21:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/07/2015 01:14:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 12:17:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 2.8.2015.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 7bc
Start Time: 01d0d06bc0f906c5
Termination Time: 7
Application Path: C:\Users\103096\Desktop\FRST64.exe
Report Id: 054c4d9d-3c5f-11e5-aaf7-685d43285bdf
Error: (08/07/2015 12:01:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (08/06/2015 03:17:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2015 03:14:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2015 12:20:31 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {98613b6e-a797-4f84-9dcb-442488172f35}
Error: (08/05/2015 12:11:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 2.8.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 85c
Start Time: 01d0ced85e4046e6
Termination Time: 3
Application Path: C:\Users\103096\Desktop\FRST64.exe
Report Id: c5b764d6-3acb-11e5-b3a8-685d43285bdf
Error: (08/05/2015 12:09:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 2.8.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1368
Start Time: 01d0ced81c1c6c0c
Termination Time: 2
Application Path: C:\Users\103096\Desktop\FRST64.exe
Report Id: 825c782d-3acb-11e5-b3a8-685d43285bdf
System errors:
=============
Error: (08/07/2015 05:05:29 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.
Error: (08/06/2015 06:24:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (08/06/2015 04:27:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (08/06/2015 04:27:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (08/06/2015 04:27:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (08/04/2015 02:15:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/03/2015 11:55:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (08/03/2015 11:55:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (08/03/2015 11:55:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (08/03/2015 11:55:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Microsoft Office:
=========================
Error: (08/09/2015 10:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.3.569655c33d81mozalloc.dll39.0.3.569655c32c738000000300001aa169c01d0d2b5247ca3f7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll861dcd08-3ead-11e5-b1ea-685d43285bdf
Error: (08/07/2015 06:21:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
Error: (08/07/2015 01:14:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/07/2015 12:17:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe2.8.2015.17bc01d0d06bc0f906c57C:\Users\103096\Desktop\FRST64.exe054c4d9d-3c5f-11e5-aaf7-685d43285bdf
Error: (08/07/2015 12:01:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
Error: (08/06/2015 03:17:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2015 03:14:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/05/2015 12:20:31 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {98613b6e-a797-4f84-9dcb-442488172f35}
Error: (08/05/2015 12:11:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe2.8.2015.085c01d0ced85e4046e63C:\Users\103096\Desktop\FRST64.exec5b764d6-3acb-11e5-b3a8-685d43285bdf
Error: (08/05/2015 12:09:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe2.8.2015.0136801d0ced81c1c6c0c2C:\Users\103096\Desktop\FRST64.exe825c782d-3acb-11e5-b3a8-685d43285bdf
==================== Memory info ===========================
Processor: Intel® Core i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 50%
Total physical RAM: 3990.72 MB
Available physical RAM: 1960.51 MB
Total Virtual: 7979.64 MB
Available Virtual: 5775.27 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:97.66 GB) (Free:32.15 GB) NTFS
Drive d: (DATA) (Fixed) (Total:481.99 GB) (Free:174.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1406A225)
Partition: GPT Partition Type.
==================== End of log ============================
Thank you,
Hana23