Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help Me... Cannot Run/Install Any Antivirus [Solved]

Started by Hana23 , Aug 01 2015 11:45 PM
I dont understand this Help me Antivirus Malware

  • This topic is locked This topic is locked

#16
Pyxis
Posted 10 August 2015 - 10:11 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Can you try this one?

Kindly reboot your computer first. Copy and paste the following into Notepad and save as fixlist.txt to your desktop:
cmd: netsh int ip reset
cmd: netsh winsock reset
Press the Fix button and reboot again after. If and only if that doesn't restore your connection, perform a 'System Restore'. Follow the instructions to restore system files and settings using a specific restore point. We created one on August 4, 2015 or August 5, 2015.

I'll be on to check on you until this gets resolved, so relax. :)
  • 0

Advertisements

#17
Pyxis
Posted 10 August 2015 - 12:16 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
As you haven't been online, I'll return in a few hours. Although, I'm quite confident the above should fix the problem for you. Let me know otherwise. :)
  • 0

#18
Hana23
Posted 10 August 2015 - 07:50 PM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hello Pyxis... Thank you for reply
Because of we live in different time zone, we cannot meet online. Beside, I must go to the college so that I can online at 6 or 7 p.m (fyi, I live in GMT +7:00)
Well... Back to topic. It did not work. The fixlog said...

Netsh int ip reset
Reseting global OK
Reseting interface OK
Reseting unicast address OK
Reseting route OK
Restart the computer

Netsh winsock reset
The system cannot find the file specified

On the system restore
There isn't something suspicious
On August 5th there are only motorola driver installation and restore point before motorola driver installation was removed using program install and uninstall troubleshooter
  • 0

#19
Pyxis
Posted 10 August 2015 - 08:30 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Do you have anything a day or two older? The purpose of System Restore is to restore your system to a state wherein it was still running correctly. From August 4, 2015 onwards we have cleared all malware. It is therefore safe to restore to any points created on or after that to see whether or not your Internet connects correctly. Could you try restoring to that date, please? The guide I linked should be precise.

If this doesn't work, there is still another solution (fixing the command that didn't work), but I'm reserving that for later because it's rather inconvenient at your state. Do you have a way to download files e.g. via (a hopefully clean) flash drive? There are automated processes that can remedy this problem, so do let me know.
  • 0

#20
Hana23
Posted 10 August 2015 - 08:36 PM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hello pyxis...
I am at class right now..
As long as I remember.. There are only 2 dates in my system restore
August 5th and 10th ...
Is there a way to refresh the system restore?
  • 0

#21
Pyxis
Posted 10 August 2015 - 08:55 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Both are fine. What does August 10 say? Try restoring to that and see if it fixes your Internet. If not, try August 5. 'Here' are the steps if you need them--follow the second option (to restore system files and settings using a specific restore point). I'll be checking back hourly so no worries if you can't do it now since you're in class. :)
  • 0

#22
Hana23
Posted 10 August 2015 - 10:42 PM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hi pyxis...
System Restore 8/10/2015 are...
Removed UpdateAdmin
Removed microsoft visual C++2008-64x 9.0.30729.17
Removed UpdateAdmin
Removed microsoft visual C++2008-64x 9.0.30729.17

Those are not typo... Both removed update admin and microsoft visual appear twice
I am trying to restore the last one..
  • 0

#23
Hana23
Posted 10 August 2015 - 10:48 PM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Pyxis...
IT WORKS!!!!
O my God... I am so excited!!!!
Thank you so so much!!
  • 0

#24
Pyxis
Posted 11 August 2015 - 12:02 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Yay! Give me fresh FRST logs, please. I think we're done here. :)
  • 0

#25
Hana23
Posted 11 August 2015 - 12:31 AM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
I have a class after this.
I will send you the fresh FRST after I finish this class...
It's about 4 hours later
Thank you, Pyxis
  • 0

Advertisements

#26
Pyxis
Posted 11 August 2015 - 12:32 AM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
No issues. I'll check back later. ;)
  • 0

#27
Hana23
Posted 11 August 2015 - 04:24 AM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Here's the result of the fresh FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-08-2015 01
Ran by 103096 (administrator) on 103096-PC (11-08-2015 17:18:51)
Running from C:\Users\103096\Desktop
Loaded Profiles: 103096 (Available Profiles: 103096)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WordWeb Software) C:\Program Files (x86)\WordWeb\wweb32.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-04-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-04-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-04-04] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-02-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-02] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-03] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Run: [WordWeb] => C:\Program Files (x86)\WordWeb\wweb32.exe [65216 2009-11-08] (WordWeb Software)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\MCShieldRTM.exe [650816 2014-04-12] (MyCity)
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-08-03] (Tonec Inc.)
ShellIconOverlayIdentifiers: [! IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-07-24] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-03] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://id.search.yah...c_dsssyc_bd_com
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://id.search.yah...c_dsssyc_bd_com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1591615944-4240288302-870138075-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1591615944-4240288302-870138075-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-03] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-07-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Get The Results Hub -> {04a7f6bf-84c9-46c3-b217-8b8282802520} -> C:\Program Files (x86)\Get The Results Hub\Extensions\04a7f6bf-84c9-46c3-b217-8b8282802520.dll [2015-08-09] ()
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-03] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\..\Interfaces\{852DF80E-ECC5-4D31-B811-7B6970198DF9}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\103096\AppData\Roaming\Mozilla\Firefox\Profiles\2c98fm30.default-1430297367737
FF NewTab: google.com
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://id.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-tr-rhb-32__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://id.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-tr-rhb-32__alt__ddc_dss_bd_com&p={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-18] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF user.js: detected! => C:\Users\103096\AppData\Roaming\Mozilla\Firefox\Profiles\2c98fm30.default-1430297367737\user.js [2015-08-09]
FF Extension: Adblock Plus - C:\Users\103096\AppData\Roaming\Mozilla\Firefox\Profiles\2c98fm30.default-1430297367737\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-03]
FF HKU\S-1-5-21-1591615944-4240288302-870138075-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\103096\AppData\Roaming\IDM\idmmzcc7
FF Extension: IDM integration - C:\Users\103096\AppData\Roaming\IDM\idmmzcc7 [2015-08-09]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-03] (AVAST Software)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Service Mgr GetTheResultsHub; C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541\plugincontainer.exe [1147096 2015-08-09] () [File not signed]
R2 UDisk Monitor; C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe [406016 2011-05-09] () [File not signed]
S2 Update Mgr GetTheResultsHub; C:\Program Files (x86)\Common Files\6f66c052-8827-4487-9031-09becb0cf541\updater.exe [1070296 2015-08-09] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-04-03] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-03] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [42784 2007-09-18] (PCTEL Inc.)
S2 rimssne; C:\Windows\System32\DRIVERS\rimssne64.sys [102912 2012-04-03] (REDC) [File not signed]
S3 UsbModemDriver; C:\Windows\System32\DRIVERS\USB_MODEM_T.sys [28160 2011-04-08] ()
S3 USB_BusEnum_T; C:\Windows\System32\DRIVERS\USB_BusEnum_T.sys [44544 2009-11-05] ()
S3 USB_ETS_T; C:\Windows\System32\DRIVERS\USB_ETS_T.sys [21760 2008-05-30] (Via Telecom, Inc.)
S3 USB_WinMux_T; C:\Windows\System32\DRIVERS\USB_WinMux_T.sys [37376 2009-10-27] ()
U3 Winsock; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 11:46 - 2015-08-03 11:35 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-11 11:43 - 2015-08-11 11:43 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-08-10 19:24 - 2015-08-10 20:49 - 00004794 _____ C:\WirelessDiagLog.csv
2015-08-10 19:05 - 2015-08-10 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-10 00:03 - 2015-08-10 00:03 - 00003500 _____ C:\Windows\DPINST.LOG
2015-08-10 00:01 - 2015-08-11 11:42 - 00000000 ____D C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541
2015-08-10 00:01 - 2015-08-11 11:42 - 00000000 ____D C:\Program Files (x86)\Get The Results Hub
2015-08-09 23:58 - 2015-08-11 12:05 - 00000000 ____D C:\Users\103096\AppData\Roaming\Opera Software
2015-08-09 23:58 - 2015-08-11 12:05 - 00000000 ____D C:\Users\103096\AppData\Local\Opera Software
2015-08-09 23:58 - 2015-08-09 23:58 - 00003824 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1439139524
2015-08-09 23:58 - 2015-08-09 23:58 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-09 23:54 - 2015-08-11 12:12 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-09 22:07 - 2015-08-09 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-09 20:46 - 2015-08-11 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B1 Free Archiver
2015-08-09 20:46 - 2015-08-11 11:42 - 00000000 ____D C:\Program Files (x86)\B1 Free Archiver
2015-08-09 20:46 - 2015-08-09 20:46 - 00001157 _____ C:\Users\Public\Desktop\B1 Free Archiver.lnk
2015-08-09 13:53 - 2015-08-11 11:41 - 00000000 ____D C:\Users\103096\AppData\Roaming\IDM
2015-08-09 13:53 - 2015-08-09 13:53 - 00001015 _____ C:\Users\103096\Desktop\Internet Download Manager.lnk
2015-08-09 13:53 - 2015-08-09 13:53 - 00000000 ____D C:\Users\103096\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-08-09 13:53 - 2015-08-09 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-08-09 13:53 - 2015-08-09 13:53 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-08-08 20:01 - 2015-08-08 20:01 - 00001082 _____ C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2015-08-08 20:01 - 2015-08-08 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2015-08-08 20:01 - 2015-08-08 20:01 - 00000000 ____D C:\Program Files (x86)\MCShield
2015-08-07 00:24 - 2015-08-07 00:25 - 00562784 _____ (Oracle Corporation) C:\Users\103096\Downloads\jxpiinstall.exe
2015-08-07 00:24 - 2015-08-07 00:24 - 00001130 _____ C:\Users\103096\Desktop\Search.txt
2015-08-07 00:20 - 2015-08-09 22:43 - 02169856 _____ (Farbar) C:\Users\103096\Desktop\FRST64.exe
2015-08-07 00:18 - 2015-08-11 11:42 - 00000000 ____D C:\Users\103096\Desktop\FRST-OlderVersion
2015-08-05 01:08 - 2015-08-05 01:10 - 11782200 _____ C:\Users\103096\Downloads\Wonder Girls - REBOOT (VOL. 3) [www.k2nblog.com].7z.part
2015-08-05 00:54 - 2015-08-05 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-08-05 00:54 - 2015-08-05 00:54 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-08-05 00:08 - 2015-08-05 00:08 - 00852684 _____ C:\Users\103096\Desktop\SecurityCheck.exe
2015-08-04 23:56 - 2015-08-04 23:56 - 00000000 ____D C:\Users\103096\Desktop\Fix it portable
2015-08-04 23:50 - 2015-08-04 23:50 - 00347440 _____ (Microsoft Corporation) C:\Users\103096\Desktop\MicrosoftFixit-portable.exe
2015-08-04 02:00 - 2015-08-04 02:00 - 00000000 ____D C:\MATS
2015-08-04 00:51 - 2015-08-04 00:51 - 00001054 _____ C:\Users\103096\Desktop\TXT 2.txt
2015-08-04 00:50 - 2015-08-04 00:50 - 00001052 _____ C:\Users\103096\Desktop\TXT.txt
2015-08-04 00:14 - 2015-08-04 01:03 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 00:14 - 2015-08-04 00:14 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-04 00:14 - 2015-08-04 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-04 00:14 - 2015-08-04 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-04 00:14 - 2015-08-04 00:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-04 00:14 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-04 00:14 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 00:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 00:10 - 2015-08-04 00:12 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\103096\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-03 19:07 - 2015-06-12 09:00 - 00197616 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2015-08-03 11:42 - 2015-08-11 17:11 - 00000000 ____D C:\ProgramData\MCShield
2015-08-03 11:36 - 2015-08-11 11:46 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-03 11:36 - 2015-08-11 11:46 - 00001928 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-03 11:36 - 2015-08-03 11:36 - 00000000 ____D C:\Users\103096\AppData\Roaming\AVAST Software
2015-08-03 11:36 - 2015-08-03 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-03 11:35 - 2015-08-03 11:35 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-03 11:35 - 2015-08-03 11:35 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-03 11:35 - 2015-08-03 11:35 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-03 11:30 - 2015-08-03 11:30 - 00004004 _____ C:\Users\103096\Desktop\Lala.txt
2015-08-03 11:30 - 2015-08-03 11:30 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-03 11:19 - 2015-08-03 11:20 - 00438537 _____ C:\Users\103096\Downloads\avgremover.log
2015-08-03 11:04 - 2015-08-03 11:04 - 00001053 _____ C:\Users\103096\Desktop\JRT.txt
2015-08-03 11:00 - 2015-08-03 11:01 - 01798176 _____ (Malwarebytes Corporation) C:\Users\103096\Desktop\JRT.exe
2015-08-03 10:01 - 2015-08-03 10:02 - 00000410 _____ C:\Users\103096\Desktop\bookmarks_8_3_15.html
2015-08-03 09:53 - 2015-08-03 09:53 - 00931408 _____ (Google Inc.) C:\Users\103096\Desktop\ChromeSetup.exe
2015-08-02 17:12 - 2015-08-10 19:36 - 00000000 ____D C:\AdwCleaner
2015-08-02 17:12 - 2015-08-02 17:12 - 02248704 _____ C:\Users\103096\Desktop\AdwCleaner.exe
2015-08-02 17:02 - 2015-08-09 22:50 - 00025125 _____ C:\Users\103096\Desktop\Addition.txt
2015-08-02 11:55 - 2015-08-11 17:18 - 00014977 _____ C:\Users\103096\Desktop\FRST.txt
2015-08-02 11:51 - 2015-08-11 17:18 - 00000000 ____D C:\FRST
2015-08-01 23:32 - 2015-08-03 11:26 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-01 23:32 - 2015-08-01 23:32 - 05685584 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2015-08-01 22:35 - 2015-08-06 15:17 - 00373700 _____ C:\Windows\PFRO.log
2015-07-26 12:04 - 2015-07-26 12:04 - 00000000 _____ C:\Windows\setuperr.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 17:18 - 2009-07-14 11:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-11 17:18 - 2009-07-14 11:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-11 17:15 - 2009-07-14 12:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-11 17:10 - 2015-07-09 13:37 - 00003090 _____ C:\Windows\setupact.log
2015-08-11 17:10 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-11 13:13 - 2014-09-18 15:31 - 01860462 _____ C:\Windows\WindowsUpdate.log
2015-08-11 12:41 - 2015-01-29 12:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-11 12:12 - 2014-09-18 16:03 - 00000000 ____D C:\Users\103096\AppData\Roaming\DMCache
2015-08-11 12:12 - 2014-09-18 15:31 - 00001449 _____ C:\Users\103096\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-11 12:12 - 2014-09-18 15:31 - 00001415 _____ C:\Users\103096\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-08-11 11:43 - 2014-09-18 15:30 - 00000000 ____D C:\Users\103096
2015-08-11 11:42 - 2015-04-29 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-11 11:42 - 2015-02-01 11:17 - 00000000 ____D C:\Users\103096\AppData\Local\Line
2015-08-11 11:42 - 2015-02-01 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-08-11 11:42 - 2015-02-01 11:16 - 00000000 ____D C:\Program Files (x86)\Naver
2015-08-11 11:42 - 2015-01-29 12:36 - 00000000 ____D C:\Program Files\Java
2015-08-11 11:42 - 2014-10-03 08:57 - 00000000 ____D C:\KMPlayer
2015-08-11 11:42 - 2014-09-23 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-11 11:42 - 2010-11-21 14:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-11 11:42 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-11 11:42 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\registration
2015-08-11 11:41 - 2014-09-23 20:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-10 23:01 - 2015-04-02 05:54 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-10 19:16 - 2015-03-20 17:59 - 00000000 ____D C:\Users\103096\Desktop\PIC
2015-08-10 00:04 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-09 23:24 - 2014-09-18 16:03 - 00000000 ____D C:\Users\103096\Downloads\Video
2015-08-09 20:42 - 2014-09-18 16:03 - 00000000 ____D C:\Users\103096\Downloads\Compressed
2015-08-03 14:58 - 2009-07-14 12:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-03 11:10 - 2014-10-04 22:58 - 00000000 ____D C:\Program Files (x86)\SMADAV
2015-08-03 10:05 - 2015-04-02 05:54 - 00000000 ____D C:\Users\103096\AppData\Local\Google
2015-08-03 09:57 - 2015-02-11 00:33 - 00000000 ____D C:\Users\103096\Desktop\I Must Read this
2015-08-02 12:19 - 2014-09-24 19:57 - 00000000 ____D C:\Program Files (x86)\IDM
2015-07-29 23:02 - 2014-09-19 15:25 - 00000000 ____D C:\Users\103096\AppData\Local\Microsoft Help
2015-07-18 21:42 - 2015-01-29 12:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 21:42 - 2014-09-18 16:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-18 21:42 - 2014-09-18 16:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-12-11 09:32 - 2015-01-12 12:33 - 0007617 _____ () C:\Users\103096\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\103096\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\103096\AppData\Local\Temp\KMP_3.9.1.138.exe
C:\Users\103096\AppData\Local\Temp\Quarantine.exe
C:\Users\103096\AppData\Local\Temp\sqlite3.dll
C:\Users\103096\AppData\Local\Temp\{2C736F26-11D7-4618-9492-EC14A05542C2}.dll
C:\Users\103096\AppData\Local\Temp\{CBB84078-BD16-4D7B-B431-D20A3C591A50}.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-04 21:16

==================== End of log ============================


  • 0

#28
Hana23
Posted 11 August 2015 - 04:29 AM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

I have 2 questions:

1. After all of this done, which program that I should keep? I have some programs that I installed based on your respond such as Adwcleaner, malwarebytes, FRST,security check, and more(?). Is it better to keep it or uninstall it?

 

2. Is it better to have some antivirus or just one? I install Avast and after that I read on google that MCShield Real-Time Monitor can protect my laptop from USB's virus. Is it OK to have it or should I choose one?

 

Thanks


  • 0

#29
Pyxis
Posted 11 August 2015 - 11:13 PM

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts

1. After all of this done, which program that I should keep? I have some programs that I installed based on your respond such as Adwcleaner, malwarebytes, FRST,security check, and more(?). Is it better to keep it or uninstall it?


They will all be removed once we are completely done. Malwarebytes Anti-Malware is an on-demand scanner so it is fine to keep if you wish.
 

2. Is it better to have some antivirus or just one? I install Avast and after that I read on google that MCShield Real-Time Monitor can protect my laptop from USB's virus. Is it OK to have it or should I choose one?


No, only one anti-virus should be running on your system at any point in time. These programs are with real-time protection (contrary to on-demand scanners, which only run when you ask them to) and they require a lot of resources. Having more than one is counterproductive. Be aware that anti-malware programs, anti-spyware programs, et al. are considered in their own respects, so you can have one of each kind. I would personally not recommend having more than two real-time programs for all types. MCShield is fine to install as it's a fire-and-forget one.

Where's Addition.txt? You needed to check that tiny box. ;) I see some bad lines, nothing serious, however.
  • Step 1

    Copy and paste the following into Notepad and save as fixlist.txt to your desktop:
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://id.search.yah...c_dsssyc_bd_com
HKU\S-1-5-21-1591615944-4240288302-870138075-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://id.search.yah...c_dsssyc_bd_com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1591615944-4240288302-870138075-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1591615944-4240288302-870138075-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://id.search.yah...p={searchTerms}
FF Homepage: hxxp://id.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-tr-rhb-32__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://id.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-tr-rhb-32__alt__ddc_dss_bd_com&p={searchTerms}
2015-08-10 00:01 - 2015-08-11 11:42 - 00000000 ____D C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541
2015-08-10 00:01 - 2015-08-11 11:42 - 00000000 ____D C:\Program Files (x86)\Get The Results Hub
2015-08-04 23:56 - 2015-08-04 23:56 - 00000000 ____D C:\Users\103096\Desktop\Fix it portable
2015-08-04 23:50 - 2015-08-04 23:50 - 00347440 _____ (Microsoft Corporation) C:\Users\103096\Desktop\MicrosoftFixit-portable.exe
2015-08-04 02:00 - 2015-08-04 02:00 - 00000000 ____D C:\MATS

EmptyTemp:
    • Run your copy of FRST. It is important to ensure it is located in your desktop.
    • Press the Fix button.
    • It will produce a log (fixlog.txt) once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • fixlog.txt (Farbar Recovery Scan Tool)

  • 0

#30
Hana23
Posted 12 August 2015 - 04:54 AM

Hana23

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Hi Pyxis...

Oh... I forgot about the addition.txt

Here the addtion.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01
Ran by 103096 (2015-08-12 17:35:22)
Running from C:\Users\103096\Desktop\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

103096 (S-1-5-21-1591615944-4240288302-870138075-1000 - Administrator - Enabled) => C:\Users\103096
Administrator (S-1-5-21-1591615944-4240288302-870138075-500 - Administrator - Disabled)
Guest (S-1-5-21-1591615944-4240288302-870138075-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{BC3B8C54-7E10-0A4D-F6CA-52616DB1E96F}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.0.2.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.0.2.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
B1 Free Archiver (HKLM-x32\...\B1FreeArchiver) (Version: 0.0.0.0 - Catalina Group Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.6 - Dolby Laboratories Inc)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Get The Results Hub (HKLM-x32\...\Get The Results Hub) (Version: 2.0.5699.11971 - Get The Results Hub) <==== ATTENTION
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Icecream Ebook Reader version 1.41 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 1.41 - Icecream Apps)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.138 - PandoraTV)
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
LINE (HKLM-x32\...\LINE) (Version: 4.0.2.366 - LINE Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Oxford Advanced Learner's Dictionary - 8th Edition (HKLM-x32\...\NSIS_oald8) (Version:  - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{E727B31A-8B24-4C1C-934A-69634E0D2C0B}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6573 - Realtek Semiconductor Corp.)
Smartfren Connex AC682 UI (HKLM\...\ZTEWireless-101_is1) (Version:  - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.44.1 - Synaptics Incorporated)
Typer Shark (HKLM-x32\...\Typer Shark) (Version:  - )
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.2.0.14230 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.11.0.13150 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - Sony Corporation (SFEP) HIDClass  (11/15/2011 8.0.2.3) (HKLM\...\D3980EE1930054D2BAB3D957A731D6C24AF9F739) (Version: 11/15/2011 8.0.2.3 - Sony Corporation)
WordWeb (HKLM-x32\...\WordWeb) (Version: 6 - WordWeb Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1591615944-4240288302-870138075-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

==================== Restore Points =========================

11-08-2015 12:57:48 Scheduled Checkpoint
11-08-2015 17:51:08 Removed UpdateAdmin

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 09:34 - 2009-06-11 04:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {36D51979-01BF-4DF1-BAD3-69FEEBCF09B0} - System32\Tasks\Opera scheduled Autoupdate 1439139524 => C:\Program Files (x86)\Opera\launcher.exe
Task: {37A21333-27CE-4631-A2A7-BEB7606747CA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-03] (AVAST Software)
Task: {445B3B36-A844-456B-A3E3-F584BF829D9F} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net
Task: {618C9751-7F97-46A2-AF6F-D0D29E8ABADC} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {6CF928A3-4007-4E3D-92DA-D50662E0719E} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {80197A6A-1E7C-4A80-ADEF-4F37C8BA5BE3} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {9156DC63-84B7-4F34-8811-331488A40FAA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-02-23] (Sony Corporation)
Task: {BFEC04E0-E892-4DBB-980F-C8E764C054D7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {DA12BCB6-2312-4022-B534-B2E6D808846B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-02-23] (Sony Corporation)
Task: {EEFBE223-9B29-4B19-B77E-D7750CFE263B} - System32\Tasks\{1A601F3F-5C65-49A3-8F95-57E0F7A9D8E9} => Iexplore.exe http://www.skype.com...8;LastError=404
Task: {EFC75CAE-5C7C-4EE1-B66B-158B14EBBCD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-07 10:31 - 2011-05-09 14:07 - 00406016 _____ () C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe
2014-09-18 15:51 - 2012-04-03 05:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-03 11:35 - 2015-08-03 11:35 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-03 11:35 - 2015-08-03 11:35 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-11 11:47 - 2015-08-11 11:47 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15081003\algo.dll
2015-08-12 17:19 - 2015-08-12 17:19 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081201\algo.dll
2014-09-18 20:12 - 2012-02-23 17:35 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2015-01-07 00:04 - 2009-08-19 20:59 - 00022736 ____N () C:\Program Files (x86)\WordWeb\WUCNT.dll
2015-08-03 11:35 - 2015-08-03 11:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-18 21:42 - 2015-07-18 21:42 - 17448624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1591615944-4240288302-870138075-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\103096\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8C3C2EBA-1843-488F-B5E3-7FA08B967C6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{13AE7437-66E2-404C-A97C-4332907EC2F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/12/2015 05:15:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:15:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 15.0.0.1, time stamp: 0x4ee0fc85
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c8f9
Exception code: 0xc0000005
Fault offset: 0x000000000004e4b4
Faulting process id: 0x90c
Faulting application start time: 0xZeroConfigService.exe0
Faulting application path: ZeroConfigService.exe1
Faulting module path: ZeroConfigService.exe2
Report Id: ZeroConfigService.exe3

Error: (08/12/2015 08:05:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 06:02:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 05:11:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 12:50:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/11/2015 12:14:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 11:48:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 11:44:20 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17). Additional information: 0xc0000022.

Error: (08/11/2015 11:43:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/12/2015 05:15:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/12/2015 05:15:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Mgr GetTheResultsHub service failed to start due to the following error:
%%216

Error: (08/12/2015 05:15:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Mgr GetTheResultsHub service failed to start due to the following error:
%%216

Error: (08/12/2015 05:15:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The rimssne service failed to start due to the following error:
%%1058

Error: (08/12/2015 08:05:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Mgr GetTheResultsHub service failed to start due to the following error:
%%216

Error: (08/12/2015 08:05:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Mgr GetTheResultsHub service failed to start due to the following error:
%%216

Error: (08/12/2015 08:05:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The rimssne service failed to start due to the following error:
%%1058

Error: (08/11/2015 06:07:24 PM) (Source: HidBth) (EventID: 4) (User: )
Description: Initial connection to Bluetooth HID device (90:7f:61:05:05:81) failed.  The device has been removed as a personal or paired device.  You must reinstall the device.

Error: (08/11/2015 06:05:57 PM) (Source: ipnathlp) (EventID: 30009) (User: )
Description: 0.0.0.0

Error: (08/11/2015 06:02:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Mgr GetTheResultsHub service failed to start due to the following error:
%%216


Microsoft Office:
=========================
Error: (08/12/2015 05:15:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 05:15:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.0.0.14ee0fc85ntdll.dll6.1.7601.175144ce7c8f9c0000005000000000004e4b490c01d0d4e7c43a6814C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Windows\SYSTEM32\ntdll.dll0b91ce88-40db-11e5-aa55-685d43285bdf

Error: (08/12/2015 08:05:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 06:02:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 05:11:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 12:50:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe

Error: (08/11/2015 12:14:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 11:48:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 11:44:20 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.170xc0000022

Error: (08/11/2015 11:43:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity:
===================================
  Date: 2015-08-11 08:33:57.550
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-11 08:33:57.550
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-11 08:28:49.670
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-11 08:28:49.670
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-11 07:46:17.608
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-11 07:46:17.608
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-10 23:40:08.388
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-10 23:40:08.372
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-10 23:30:01.164
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-10 23:30:01.154
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\rimssne64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 3990.72 MB
Available physical RAM: 2288.82 MB
Total Virtual: 7979.64 MB
Available Virtual: 6152.88 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:97.66 GB) (Free:32.27 GB) NTFS
Drive d: (DATA) (Fixed) (Total:481.99 GB) (Free:174.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1406A225)

Partition: GPT Partition Type.

==================== End of log ============================


  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: I dont understand this, Help me, Antivirus, Malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP