Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Avast help please!


  • This topic is locked This topic is locked

#16
southernbelle1

southernbelle1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here are my scans :)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by Lisa Manis (administrator) on LISAMANIS-PC (19-01-2016 12:30:11)
Running from C:\Users\Lisa Manis\Downloads
Loaded Profiles: Lisa Manis (Available Profiles: Lisa Manis)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Lisa Manis\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [CnxtCoInstallerDefer] => C:\Program Files\CONEXANT\PREINSTALL\SETUP564238410\KESLYN.EXE [1574528 2010-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-311360127-3291622852-1042216310-1000\...\MountPoints2: {1654bfa4-a987-11e5-ad45-78e3b55c506f} - G:\VZW_Software_upgrade_assistant.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2015-12-18]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.203.226 205.171.2.226
Tcpip\..\Interfaces\{4848D22D-C616-40E1-8546-0C6E309B0C0F}: [DhcpNameServer] 67.142.166.10 67.142.166.11
Tcpip\..\Interfaces\{CD1D6664-1187-4454-B092-6AA4538C1F2E}: [DhcpNameServer] 192.168.0.1 205.171.203.226 205.171.2.226
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-311360127-3291622852-1042216310-1000\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Lisa Manis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Lisa Manis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-10]
CHR Extension: (YouTube) - C:\Users\Lisa Manis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-10]
CHR Extension: (Google Search) - C:\Users\Lisa Manis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lisa Manis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-10]
CHR Extension: (Gmail) - C:\Users\Lisa Manis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-10]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-15 10:45 - 2016-01-15 10:45 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-01-15 10:45 - 2016-01-15 10:45 - 00001945 _____ C:\Windows\epplauncher.mif
2016-01-15 10:45 - 2016-01-15 10:45 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-01-15 10:45 - 2016-01-15 10:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-01-15 10:41 - 2016-01-15 10:42 - 14243008 _____ (Microsoft Corporation) C:\Users\Lisa Manis\Downloads\mseinstall.exe
2016-01-04 18:51 - 2016-01-04 18:55 - 00183570 _____ C:\Windows\ntbtlog.txt
2016-01-03 22:34 - 2016-01-03 22:34 - 02370560 _____ (Farbar) C:\Users\Lisa Manis\Downloads\FRST64 (2).exe
2016-01-03 22:18 - 2016-01-03 22:43 - 00000257 _____ C:\Users\Lisa Manis\Downloads\Search.txt
2016-01-03 22:16 - 2016-01-03 22:17 - 02370560 _____ (Farbar) C:\Users\Lisa Manis\Downloads\FRST64 (1).exe
2015-12-30 11:12 - 2015-12-30 11:12 - 05080352 _____ (AVAST Software) C:\Users\Lisa Manis\Downloads\avast_free_antivirus_setup_online (2).exe
2015-12-30 10:51 - 2016-01-19 12:30 - 00008695 _____ C:\Users\Lisa Manis\Downloads\FRST.txt
2015-12-30 10:51 - 2015-12-30 10:52 - 00021188 _____ C:\Users\Lisa Manis\Downloads\Addition.txt
2015-12-30 10:49 - 2016-01-19 12:30 - 00000000 ____D C:\FRST
2015-12-30 10:49 - 2015-12-30 10:49 - 02370560 _____ (Farbar) C:\Users\Lisa Manis\Downloads\FRST64.exe
2015-12-23 16:23 - 2015-12-23 16:23 - 00004420 _____ C:\Users\Lisa Manis\Downloads\ChristmasWedding.odm
2015-12-23 16:16 - 2015-12-23 16:16 - 00005365 _____ C:\Users\Lisa Manis\Downloads\CowboyforChristmas.odm
2015-12-23 16:12 - 2015-12-23 16:12 - 00005231 _____ C:\Users\Lisa Manis\Downloads\HisChristmasPleasure.odm
2015-12-23 13:53 - 2015-12-23 13:53 - 05066104 _____ (AVAST Software) C:\Users\Lisa Manis\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Users\Public\Documents\Verizon2.0_Log
2015-12-23 13:05 - 2015-12-23 13:05 - 00000000 ____D C:\Users\Lisa Manis\AppData\Roaming\VERIZON
2015-12-23 13:01 - 2015-12-23 13:01 - 00000000 ____D C:\Users\Lisa Manis\Desktop\New folder (2)
2015-12-23 12:59 - 2015-12-23 12:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-12-23 10:01 - 2015-12-23 10:01 - 05066096 _____ (AVAST Software) C:\Users\Lisa Manis\Downloads\avast_free_antivirus_setup_online (1).exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-19 12:12 - 2009-07-13 23:45 - 00022544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-19 12:12 - 2009-07-13 23:45 - 00022544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-19 12:11 - 2009-07-14 00:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-19 12:11 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-01-19 12:04 - 2015-11-10 11:59 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-19 12:03 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-15 10:45 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-13 12:25 - 2015-12-07 19:07 - 00000000 ____D C:\Users\Lisa Manis\AppData\Local\ElevatedDiagnostics
2016-01-12 13:42 - 2015-11-10 20:25 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 13:41 - 2015-11-10 20:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-04 18:30 - 2015-11-24 14:09 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-01-04 01:12 - 2015-12-18 13:51 - 00000000 ____D C:\Users\Lisa Manis\Desktop\New folder
2015-12-23 21:41 - 2015-11-30 12:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
 
==================== Files in the root of some directories =======
 
2015-12-03 17:11 - 2015-12-03 17:11 - 0001610 _____ () C:\Users\Lisa Manis\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
C:\Users\Lisa Manis\AppData\Local\Temp\AudibleDM_iTunesSetup.exe
C:\Users\Lisa Manis\AppData\Local\Temp\NetFramework45.exe
C:\Users\Lisa Manis\AppData\Local\Temp\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-13 09:04
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#17
southernbelle1

southernbelle1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Lisa Manis (2016-01-19 12:30:50)
Running from C:\Users\Lisa Manis\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-11-09 16:12:47)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-311360127-3291622852-1042216310-500 - Administrator - Disabled)
Guest (S-1-5-21-311360127-3291622852-1042216310-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-311360127-3291622852-1042216310-1002 - Limited - Enabled)
Lisa Manis (S-1-5-21-311360127-3291622852-1042216310-1000 - Administrator - Enabled) => C:\Users\Lisa Manis
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{70F55D70-7E5F-6291-4924-2F7640F19BFE}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{00A9870A-DA5A-4825-BEC9-F93FD41DE157}) (Version: 2.43.0 - Kovid Goyal)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
OverDrive for Windows (HKLM-x32\...\{6D84D59B-38CD-41B1-A73A-9AB4C4C009BF}) (Version: 3.4.2 - OverDrive, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.84 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {22CA225A-4F66-4F61-BB57-60A6824376DB} - System32\Tasks\{6C4D28B8-EAFE-4AC6-B845-5092130BEC7F} => pcalua.exe -a "C:\Users\Lisa Manis\Desktop\HP Drivers\sp54841.exe" -d "C:\Users\Lisa Manis\Desktop\HP Drivers"
Task: {32DBF440-8528-443F-B74A-A7E8D7DED3BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {33FA78B8-8916-4019-B613-24FA9F57B90E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {348C170B-6BB3-413D-9AB3-C7E45656D9A5} - System32\Tasks\{C37A8689-BDB7-4A81-8CB2-C16858E675D3} => pcalua.exe -a "C:\Users\Lisa Manis\Desktop\HP Drivers\sp53261.exe" -d "C:\Users\Lisa Manis\Desktop\HP Drivers"
Task: {37C5B331-745C-4F0F-9746-03781872C421} - System32\Tasks\{B9AE15D4-2B53-4677-AFFF-48781E5C1F5B} => pcalua.exe -a "C:\Users\Lisa Manis\Desktop\HP Drivers\sp54900.exe" -d "C:\Users\Lisa Manis\Desktop\HP Drivers"
Task: {41E0EBFD-8181-437C-82B6-14F1A4053043} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-04] (HP Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6FEA60E9-0FE1-4DCA-A735-68A09C8DF989} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.)
Task: {869650A8-FB90-4975-B647-BD90F400DC85} - System32\Tasks\{E8D0CF7A-AD0C-42DF-811B-E0AF5C764989} => pcalua.exe -a "C:\Users\Lisa Manis\Desktop\HP Drivers\sp53838.exe" -d "C:\Users\Lisa Manis\Desktop\HP Drivers"
Task: {884C9BBD-DF59-40DE-B6E2-9A0DDE2A0579} - System32\Tasks\{4D53AE11-1033-4BA5-BFB6-6D25ECE6A08A} => pcalua.exe -a "C:\Users\Lisa Manis\Desktop\HP Drivers\sp51605.exe" -d "C:\Users\Lisa Manis\Desktop\HP Drivers"
Task: {8CAAD46F-F50F-4FDA-B373-A409DDB7E753} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {9F73D8F8-3952-4D8A-8563-93E4DFEB0AD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.)
Task: {C7C1C690-2D9C-4E97-9D65-8901D2C7894B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {C87DB4B2-15CC-4CC7-AECE-0DB807CC3F2D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {CA976BF8-C095-4B9C-A70B-00F632241E43} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {EB2BDF4D-4668-45C9-A0E3-C3D8542431E0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {ED9844EA-DBDC-4C80-B5BE-620B6B587CEA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-11-04] (HP Inc.)
Task: {F40367CC-A17B-4463-8EBA-AB60B51CABCA} - System32\Tasks\{A1AEA180-878C-413C-AFE8-F2E5FCE5563E} => pcalua.exe -a C:\Windows\system32\RT7LitePIlaunch.exe -d C:\Windows\system32
Task: {F79CF7BE-6C6F-4350-9F3F-0C3EA9977650} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-13 08:45 - 2015-10-13 08:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 08:45 - 2015-10-13 08:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-08 00:57 - 2011-01-08 00:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-10 20:35 - 2015-11-10 20:35 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2015-11-10 11:45 - 2011-05-20 13:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2016-01-15 10:40 - 2016-01-12 11:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-15 10:40 - 2016-01-12 11:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-311360127-3291622852-1042216310-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lisa Manis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.203.226
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{363C7FFF-2B1F-400C-8F58-C97192404CBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{574A23E8-6A97-4A32-B1CE-5C3A73FDB8EA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D225EB41-EC95-4876-836E-032CC2CA01BD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{773E8002-AF39-4177-9BE2-605929D11924}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1733A50B-1F09-4C19-87EA-920CAA64C313}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EA140052-D47E-407F-8386-8BE4FB5C4703}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
24-11-2015 14:49:27 Scheduled Checkpoint
16-12-2015 13:04:48 Installed OverDrive for Windows
13-01-2016 09:11:09 Scheduled Checkpoint
15-01-2016 11:03:43 Windows Update
19-01-2016 12:06:11 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/19/2016 12:05:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18064, time stamp: 0x56042d8f
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000004ac04
Faulting process id: 0x3a8
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (01/19/2016 12:04:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/15/2016 12:53:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18064, time stamp: 0x56042d8f
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000004ac04
Faulting process id: 0x15e0
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (01/15/2016 12:53:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18064, time stamp: 0x56042d8f
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000004ac04
Faulting process id: 0x1534
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (01/15/2016 12:02:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18064, time stamp: 0x56042d8f
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000004ac04
Faulting process id: 0x12ec
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (01/15/2016 11:45:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18064, time stamp: 0x56042d8f
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000004ac04
Faulting process id: 0xd30
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (01/15/2016 10:38:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/13/2016 01:24:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.18064, time stamp: 0x56042d8f
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56259295
Exception code: 0xc0000005
Fault offset: 0x000000000004ac04
Faulting process id: 0x42c
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3
 
Error: (01/13/2016 10:26:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/13/2016 08:22:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (01/04/2016 06:52:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (01/04/2016 06:52:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (01/04/2016 06:52:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 26%
Total physical RAM: 8139.86 MB
Available physical RAM: 5973.96 MB
Total Virtual: 16277.93 MB
Available Virtual: 13927.36 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:447.28 GB) (Free:123.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:14.32 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
Drive h: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0AFF17D5)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
==================== End of Addition.txt ============================

  • 0

#18
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello,

Logs look ok, how is the computer ?

Thanks
Joe
  • 0

#19
southernbelle1

southernbelle1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

The computer is working good :).


  • 0

#20
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
OK !

You may delete any log files on the desktop and delete Frst and we will close the topic.
  • 0

#21
southernbelle1

southernbelle1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Joe, 

I don't see FRST in my programs, so how do you uninstall it?  I see you really like Firefox browser.  Whats is it about Firefox you like vs. Chrome?

Lisa


  • 0

#22
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello,

Actually I don't use Firefox and have never used Chrome. I use a browser called Palemoon.

FRST does not install to a folder that's why you do not see it. On your machine it's located here=> C:\Users\Lisa Manis\Downloads. Your downloads folder :)

Thanks
Joe :)
  • 0

#23
southernbelle1

southernbelle1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

 FRST is deleted.  Thank you so much for all your help :).

Lisa


  • 0

#24
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
southernbelle1 its been my pleasure. Topic is closing now !

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP