Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Flashing Task Bar

Started by AZB , Jan 16 2016 11:28 PM

  • Please log in to reply

#1
AZB
Posted 16 January 2016 - 11:28 PM

AZB

    New Member

  • Member
  • Pip
  • 2 posts

Hi

I think my lap top has been infected and am unsure how to remove it.  Currently I have a task bar at the bottom ]of my screen that flashes every 3-4 seconds.  It mirrors what is open in the screen and sometimes just shows nothing.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Airini-Zoy (2016-01-17 15:23:32)
Running from C:\Users\Airini-Zoy\Desktop
Windows 8.1 (X64) (2015-12-28 04:32:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2753416840-3243587269-1804172549-500 - Administrator - Disabled) => C:\Users\Administrator
Airini-Zoy (S-1-5-21-2753416840-3243587269-1804172549-1002 - Administrator - Enabled) => C:\Users\Airini-Zoy
Guest (S-1-5-21-2753416840-3243587269-1804172549-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2753416840-3243587269-1804172549-1004 - Limited - Enabled)
zoy (S-1-5-21-2753416840-3243587269-1804172549-1001 - Administrator - Enabled) => C:\Users\zoy

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Norton Internet Security (Enabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.06)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{99213849-249E-7726-EBA7-ADFCA48E2246}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.31.7357 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.13.1.47453 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.13.3 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.31.7357 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.227 - Broadcom Corporation)
Clickfree (HKLM-x32\...\{1EB9B986-CECA-4E05-B454-C9343EE9DDE7}) (Version: 3.16.449.0 - Clickfree Automatic Backup)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.36.50 - Conexant)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{5B54DDC3-0ACC-4722-9C23-C3F07AF4825D}) (Version: 1.01.6700 - DTS, Inc.)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MyTurboPC (HKLM-x32\...\{A2F37CA8-53F8-4594-B701-32AE64BAED1A}) (Version: 3.2.15.0 - MyTurboPC.com)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{61A09A66-D7E6-22EF-AF75-16D83ADE30E3}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PSP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29077 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Security Reviver (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_ReviverSoft~2C1D94A4_is1) (Version: 2.1.1000.16262 - ReviverSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.2 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.0 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.02.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 6.0.3.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.03.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.14260 - WinZip International LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0655231B-74C8-4109-B2FF-34CCC95AE94F} - System32\Tasks\MyTurboPC_sch_2A839A35-BCD2-11E5-825E-4CBB580401ED => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe [2015-01-06] (MyTurboPC.com) <==== ATTENTION
Task: {0E1E1219-3BBE-4AF2-B61E-9118F6CE4E39} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-25] (TOSHIBA Corporation)
Task: {10000ED0-AA03-454F-99C2-23E82631461E} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2015-03-13] (Nico Mak Computing)
Task: {6AA67CEC-33D9-4779-AF21-4B366F028F17} - System32\Tasks\MyTurboPC Startup => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe [2015-01-06] (MyTurboPC.com)
Task: {876D07D4-E3D0-4C87-9F52-5A6B03A3557A} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {9B3E15D6-15B4-4037-ACE1-20BBC7A0328C} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {A1BE7822-3FFE-491B-9782-C3465B8160D5} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-26] (Synaptics Incorporated)
Task: {AD90D0BB-7084-45EC-AF81-675EEA854996} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {CF9BD236-CFAC-440E-BCDA-3DF09C839AB5} - System32\Tasks\MyTurboPC.com Update3_triggeronce => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe [2015-01-06] (MyTurboPC.com)
Task: {D87A2401-788E-4024-900A-11A9FC5D241F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {DE851A34-2478-4459-B65F-21D181C2BF1E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {E640974C-3329-40E7-8E8C-66ADEC0AAEA5} - System32\Tasks\Security Reviver_startup => C:\Program Files (x86)\Security Reviver\SecRev.exe [2015-08-03] (ReviverSoft)
Task: {FA52D23C-97B1-4EA1-B317-EB49E62C9E13} - System32\Tasks\MyTurboPC.com Update3 => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe [2015-01-06] (MyTurboPC.com)
Task: {FF1B0AC3-FF00-48A1-94AD-56FEBED69802} - System32\Tasks\MyTurboPC.com Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\MyTurboPC.com\UUS3\UUS3.dll" RunUns

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\MyTurboPC Startup.job => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe8C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe
Task: C:\WINDOWS\Tasks\MyTurboPC.com Registration3.job => C:\WINDOWS\system32\rundll32.exeIC:\Program Files (x86)\Common Files\MyTurboPC.com\UUS3\UUS3.dll RunUns7C:\Program Files (x86)\Common Files\MyTurboPC.com
Task: C:\WINDOWS\Tasks\MyTurboPC.com Update3.job => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe7c:\program files (x86)\common files\myturbopc.com\uus3KALANI\Airini-ZoyMyTurboPC.com
Task: C:\WINDOWS\Tasks\MyTurboPC.com Update3_triggeronce.job => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe7c:\program files (x86)\common files\myturbopc.com\uus3KALANI\Airini-ZoyMyTurboPC.com
Task: C:\WINDOWS\Tasks\MyTurboPC_sch_2A839A35-BCD2-11E5-825E-4CBB580401ED.job => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe2 /schedule:2A839A35-BCD2-11E5-825E-4CBB580401ED C:\Program Files (x86)\MyTurboPC.com <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-04-23 16:48 - 2014-04-23 16:48 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-03-22 08:09 - 2014-03-22 08:09 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-08-22 17:19 - 2013-08-22 16:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-08-22 17:19 - 2013-08-22 16:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2013-08-22 17:19 - 2013-08-22 16:54 - 00030208 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd
2016-01-17 13:58 - 2016-01-17 13:58 - 01164688 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-01-17 13:58 - 2016-01-17 13:58 - 00192912 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
2016-01-17 13:58 - 2016-01-17 13:58 - 02814864 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-01-17 13:58 - 2016-01-17 13:58 - 01393040 _____ () C:\Program Files (x86)\AVG Web TuneUp\CefHost.exe
2016-01-17 13:48 - 2016-01-17 13:48 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-01-17 13:58 - 2016-01-17 13:58 - 00533904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\log4cplusU.dll
2016-01-17 14:10 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2016-01-17 14:10 - 2015-03-13 14:34 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2016-01-17 14:10 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2016-01-17 13:58 - 2016-01-17 13:58 - 40638864 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
2016-01-17 15:05 - 2015-03-17 11:11 - 00886272 _____ () C:\Program Files (x86)\Security Reviver\System.Data.SQLite.dll
2016-01-17 15:05 - 2015-08-03 11:59 - 01880568 _____ () C:\Program Files (x86)\Security Reviver\secrevsys.dll
2016-01-17 15:05 - 2015-03-17 11:11 - 00168448 _____ () C:\Program Files (x86)\Security Reviver\UNRAR.DLL
2016-01-17 15:05 - 2015-08-03 11:59 - 00063992 _____ () C:\Program Files (x86)\Security Reviver\ScanDll.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 23:25 - 2013-08-22 23:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2753416840-3243587269-1804172549-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\TOSHIBA\TOSHIBA1.jpg
HKU\S-1-5-21-2753416840-3243587269-1804172549-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Airini-Zoy\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\toshiba1.jpg
HKU\S-1-5-21-2753416840-3243587269-1804172549-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7E843705-C60C-4F35-B179-F78C4D8A523A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{0BCC7572-8030-4C81-AF71-C21D4BD7B9FC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{ADE53159-5F46-4C0C-B132-3D99A10B6751}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{9C482338-71F7-4263-98BF-5036B6D11852}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{17FB7312-1DEB-4434-B361-350CCCA261E5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{049EEB73-9B07-427B-A094-D8F65D962631}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{199A6416-89A2-43DF-B185-E7AF22340BF6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{33F42AA3-5837-49E9-9B22-6EB55D9AAFB4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{AE8D4F58-B770-4D3E-8358-FD29A81292B8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Restore Points =========================

17-01-2016 13:42:11 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2016 02:33:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19e0

Start Time: 01d150df9032fb6d

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 83e933c6-bcd3-11e5-825e-4cbb580401ed

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/17/2016 12:43:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/17/2016 11:49:13 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: The Windows logon process has unexpectedly terminated.

Error: (01/17/2016 11:49:13 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: The Windows logon process has unexpectedly terminated.

Error: (01/17/2016 11:49:13 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: The Windows logon process has unexpectedly terminated.

Error: (01/17/2016 09:15:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a6c

Start Time: 01d150b2c7584257

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: bb28ca89-bca6-11e5-825b-4cbb580401ed

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

System errors:
=============
Error: (01/17/2016 01:39:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (01/17/2016 01:39:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (01/17/2016 01:39:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (01/17/2016 11:56:49 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff80157b9012b, 0xffffd002025d5128, 0xffffd002025d4930)C:\WINDOWS\MEMORY.DMP011716-26593-01

Error: (01/17/2016 11:56:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:47:28 AM on ‎1/‎17/‎2016 was unexpected.

Error: (01/17/2016 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: KALANI)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (01/17/2016 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: KALANI)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4

Error: (01/17/2016 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: KALANI)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1

Error: (01/17/2016 11:48:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%1053

Error: (01/17/2016 11:48:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Defender Service service to connect.

CodeIntegrity:
===================================
  Date: 2016-01-17 13:56:31.593
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:56:31.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:56:28.944
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:56:02.009
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:53:12.358
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:53:10.215
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:53:09.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:53:09.615
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:53:03.155
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-17 13:53:01.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 43%
Total physical RAM: 7129.23 MB
Available physical RAM: 4014.81 MB
Total Virtual: 14297.23 MB
Available Virtual: 10969.89 MB

==================== Drives ================================

Drive c: (TI80167000C) (Fixed) (Total:918.45 GB) (Free:864.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


  • 0

Advertisements

#2
DonnaB
Posted 17 January 2016 - 12:16 AM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi AZB,

Welcome to GeeksToGo! :)

I'll take care of your other topic in the Win7 forum since I am answering your request for help here. :)

You have multiple AV's (antivirus programs) installed and enabled. 3 to be exact!! Windows Defender, Norton Internet Security and AVG AntiVirus Free Edition. This is a BIG no, no!! See below:

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Norton Internet Security (Enabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

The real-time protection of two or more antivirus programs may conflict with each other and cause the following:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
  • Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
  • Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.
Windows Defender is an AV on Windows 8 and you can't uninstall it, but you can disable it if you want to keep either Norton or AVG, but you can't keep both. I need for you to make a decision on which of the 3 AV's you want to keep and uninstall Norton or AVG, or disable Windows Defender. What ever you do, just keep one of them.

Once you are done sorting out the AV situation, please follow the instructions below and provide both logs requested so I can see what we have left to do to fix the issues you are experiencing.
  • Right click on the FRST64.txt and choose Run as administrator. When the tool opens click Yes to disclaimer.
  • Under Optional Scan place a checkmark in the box for Addition.txt to ensure it creates that 2nd log.
  • Press Scan button.
  • Please attach both logs in your next reply.
In your next reply, please post the following logs:

FRST.txt
Addition.txt


Thank you,
Donna :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP