Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Got a virus infection that crowded my computer screen

Started by lopez66 , Jan 21 2016 11:49 AM

  • Please log in to reply

#46
lopez66
Posted 12 February 2016 - 03:42 PM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

RKinner,

 

The computer is still not responding properly, it would now connect to the wireless internet with the administrator account, but it would swish off by it self, and when i go into the settings to swish it on the button would not go to on (the same that it was happening with the other account in my computer) the other program that it was installed during the initial attack, Zap Care Pro is still in the computer and it would not uninstall. it may also be another one, that i cannot recognize any more. I also uninstalled the chrome browser as it was when i started that browser that the warnings in the pictures I sent you popped out.

 

I guess, I have hit a wall with the laptop. I was using it to pay my bills and check my bank accounts. Do you thinks it is safe for me to keep using it for that?

 

 

RKinner, I will try to connect to morrow and see if you have any more advise for me.

 

Thanks again. RL


Edited by lopez66, 12 February 2016 - 03:46 PM.

  • 0

Advertisements

#47
RKinner
Posted 12 February 2016 - 06:14 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP
Clear the Java Cache by following the instructions on
 
You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 20 
 
Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
 
If you feel you must have Java:
Get the latest Java at:
 
Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
 
I assume you are talking about the WiFi shutting down on you.  This is probably a power saving feature.
Go in to Device Manager.  (See: http://www.isunshare...windows-10.htmlfor instructions)
In the right pane find Network Adapters and hit the arrow in front of it to open it up.  You should see your WiFi adapter.  Right click on it and select Properties then on Power Management then uncheck Allow  the Computer to turn off this device to Save Power.  OK.
 
The Zap Care Pro entry can be ignored.  Often when we pull malware out by the roots it leaves an entry in the uninstall list that doesn't work.  Since it bothers you we can use Frst to find all traces of it in the Registry so we can remove it.  Run FRST by right clicking and Run As Admin then put Zap Care Pro in the box and hit Search Registry.  It should eventually give you a log.  Copy and paste it into a reply and I will make a fixlist to get rid of it for good.

  • 0

#48
lopez66
Posted 14 February 2016 - 06:18 PM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Thanks, RKinner. I uninstalled the only Java program i saw, Java™ 6 Update 20, I did not see any other program with runtime on it except for PlayReady PC Runtime amd64, which i  assumed was not one of the java programs.

 

the problem with the wifi is that when i used the old account, where i have my files and downloads, the Wifi is off and when I go to the settings and try to move the button to the on position it goes back the the off by it self. So in order for me to have internet access, i have to use my administrator account to have access to the wifi (or internet).

I don't see any power management option in windows 10 when I access the wireless internet settings?

 

The log of the FRST searchfollows, thanks again, RKinner.

 

Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Administrator (2016-02-14 19:14:59)
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal

================== Search Registry: "zap care pro" ===========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3843D69F0851A0840AB46C957D1F08FE]
"ProductName"="Zap Care Pro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3843D69F0851A0840AB46C957D1F08FE\SourceList]
"LastUsedSource"="n;1;C:\Users\Ron Lopez\AppData\Roaming\Arieana LLC\Zap Care Pro 2.9.5\install\7F180EF\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3843D69F0851A0840AB46C957D1F08FE\SourceList\Net]
"1"="C:\Users\Ron Lopez\AppData\Roaming\Arieana LLC\Zap Care Pro 2.9.5\install\7F180EF\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAAF9301B11F184FA39175D1358B746]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\bs-Cyrl-BA\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0D36EB2FD1D220B4585ED72A104D76F4]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\th-TH\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DE9585D237D4774EA98694C4DEBAD9D]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\th-TH\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FCB0FA601C12D545BE31DC54ED445ED]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ja\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\101842DB32AFE6048B6ABFF2D9C359B1]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\th-TH\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\13476B1C0098DAF48A39775376ADBF15]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Splash.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1352251208492434BBC681544B8FC8FE]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\nl\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1435B6ECDF8AA9B449FA074400EC429D]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sv\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\193B15A02BA6A8A4D9C715E7155E86B5]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Uninst000.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CAF680865653AA44A7A14C54203AC1D]
"3843D69F0851A0840AB46C957D1F08FE"="01:\Software\Arieana LLC\Zap Care Pro\Custom2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1FEB1942A95B1714BA5AB20D9BEF90EB]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\es\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C9CF7163566E74A8F6DD61DBCED034]
"3843D69F0851A0840AB46C957D1F08FE"="02:\Software\Arieana LLC\Zap Care Pro\Version"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2394932AE1859654C96A472F6C7F6DFC]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Interop.IWshRuntimeLibrary.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2749F4F97A6B93040BF9B1000B8DF931]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\he\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\288551E8F2919524CB462AD97A18548E]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Microsoft.Deployment.WindowsInstaller.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A81F0BEAEC37D849B8A1184E3BE2B44]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\es\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B3CFB4ABAAD1F94BB6B36A620BEE281]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\bs-Cyrl-BA\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CB79B5F99D749E42859C670BC76744A]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\it\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F0E60C82F9BA6D4098F6842132CA831]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\se-FI\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F75524310CAB7B4393403E6DDA25CC0]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sv\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\325A7AD2E7128364E891BCDCEF01A501]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\da\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\343C684C7E3DDA9489A99F0D202F2ADE]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\bs-Latn-BA\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C0A1D6288F7D40A0CB4920314D17A]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\InstAct.exe.config"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\39E295A9BDD8D3A40A189BDD0E76D7E1]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\da\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3B3663614EC9B234CBE0A0E41B4D9BCF]
"3843D69F0851A0840AB46C957D1F08FE"="01:\Software\Arieana LLC\Zap Care Pro\Custom1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43AF3C00F80AFF94397AADFBD7FB5DD6]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\no\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45941CB967E93FA46AABB086D970A26D]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\fr\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B5FAB937B64B9041927F8ADE7AD0010]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\he\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FB233D270DA1E14BA779DDF90466605]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\hr-HR\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D82594240B0BAC48AC905492738C86B]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ComponentFactory.Krypton.Toolkit.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60359623F6C12A44D8E445960D3EF06C]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sr-Cyrl-RS\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61633A8B57110F341BFCB1ECA9B0855F]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ZapCarePro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62A5D88857A50F94B9047717D5C7272D]
"3843D69F0851A0840AB46C957D1F08FE"="01:\Software\Arieana LLC\Zap Care Pro\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E69CE47FAADA74998FF4C1EF631FEA]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\no\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63EEEB1BFF9A0034691EB29ACF4907A7]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sr-Latn-RS\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69FD7F42C594B5F47989A11449212808]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\tr-TR\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C2AE4124B6861949992F90F24392275]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\updater.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F4BEDD58E674D14BA5A7EA8A493B063]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sr-Latn-RS\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F894A4BC42BD9943A174FBFE51B3C68]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\bs-Cyrl-BA\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\70D72F539341C3749B226B5A0C768143]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Uninst000.CA.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73DD6551E5FED3B4A842A305DDC89C4F]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\fil-PH\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FE0AB28F99296044B4FE4FD6CE971A6]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Setup.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82BC1127B55293849A4AC411A50E5872]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\da\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87CB32B3205D71F4FA47D0B216279ED0]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\es\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9191F3A5D75DBE744ACE1891553670F2]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\it\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\93430891F17F39149A7986B143BA2346]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ar\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9C773766008C9DE4F93CA24B1BC8EDC3]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\nl\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E2AD79413FD9784BB6BB2F1CAD0045C]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ru\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08278DD1E51C964888CC0A1084F9536]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\nl\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D523C454D97C64BB378D72AD9D6E6B]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ar\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A85BE5656E393074CB899249B078B290]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\it\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A88C09ABC43DD2A4D8F603F26AF54B3D]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sr-Latn-RS\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8AEB8E23E46EC5458A5983F094FE9C9]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ja\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8D694CE16A85DC419777C315EA217DB]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\no\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A95F16A6BD5279C4D846403B8F2BF878]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ru\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE0D0A0DFEEFEA9429BC53F50991C254]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\fil-PH\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AFE36037A7A8E1744ADDC65E6444CA90]
"3843D69F0851A0840AB46C957D1F08FE"="02:\Software\Arieana LLC\Zap Care Pro\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B27A4DD1B42EB19428978CB3E3235A1C]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sr-Cyrl-RS\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA06B1FB6C7728642B1055DCC5A7A94F]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\bs-Latn-BA\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA5EB9D72CFFD7C4EBDDDF880D5EB3BA]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\pt\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA8C5344865E5F44E936205BAAD9E847]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\fil-PH\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD4FE576CBDAC047BD393A18CA6152D]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\bs-Latn-BA\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C0FE6D5DF8B772B4A8B83E683FB09034]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\hr-HR\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2007F58AB8C747458CDC86F1D3D32C3]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\InstAct.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C465D17548C80D246A067396001B0EB4]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\tr-TR\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9D20641628133749AD63C6F7DDCE896]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sr-Cyrl-RS\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7623820B451E046BC3A4EDFF05455F]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\he\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D0E76B7BAB2A4A44AA38BC242B54644B]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\sv\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2CA907BF5A2B864EA6458024B3EF5A9]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Microsoft.Win32.TaskScheduler.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D58E32EEF1A54EB44B79D1BBEE931710]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\de\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D7B20F473E8F9CC4198AC91A34A42893]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\pt\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD8466FDB025B0543A1F4EBB68B86074]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\fr\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DE210E47CB5AD94478B851B6814ECAD1]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\Interop.Shell32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEE0BA1317113954DAE2D11358E3B017]
"3843D69F0851A0840AB46C957D1F08FE"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zap Care Pro\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1561D6540880DB438BC218DE2E7A558]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\fr\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C1DC73A2BFB014EB40B2AF89CE82BA]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\de\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6C11F6C2BE90E142A313D020DB475C0]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\hr-HR\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8C2448EB0806594294C5DE6AE2D6BAE]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\de\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBD999A43ADF9BA458302325D2EC2863]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ja\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE10468A791496243BF8FE96C6EA3ED4]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\se-FI\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F249C1BBB94F66B47A09021787606A33]
"3843D69F0851A0840AB46C957D1F08FE"="01:\Software\Arieana LLC\Zap Care Pro\ResName"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2A5462822CEC36449D0911884976860]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\tr-TR\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5FEA2AA8962FAC438AFDA1CDF450F27]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ru\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F9225117650A68D4EA0FEA48802B8E01]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\se-FI\ZapCarePro.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FCA8ADAF0CB53BC44B812F94F35135F0]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\pt\Splash.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFBA29F9853CACC4CA194748875F6299]
"3843D69F0851A0840AB46C957D1F08FE"="C:\Program Files (x86)\Zap Care Pro\ar\Uninst000.resources.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3843D69F0851A0840AB46C957D1F08FE\InstallProperties]
"Comments"="This installer database contains the logic and data required to install Zap Care Pro."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3843D69F0851A0840AB46C957D1F08FE\InstallProperties]
"InstallLocation"="C:\Program Files (x86)\Zap Care Pro\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3843D69F0851A0840AB46C957D1F08FE\InstallProperties]
"InstallSource"="C:\Users\Ron Lopez\AppData\Roaming\Arieana LLC\Zap Care Pro 2.9.5\install\7F180EF\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3843D69F0851A0840AB46C957D1F08FE\InstallProperties]
"DisplayName"="Zap Care Pro"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Arieana LLC\Zap Care Pro]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Arieana LLC\Zap Care Pro]
"Path"="C:\Program Files (x86)\Zap Care Pro\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F96D3483-1580-480A-A04B-C659D7F180EF}]
"Comments"="This installer database contains the logic and data required to install Zap Care Pro."
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F96D3483-1580-480A-A04B-C659D7F180EF}]
"InstallLocation"="C:\Program Files (x86)\Zap Care Pro\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F96D3483-1580-480A-A04B-C659D7F180EF}]
"InstallSource"="C:\Users\Ron Lopez\AppData\Roaming\Arieana LLC\Zap Care Pro 2.9.5\install\7F180EF\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F96D3483-1580-480A-A04B-C659D7F180EF}]
"DisplayName"="Zap Care Pro"

====== End of Search ======


  • 0

#49
RKinner
Posted 14 February 2016 - 08:44 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP
Download the attached fixlist.txt to the same location as FRST
 
 
 
Run FRST and press Fix
A fix log will be generated please post that 
 
That should remove zap care pro from the uninstall list.  I have also told FRST to remove the two folders that it uses just in case there is anything left of it.
 
Go into Control panel and select User Accounts.  Find your original login and if it says it has admin rights, take them away.  Reboot and come back to Control Panel, User Accounts then give your original login admin rights again.  See if that helps.
 
 

  • 0

#50
lopez66
Posted 15 February 2016 - 04:40 PM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Thanks, RKinner. i run the FRST tool and the fixlog follows this paragraph.

in regards to the wfi connection, I did go into the control panel and users accounts and a was presented with a few choices. As i was using the administrator's account to be able to have access to the wifi connection, the only choice that took me to look at the two accounts was "manage another account". The two accounts in the computer appeared and then i clicked on the initial account, the problem account showed up, and again I was presented with a few choices out of which I chose "change the account type". Two choices appeared to choose from, the standard account (with the explanation of what you can do with the standard account) or the administrative account. I changed the account to standard. I will reboot the computer after this post and allow change the account back, if it let's me connect to the wifi, here. Hopefully it works.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Administrator (2016-02-15 17:13:53) Run:3
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Ron Lopez & Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
REG: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3843D69F0851A0840AB46C957D1F08FE"
REG: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Arieana LLC\Zap Care Pro"
REG: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F96D3483-1580-480A-A04B-C659D7F180EF}"
C:\Users\Ron Lopez\AppData\Roaming\Arieana LLC\Zap Care Pro 2.9.5
C:\Program Files (x86)\Zap Care Pro
CMD: ipconfig /all














 

*****************


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3843D69F0851A0840AB46C957D1F08FE" =========

Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3843D69F0851A0840AB46C957D1F08FE (Yes/No)? The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Arieana LLC\Zap Care Pro" =========

Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Arieana LLC\Zap Care Pro (Yes/No)? The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F96D3483-1580-480A-A04B-C659D7F180EF}" =========

Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F96D3483-1580-480A-A04B-C659D7F180EF} (Yes/No)? The operation completed successfully.



========= End of Reg: =========

"C:\Users\Ron Lopez\AppData\Roaming\Arieana LLC\Zap Care Pro 2.9.5" => not found.
"C:\Program Files (x86)\Zap Care Pro" => not found.

=========  ipconfig /all =========


Windows IP Configuration

   Host Name . . . . . . . . . . . . : RonLopez-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cemsolutions.local
   Description . . . . . . . . . . . : Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : E8-9A-8F-6F-E8-84
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : D0-DF-9A-36-0F-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : D0-DF-9A-36-0F-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::115d:58ce:c881:461d%21(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.20.0.50(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, February 15, 2016 5:05:32 PM
   Lease Expires . . . . . . . . . . : Tuesday, February 16, 2016 5:05:32 PM
   Default Gateway . . . . . . . . . : 172.20.0.1
   DHCP Server . . . . . . . . . . . : 172.20.0.1
   DHCPv6 IAID . . . . . . . . . . . : 248569754
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-3B-29-3D-D0-DF-9A-36-0F-9B
   DNS Servers . . . . . . . . . . . : 172.20.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:c95:c62f:e7b6:283d(Preferred)
   Link-local IPv6 Address . . . . . : fe80::c95:c62f:e7b6:283d%7(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 335544320
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-3B-29-3D-D0-DF-9A-36-0F-9B
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F044F701-6B18-4CA5-AB6B-2E401CF869FF}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

========= End of CMD: =========


==== End of Fixlog 17:13:54 ====


  • 0

#51
lopez66
Posted 15 February 2016 - 09:44 PM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Thanks, RKinner. changing the account worked out good. I was able to, not only get the wifi back, but also other warnings about not having authorization to open apps, are not showing any more.

 

Should I invest in paying for an antivirus program? if yes, which one do you think would be the better to get? I was using Marwarebites Anti-malware and was very pleased with it, but is there a better one?

 

Thanks again.


  • 0

#52
RKinner
Posted 15 February 2016 - 10:08 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP

Good to hear.  Did the fix remove the Zap Care Pro from the uninstall list?  I see I forgot to give it a /y after each line to tell it Yes.

 

MBAM isn't really an anti-virus.  Just something extra to help protect you.  I use the free Avast on all of my PCs and am happy with it.  I really like their Boot-time scan.   If you really want to pay for an anti-virus then look into Kaspersky or BitDefender.  Both usually the highest in the ratings.  


  • 0

#53
lopez66
Posted 19 February 2016 - 10:17 AM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

Thanks for the suggestion, RKinner. I did installed avast, though it wont fix some of the issues without paying for that service.

 

I don't really want to  pay for an anti virus, but I definitely don't want to have another virus attack. My computer does not feel the same. some thing is still in it, but I have no Idea what could it be. I tied to re-state the administrator privileges to my original account, but it would not move from standard the account even after a couple of reboots.

 

Also, some times, a pop up notice would come up, when i am using the computer with the administrator account, saying that i don't have administrative access to the app and then would open the setting for the computer. would this be related to the virus attack or something else?

 

Thanks again.


  • 0

#54
RKinner
Posted 19 February 2016 - 10:38 AM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP

What Avast wants to charge you for won't fix your problems.  

 

Have you run a boot-time scan with Avast yet?  It takes like 6 hours so I usually let it run at night.

 

Open Avast, Scan, Scan for Viruses, Change the Quick Scan (in the box in the center of the page) to Boot-time Scan.  Then at the bottom of the page click on Scan Settings.

 

Make sure both boxes are checked and click on the gray box to the right of the orange ones.  It should turn orange.  Change where it says "Fix Automatically" to "Move to

Chest."  OK.  Now click on Start and then close Avast.  Mute your speakers so it doesn't wake you up when Windows boots.

 

When you reboot you will see the scan start.  It will tell you where it says its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

 

http://www.howtogeek...-windows-vista/

 

Copy and paste the text from the log to a Reply when done.


  • 0

#55
lopez66
Posted 23 February 2016 - 12:03 PM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

RKineer, I ran it without following the instructions you posted, first, and then I did it again following your steps. I guess it did write, the whatever it found in the same text file. Here is the log.

 

02/19/2016 11:19
Scan of C:

Scan of *STARTUP

File C:\AdwCleaner\Quarantine\C\Program Files (x86)\DNS Unlocker\ConsoleApplication1.dll.vir is infected by Win32:Adware-gen [Adw], Moved to chest
File C:\AdwCleaner\Quarantine\C\Program Files (x86)\DNS Unlocker\dnslafayette.exe.vir is infected by Win32:Adware-gen [Adw], Moved to chest
File C:\AdwCleaner\Quarantine\C\Users\Ron Lopez\AppData\Local\WhiteListing\PluginsWhiteListing.dll.vir is infected by Win32:GenMaliciousA-CDH [PUP], Moved to chest
File C:\Users\Ron Lopez\Downloads\Malwarebytes Anti-Malware 1.70.0.1100 PRO\mbam-setup-1.70.0.1100.exe is infected by Win32:Dropper-gen [Drp], Moved to chest
Number of searched folders: 36063
Number of tested files: 1047921
Number of infected files: 4

----------------------------------------
02/19/2016 22:34
Scan of C:

Scan of *STARTUP

Number of searched folders: 36081
Number of tested files: 1047563
Number of infected files: 0
 

 

Thanks again.


  • 0

Advertisements

#56
RKinner
Posted 23 February 2016 - 01:35 PM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP

OK The only thing new that it found was the mbam-setup-1.70.0.1100.exe  file which was probably a false positive unless you got it from somewhere other than MBAM's site.

 

Can you run VEW again?  I want to see if there are any errors about it not be able to load your account.


  • 0

#57
lopez66
Posted 02 March 2016 - 09:23 PM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

RKinner, I am sorry, but I was not able to get in the internet any sooner. I was trying to run VEW, as you recommended (like in an earlier post, first the Systems and then the Applications), but I did not ran, I got the following message.

 

Run-time error '75':

 

Path/File access error

 

Also, I don't know if you recall, but i could not access the wifi with my old account. The way that i am accessing it, it takes some playing (turn it off the wire less access in the sign in screen with either the old or the administrator's account |(it will not turn on after that), restart the computer, and with the administrator account, turn it on with the wire less (it will turn on only after restarting) and then switch to my old account and sing in.  I am able to access it, now, though, the only issue, is that it keeps flickering and a warning keeps appearing and disappearing saying that there is an issue with fire fox.

 

Thanks again for your response. RL


Edited by lopez66, 02 March 2016 - 09:24 PM.

  • 0

#58
RKinner
Posted 03 March 2016 - 06:53 AM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP

Run-time error '75':

 

Path/File access error

 

 

 

 

Usually this is because you forgot to right click and Run As Admin.


  • 0

#59
lopez66
Posted 11 March 2016 - 03:38 PM

lopez66

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

I am sorry RKinner for the long delay in response, but i was working away.

 

I just realize that I could not give admin privileges to my old account from the same account and I was trying to run VEW from there, but not having admin privileges would not let me run VEW. I had to log in with my new account and give admin privileges to my old one (I thought I had done it before), but i just did and run VEW

 

The first notepad info for the System is under:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/03/2016 4:24:33 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/03/2016 2:31:16 AM
Type: Critical Category: 64
Event: 10116 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device SAMSUNG Mobile MTP Device (location (unknown)) is offline due to a user-mode driver crash.  Windows will attempt to restart the device in the shared process 1 more times before moving the device in its own process.  Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 10/03/2016 2:31:16 AM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

Log: 'System' Date/Time: 09/03/2016 1:09:41 AM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 09/03/2016 1:09:41 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/02/2016 12:32:34 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 24/02/2016 12:32:34 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 20/02/2016 2:41:05 AM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 20/02/2016 2:41:05 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 08/02/2016 3:57:28 PM
Type: Critical Category: 173
Event: 142 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error is caused because the system stopped responding and the hardware watchdog triggered a system reset.

Log: 'System' Date/Time: 08/02/2016 3:57:28 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2016 9:22:06 PM
Type: Error Category: 0
Event: 4321 Source: NetBT
The name "RONLOPEZ-PC    :0" could not be registered on the interface with IP address 192.168.0.95. The computer with the IP address 192.168.0.136 did not allow the name to be claimed by this computer.

Log: 'System' Date/Time: 11/03/2016 9:22:06 PM
Type: Error Category: 0
Event: 4321 Source: NetBT
The name "RONLOPEZ-PC    :0" could not be registered on the interface with IP address 192.168.0.95. The computer with the IP address 192.168.0.136 did not allow the name to be claimed by this computer.

Log: 'System' Date/Time: 11/03/2016 9:22:06 PM
Type: Error Category: 0
Event: 4321 Source: NetBT
The name "RONLOPEZ-PC    :20" could not be registered on the interface with IP address 192.168.0.95. The computer with the IP address 192.168.0.136 did not allow the name to be claimed by this computer.

Log: 'System' Date/Time: 11/03/2016 9:22:06 PM
Type: Error Category: 0
Event: 2505 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{F044F701-6B18-4CA5-AB6B-2E401CF869FF} because another computer on the network has the same name.  The server could not start.

Log: 'System' Date/Time: 11/03/2016 9:21:50 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 11/03/2016 9:21:39 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The luafv service failed to start due to the following error:  This driver has been blocked from loading

Log: 'System' Date/Time: 11/03/2016 9:19:35 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Sync Host_73ff4 service to connect.

Log: 'System' Date/Time: 11/03/2016 9:19:25 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Sync Host_73ff4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 11/03/2016 9:09:42 PM
Type: Error Category: 0
Event: 4321 Source: NetBT
The name "RONLOPEZ-PC    :20" could not be registered on the interface with IP address 192.168.0.95. The computer with the IP address 192.168.0.136 did not allow the name to be claimed by this computer.

Log: 'System' Date/Time: 11/03/2016 9:09:42 PM
Type: Error Category: 0
Event: 4321 Source: NetBT
The name "RONLOPEZ-PC    :0" could not be registered on the interface with IP address 192.168.0.95. The computer with the IP address 192.168.0.136 did not allow the name to be claimed by this computer.

Log: 'System' Date/Time: 11/03/2016 9:09:42 PM
Type: Error Category: 0
Event: 4321 Source: NetBT
The name "RONLOPEZ-PC    :0" could not be registered on the interface with IP address 192.168.0.95. The computer with the IP address 192.168.0.136 did not allow the name to be claimed by this computer.

Log: 'System' Date/Time: 11/03/2016 9:09:42 PM
Type: Error Category: 0
Event: 4321 Source: NetBT
The name "RONLOPEZ-PC    :0" could not be registered on the interface with IP address 192.168.0.95. The computer with the IP address 192.168.0.136 did not allow the name to be claimed by this computer.

Log: 'System' Date/Time: 11/03/2016 9:09:42 PM
Type: Error Category: 0
Event: 2505 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{F044F701-6B18-4CA5-AB6B-2E401CF869FF} because another computer on the network has the same name.  The server could not start.

Log: 'System' Date/Time: 11/03/2016 9:09:29 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 11/03/2016 9:09:21 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The luafv service failed to start due to the following error:  This driver has been blocked from loading

Log: 'System' Date/Time: 11/03/2016 9:08:38 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Access_3b45d14 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 11/03/2016 9:08:38 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Storage_3b45d14 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 11/03/2016 9:08:38 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Contact Data_3b45d14 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 11/03/2016 9:08:38 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Sync Host_3b45d14 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 11/03/2016 3:04:52 AM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Access_2aab7cc service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2016 9:21:47 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 11/03/2016 9:09:28 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 11/03/2016 1:24:36 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 11/03/2016 1:24:36 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 11/03/2016 1:24:36 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 11/03/2016 1:24:36 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 09/03/2016 1:44:54 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name client.wns.windows.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 09/03/2016 1:10:03 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 09/03/2016 12:59:32 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 06/03/2016 2:49:21 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 7 seconds since the last report.

Log: 'System' Date/Time: 04/03/2016 9:36:57 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 04/03/2016 4:30:51 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 04/03/2016 1:09:33 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 04/03/2016 1:09:33 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 04/03/2016 1:09:33 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 04/03/2016 1:09:33 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 04/03/2016 1:09:18 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 03/03/2016 4:28:47 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 03/03/2016 4:28:46 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 03/03/2016 4:17:54 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 6 seconds since the last report.
 

 

The second one for the Applications follows:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/03/2016 4:33:52 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/03/2016 9:32:47 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:30:00 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:28:04 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:28:04 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:28:04 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:28:04 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:27:48 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:27:44 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:27:00 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:26:00 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:35 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.WindowsAlarms_8wekyb3d8bbwe!App failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 11/03/2016 9:25:19 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: This app can't be activated by the Built-in Administrator. See the Microsoft-Windows-TWinUI/Operational log for additional information.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/03/2016 2:09:11 AM
Type: Warning Category: 0
Event: 1001 Source: MsiInstaller
Detection of product '{9D56775A-93F3-44A3-8092-840E3826DE30}', feature 'WinMailFeat' failed during request for component '{5B7A884B-05AC-4645-8CC6-FFA1063BE62F}'

Log: 'Application' Date/Time: 10/03/2016 2:09:11 AM
Type: Warning Category: 0
Event: 1004 Source: MsiInstaller
Detection of product '{9D56775A-93F3-44A3-8092-840E3826DE30}', feature 'WinMailFeat', component '{7CF8FC57-F7F2-44C5-9DA3-F1C6CDC86127}' failed.  The resource 'HKEY_LOCAL_MACHINE(64)\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\Products\{9D56775A-93F3-44A3-8092-840E3826DE30}' does not exist.

Log: 'Application' Date/Time: 11/02/2016 5:41:40 PM
Type: Warning Category: 0
Event: 1534 Source: Microsoft-Windows-User Profiles Service
Profile notification of event Create for component {2c86c843-77ae-4284-9722-27d65366543c} failed, error code is Not implemented .   

Log: 'Application' Date/Time: 08/02/2016 3:18:47 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 03/02/2016 8:58:06 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 03/02/2016 8:58:05 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 03/02/2016 8:51:01 PM
Type: Warning Category: 0
Event: 6000 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\msiexec.exe' (pid 2812) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\dllhost.exe' (pid 6552) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\rundll32.exe' (pid 6560) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\ImmersiveControlPanel\SystemSettings.exe' (pid 1208) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\ApplicationFrameHost.exe' (pid 3144) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\splwow64.exe' (pid 2396) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\svchost.exe' (pid 6380) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\CCleaner\CCleaner64.exe' (pid 7148) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe' (pid 5332) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe' (pid 5688) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\igfxext.exe' (pid 5940) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Toshiba\FlashCards\TCrdMain.exe' (pid 3068) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 29/01/2016 6:30:29 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Toshiba\Power Saver\TPwrMain.exe' (pid 6956) cannot be restarted - Application SID does not match Conductor SID..
 

Thanks


  • 0

#60
RKinner
Posted 12 March 2016 - 08:18 AM

RKinner

    Malware Expert

  • Expert
  • 24,623 posts
  • MVP

Uninstall 

Samsung USB Driver for Mobile Phones 

 

Turn off NetBT:

 

https://geekflare.co...able-windows-8/

 

(the above is for 8 but should be the same in 10)  

 

Check your clock that it has the correct time and date.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP