Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows cannot find- C\Google\AutoIt3.exe


  • Please log in to reply

#1
Insomniac00

Insomniac00

    New Member

  • Member
  • Pip
  • 2 posts

Hi everyone!

 

My computer has slowed down lately so today I decided to download few malware removing programmes in order to remove potential viruses and hopefully speed up my PC...

Anyways, these programmes found some threats and they removed them, but when my computer rebooted this appeared:

prob.png

 

I guess one malware removing tools deleted that Autoit3 file, but I couldnt find it on the internet to download...

I searched the web, but none of the pictures of the error message matched mine...

What could it be? 

Please help :)

 

Thanks in advance!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-06-2016 01
Ran by Dushan (administrator) on DUSHAN-PC (26-06-2016 17:32:43)
Running from C:\Users\Dushan\Downloads
Loaded Profiles: Dushan (Available Profiles: Dushan)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RemoteControl11] => C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe [234792 2011-04-20] (CyberLink Corp.)
HKLM\...\Run: [AntiUsbWorm] => C:\Windows\system32\cmd.exe /c start C:\Google\AutoIt3.exe /AutoIt3ExecuteScript C:\Google\googleupdate.a3x  & exit
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\MountPoints2: {2aedca5f-9a3d-11e3-a6c1-002622f9e435} - H:\Autorun.exe
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\MountPoints2: {2aedca70-9a3d-11e3-a6c1-002622f9e435} - H:\Autorun.exe
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\MountPoints2: {9b775440-7b5d-11e2-aa86-806e6f6e6963} - F:\autorun6e.exe
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AntiUsbWormUpdate.lnk [2016-05-19]
ShortcutTarget: AntiUsbWormUpdate.lnk -> C:\Google\AutoIt3.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AntiWormUpdate.lnk [2016-05-19]
ShortcutTarget: AntiWormUpdate.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166
Tcpip\..\Interfaces\{4CC4D4A7-166E-41D1-AA3D-58B69205A17C}: [DhcpNameServer] 212.200.191.166 212.200.190.166
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-11] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-11] (Oracle Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Dushan\AppData\Roaming\Mozilla\Firefox\Profiles\bm6t0y92.default
FF Homepage: hxxp://google.com/
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_196.dll [2016-06-18] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> D:\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-11] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dushan\AppData\Roaming\Mozilla\Firefox\Profiles\bm6t0y92.default\user.js [2015-12-04]
FF user.js: detected! => C:\Users\Dushan\AppData\Roaming\Mozilla\Firefox\Profiles\afxr30if.default-1436133785926\user.js [2015-12-04]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Dushan\AppData\Roaming\Mozilla\Firefox\Profiles\bm6t0y92.default\extensions\[email protected] [not found]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U13) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_124.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\system32\npDeployJava1.dll => No File
CHR Profile: C:\Users\Dushan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Dushan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-04]
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\Dushan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 CLHNServiceForPowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2148176 2011-03-03] (Diskeeper Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [38608 2011-02-14] (Diskeeper Corporation)
R2 ntk_PowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [71664 2011-04-20] (Cyberlink Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2013-02-20] (Duplex Secure Ltd.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-07-29] (Samsung Electronics) [File not signed]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [77296 2011-04-12] (CyberLink Corp.)
U3 a37kfepn; C:\Windows\system32\Drivers\a37kfepn.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-26 17:32 - 2016-06-26 17:32 - 00009982 _____ C:\Users\Dushan\Downloads\FRST.txt
2016-06-26 17:29 - 2016-06-26 17:31 - 00000383 _____ C:\Users\Dushan\Desktop\Addition.txt
2016-06-26 17:28 - 2016-06-26 17:31 - 00015554 _____ C:\Users\Dushan\Desktop\FRST.txt
2016-06-26 17:27 - 2016-06-26 17:27 - 01739776 _____ (Farbar) C:\Users\Dushan\Downloads\FRST.exe
2016-06-26 15:32 - 2016-06-26 15:32 - 00000000 ____D C:\Avenger
2016-06-26 15:22 - 2016-06-26 15:22 - 00000000 ____D C:\Users\Dushan\AppData\Roaming\ProductData
2016-06-26 15:21 - 2016-06-26 15:35 - 00000000 ____D C:\Users\Dushan\AppData\Roaming\IObit
2016-06-26 15:21 - 2016-06-26 15:21 - 00000000 ____D C:\Users\Dushan\AppData\LocalLow\IObit
2016-06-26 15:21 - 2016-06-26 15:21 - 00000000 ____D C:\ProgramData\ProductData
2016-06-26 15:21 - 2016-06-26 15:21 - 00000000 ____D C:\Program Files\Common Files\IObit
2016-06-26 15:20 - 2016-06-26 15:35 - 00000000 ____D C:\Program Files\IObit
2016-06-26 15:20 - 2016-06-26 15:21 - 00000000 ____D C:\ProgramData\IObit
2016-06-26 15:20 - 2016-06-26 15:20 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-06-26 15:18 - 2016-06-26 15:19 - 43738600 _____ (IObit ) C:\Users\Dushan\Downloads\IObit-Malware-Fighter-Setup.exe
2016-06-26 15:16 - 2016-06-26 15:16 - 00000000 ____D C:\Program Files\HitmanPro
2016-06-26 15:14 - 2016-06-26 15:14 - 10451640 _____ (SurfRight B.V.) C:\Users\Dushan\Downloads\hitmanpro.exe
2016-06-26 15:03 - 2016-06-26 15:03 - 22851472 _____ (Malwarebytes ) C:\Users\Dushan\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-06-26 14:54 - 2016-06-26 14:54 - 22851472 _____ (Malwarebytes ) C:\Users\Dushan\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-26 14:35 - 2016-06-26 14:35 - 03703360 _____ C:\Users\Dushan\Downloads\adwcleaner_5.200.exe
2016-06-18 11:28 - 2016-06-18 11:28 - 00003925 _____ C:\Users\Dushan\Desktop\Baza.sav
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-26 17:32 - 2015-09-08 17:30 - 00000000 ____D C:\FRST
2016-06-26 17:31 - 2014-12-26 21:29 - 00000000 ____D C:\Users\Dushan\AppData\Local\CrashDumps
2016-06-26 17:09 - 2009-07-14 06:34 - 00023680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-26 17:09 - 2009-07-14 06:34 - 00023680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-26 17:06 - 2015-08-23 21:47 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-26 17:03 - 2013-02-20 14:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-26 17:02 - 2015-08-23 21:47 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-26 17:01 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-26 16:35 - 2010-11-20 23:01 - 00785302 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-26 16:35 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-06-26 15:44 - 2013-02-20 14:47 - 00000000 ____D C:\Users\Dushan\AppData\Roaming\Skype
2016-06-26 15:35 - 2013-02-20 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diskeeper Corporation
2016-06-26 14:39 - 2014-09-04 16:52 - 00000000 ____D C:\AdwCleaner
2016-06-18 11:03 - 2013-02-20 14:48 - 00800448 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-18 11:03 - 2013-02-20 14:48 - 00143040 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-18 01:09 - 2013-02-20 15:25 - 00002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-04 13:16 - 2013-02-20 15:00 - 00000000 ____D C:\Users\Dushan\AppData\Roaming\Nero
2016-06-04 13:16 - 2013-02-20 14:59 - 00000000 ____D C:\Program Files\NeroPortable
 
==================== Files in the root of some directories =======
 
2016-05-19 17:26 - 2016-05-19 17:26 - 0000898 _____ () C:\Program Files\Program Files.lnk
2015-09-11 17:09 - 2015-12-03 16:01 - 0000024 _____ () C:\Users\Dushan\AppData\Roaming\appdataFr25.bin
2013-03-04 22:10 - 2014-12-17 00:40 - 0005632 _____ () C:\Users\Dushan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-24 20:58 - 2014-08-24 20:58 - 0000017 _____ () C:\Users\Dushan\AppData\Local\resmon.resmoncfg
2015-08-21 22:07 - 2015-08-21 22:07 - 0000000 _____ () C:\Users\Dushan\AppData\Local\Temp.dat
2016-05-19 17:26 - 2016-05-19 17:26 - 0000898 _____ () C:\ProgramData\ProgramData.lnk
 
Some files in TEMP:
====================
C:\Users\Dushan\AppData\Local\Temp\HitmanPro.exe
C:\Users\Dushan\AppData\Local\Temp\libeay32.dll
C:\Users\Dushan\AppData\Local\Temp\msvcr120.dll
C:\Users\Dushan\AppData\Local\Temp\sqlite3.dll
C:\Users\Dushan\AppData\Local\Temp\UNINSTALL.EXE
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-06-19 12:51
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-06-2016 01
Ran by Dushan (2016-06-26 17:33:11)
Running from C:\Users\Dushan\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2013-02-20 12:02:03)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3528197946-984489926-4213029029-500 - Administrator - Disabled)
Dushan (S-1-5-21-3528197946-984489926-4213029029-1000 - Administrator - Enabled) => C:\Users\Dushan
Guest (S-1-5-21-3528197946-984489926-4213029029-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3528197946-984489926-4213029029-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0014-0000-0000-0000000FF1CE}_PRO_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
ACDSee Pro 2.5 (HKLM\...\{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}) (Version: 2.5.363 - ACD Systems International)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.196 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.196 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
Counter Strike 1.6  FULL v44 (HKLM\...\Counter Strike 1.6  FULL v44) (Version:  - )
CyberLink PowerDVD 11 (HKLM\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.1620.51 - CyberLink Corp.)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Diskeeper 2011  (HKLM\...\{9E0F1FA9-771E-4E6F-81EB-BDA8662AF971}) (Version: 15.0.951.32 - Diskeeper Corporation)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
IBM SPSS Statistics 19 (HKLM\...\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}) (Version: 19.0.0 - SPSS Inc., an IBM Company)
IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.0 - IBM Corp)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1883 - Intel Corporation)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Mario Forever v 2.16 ! (HKLM\...\Mario Forever v 2.16 !) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2003 programski dodatak za preslovljavanje (HKLM\...\{51312349-0B4D-450E-AFAA-03CC28A9531F}) (Version: 1.0.0527.0 - Microsoft)
Microsoft Office Professional 2007 (HKLM\...\PRO) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Opera 12.12 (HKLM\...\Opera 12.12.1707) (Version: 12.12.1707 - Opera Software ASA)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.5.0.77 - KMP Media co., Ltd)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
WinRAR 4.10 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.1 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {5000F060-457D-4B4F-B3AB-C2600C1E82B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-18] (Adobe Systems Incorporated)
Task: {73392102-DE31-4B62-AA5A-2770520CBF5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23] (Google Inc.)
Task: {75ECF44B-67F3-47F5-B031-5F620E44EFE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23] (Google Inc.)
Task: {76E84390-7D70-4D45-AF6E-ECFF33265FEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {A34FEC08-5D54-4896-A57B-FB6A6AE9E01A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
Task: {B92FC5BA-814C-4D49-8153-FFB16698BBAC} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-08-04] (Oracle Corporation)
Task: {D4594D67-B44A-43B3-B160-1778168BE7A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {EF28A56F-0DAB-4D64-B3C0-54ABCEACC4F4} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-03-29 13:07 - 2009-08-10 09:07 - 00026624 _____ () C:\Windows\System32\ssp7ml3.dll
2013-02-20 14:34 - 2011-10-14 03:07 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2013-02-20 14:46 - 2011-04-20 05:56 - 00083240 _____ () C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
2016-06-18 01:09 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 01:09 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files\Google\Chrome\Application\51.0.2704.103\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7865 more sites.
 
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3528197946-984489926-4213029029-1000\...\123simsen.com -> www.123simsen.com
 
There are 7865 more sites.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3528197946-984489926-4213029029-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dushan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.200.191.166 - 212.200.190.166
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{05D09310-B978-442D-BCFD-1288D540FD73}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{871223D6-B5FA-4AC7-B5D4-590533DE941C}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\PowerDVD11.exe
FirewallRules: [{5340841C-A8DB-4C58-AD3E-E1F0E8F4A894}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe
FirewallRules: [{A180799B-B2EC-484B-B3DA-2AEAFE06D67B}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
FirewallRules: [{4530EB6D-8896-4446-9D5A-1F1420885F30}] => (Allow) C:\Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe
FirewallRules: [{DEA86256-44FA-4934-8544-04112ED2FCCB}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{B9952514-FB41-432D-8DB8-A6FA5CEFF4A5}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{FBC2A7D6-AC1E-4650-8C28-4D1792F922BE}] => (Allow) D:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{7FA566D3-0944-4F3C-AA32-AC9D92F59CD5}] => (Allow) D:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{AC8B2BD2-ADB1-48B6-9D77-F34BF104FD1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1D2539AD-FFC3-4DFC-9D63-5D4B7CDA7457}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C662E4B4-1D8F-4BAD-A6C8-3FC68AD906A6}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{500E1F95-EC1D-416E-B942-02207F04DA3A}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{1FE9396F-355D-4C62-9259-2BDEC956A3D0}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{C14B222F-0FF0-4A78-B725-F5728689916F}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{EB023A02-B574-440D-B4AF-BBDB41F8A8AE}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{9B63DDFF-0BEC-44C9-988A-D2164E210A84}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{3764864F-2C55-4920-8D2A-413D09E8EBE7}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{06FF7C82-CCF1-43EA-A02A-24F623CAA445}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{34139C8A-8AC3-4B24-BCD6-9B6068C151A6}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{6759ED0D-AF83-4B11-B9DB-A29D2810FCD0}] => (Allow) C:\Users\Dushan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D065B242-AB32-461D-8E98-3908773D70E3}] => (Allow) C:\Users\Dushan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C2EF147-95C7-41D4-8DD5-6A6F13119D53}] => (Allow) C:\Users\Dushan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F085F767-ABEC-43DE-9651-E3BF04BD80BD}] => (Allow) C:\Users\Dushan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E89D6F83-3FE0-4F03-8ABA-8DAA66D3A2AF}] => (Allow) C:\Users\Dushan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4CA6BF95-3473-4763-B606-860094FC4B35}] => (Allow) C:\Users\Dushan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{10BF7C82-0353-4083-9940-A3A0D5D5A594}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{21E4481E-F70D-4106-9CCC-C6855E4F44CA}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{3C4C7D98-9D5A-4789-A1D5-18E8A093623C}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe
FirewallRules: [{CAF124CF-66EF-4C46-97DA-C7512573EE0A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe
FirewallRules: [{EF81F13B-1C63-47EA-8986-0B4DA351CDB1}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{7C2248C5-A020-49F6-BD9F-BB89174206EF}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com
FirewallRules: [{5EA41B73-0099-4C38-92D4-2E93FC002F9F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/26/2016 05:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FRST.exe, version: 26.6.2016.1, time stamp: 0x576fb2f1
Faulting module name: FRST.exe, version: 26.6.2016.1, time stamp: 0x576fb2f1
Exception code: 0xc0000005
Fault offset: 0x000211de
Faulting process id: 0x548
Faulting application start time: 0xFRST.exe0
Faulting application path: FRST.exe1
Faulting module path: FRST.exe2
Report Id: FRST.exe3
 
Error: (06/26/2016 05:25:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/26/2016 05:25:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/26/2016 05:25:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/26/2016 05:25:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/26/2016 05:23:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/26/2016 05:23:48 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "6.0.0.6u9b41" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (06/26/2016 05:23:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/26/2016 05:23:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/26/2016 05:23:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (06/26/2016 05:01:58 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 05:01:56 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 05:01:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 04:32:09 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 04:31:49 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 04:31:47 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 04:31:45 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 04:10:56 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 04:10:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/26/2016 04:10:40 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 51%
Total physical RAM: 2908.88 MB
Available physical RAM: 1420.84 MB
Total Virtual: 5816.04 MB
Available Virtual: 4251.33 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:97.65 GB) (Free:62.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:368.1 GB) (Free:261.39 GB) NTFS
Drive f: (PRO EVOLUTION SOCCER 6) (CDROM) (Total:3.49 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 18861885)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368.1 GB) - (Type=OF Extended)
 
==================== End of Addition.txt ============================

 


Edited by Insomniac00, 26 June 2016 - 09:41 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,015 posts
  • MVP
Separate Replies for each log are probably easiest.
 
Clear the Java Cache by following the instructions on
 
You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 8 Update 60 
 
Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
 
If you feel you must have Java:
Get the latest Java at:
 
Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
 
(If you also want the 64 bit version then use the 64 bit version of IE to get it.)
 
 
Download the attached fixlist.txt to the same location as FRST
 
 
Run FRST and press Fix
 
PC will reboot.
 
A fix log will be generated please post that 
 
 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 
sfc  /scannow
 
 
 
Copy the next two lines:
 
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
 
 
 
 
Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 
 
 

 


  • 0

#3
Insomniac00

Insomniac00

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

For some reason I cant open command prompt :(123.png

When i click on it nothing happens...

 

 

 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,015 posts
  • MVP

Right click on the clock and select Start Task Manager.  Then File, New Task (Run) 

 

Type with an Enter after the line:

 
 
sfc /scannow
IF that works it might fix the command prompt problem too.
 
It's odd but I don't see the fixlist in my last post but if I go to edit it then it's there.  Here it is again just in case you can't see it:
 
Attached File  fixlist.txt   7.38KB   160 downloads

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP