Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware Help Needed- Pop-ups, redirects, etc.


  • Please log in to reply

#16
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 11/08/2016 7:48:28 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/08/2016 5:28:16 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The SQL Server (SQLEXPRESS) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 10/08/2016 5:28:15 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

Log: 'System' Date/Time: 10/08/2016 5:03:33 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3042058).

Log: 'System' Date/Time: 10/08/2016 5:03:20 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3071756).

Log: 'System' Date/Time: 10/08/2016 5:02:47 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3080149).

Log: 'System' Date/Time: 10/08/2016 5:02:35 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3068708).

Log: 'System' Date/Time: 10/08/2016 5:02:07 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3126587).

Log: 'System' Date/Time: 10/08/2016 5:01:48 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3061518).

Log: 'System' Date/Time: 10/08/2016 5:01:35 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3060716).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/08/2016 5:28:29 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 5:25:18 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\9&10047a3b&0&01.

Log: 'System' Date/Time: 10/08/2016 5:24:19 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 5:24:14 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/08/2016 11:44:24 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 11:43:45 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\9&10047a3b&0&01.

Log: 'System' Date/Time: 10/08/2016 7:56:39 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 7:56:35 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

 


  • 0

Advertisements


#17
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 11/08/2016 7:48:28 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/08/2016 5:28:16 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The SQL Server (SQLEXPRESS) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 10/08/2016 5:28:15 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

Log: 'System' Date/Time: 10/08/2016 5:03:33 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3042058).

Log: 'System' Date/Time: 10/08/2016 5:03:20 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3071756).

Log: 'System' Date/Time: 10/08/2016 5:02:47 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3080149).

Log: 'System' Date/Time: 10/08/2016 5:02:35 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3068708).

Log: 'System' Date/Time: 10/08/2016 5:02:07 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3126587).

Log: 'System' Date/Time: 10/08/2016 5:01:48 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3061518).

Log: 'System' Date/Time: 10/08/2016 5:01:35 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3060716).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/08/2016 5:28:29 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 5:25:18 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\9&10047a3b&0&01.

Log: 'System' Date/Time: 10/08/2016 5:24:19 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 5:24:14 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/08/2016 11:44:24 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 11:43:45 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\9&10047a3b&0&01.

Log: 'System' Date/Time: 10/08/2016 7:56:39 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 7:56:35 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 11/08/2016 7:48:28 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/08/2016 5:28:16 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The SQL Server (SQLEXPRESS) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 10/08/2016 5:28:15 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

Log: 'System' Date/Time: 10/08/2016 5:03:33 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3042058).

Log: 'System' Date/Time: 10/08/2016 5:03:20 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3071756).

Log: 'System' Date/Time: 10/08/2016 5:02:47 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3080149).

Log: 'System' Date/Time: 10/08/2016 5:02:35 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3068708).

Log: 'System' Date/Time: 10/08/2016 5:02:07 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3126587).

Log: 'System' Date/Time: 10/08/2016 5:01:48 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3061518).

Log: 'System' Date/Time: 10/08/2016 5:01:35 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3060716).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/08/2016 5:28:29 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 5:25:18 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\9&10047a3b&0&01.

Log: 'System' Date/Time: 10/08/2016 5:24:19 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 5:24:14 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 10/08/2016 11:44:24 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 11:43:45 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device {C5A047D8-CB5B-40E9-B9E3-316AB06B5A18}\WirelessKeyboardFilter\9&10047a3b&0&01.

Log: 'System' Date/Time: 10/08/2016 7:56:39 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.homerouter.cpe timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/08/2016 7:56:35 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.


  • 0

#18
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 11/08/2016 7:58:27 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/08/2016 5:27:43 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
484: ERROR: read_msg errno 0 (The operation completed successfully.)

Log: 'Application' Date/Time: 10/08/2016 5:27:43 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
ERROR: mDNSPlatformReadTCP - recv: 10053

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/08/2016 5:28:17 PM
Type: Warning Category: 0
Event: 3 Source: SQLBrowser
The configuration of the AdminConnection\TCP protocol in the SQL instance SQLEXPRESS is not valid.

Log: 'Application' Date/Time: 10/08/2016 5:28:17 PM
Type: Warning Category: 0
Event: 3 Source: SQLBrowser
The configuration of the AdminConnection\TCP protocol in the SQL instance MSSMLBIZ is not valid.

Log: 'Application' Date/Time: 10/08/2016 5:23:58 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   20 user registry handles leaked from \Registry\User\S-1-5-21-3979224096-2494383751-3139044533-1005:
Process 724 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005
Process 724 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\trust
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\trust
Process 724 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\Disallowed
Process 724 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\Root
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\Root
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Policies\Microsoft\SystemCertificates
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Policies\Microsoft\SystemCertificates
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Policies\Microsoft\SystemCertificates
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Policies\Microsoft\SystemCertificates
Process 724 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Policies\Microsoft\SystemCertificates
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\My
Process 1496 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\SystemCertificates\CA

Log: 'Application' Date/Time: 10/08/2016 11:44:08 AM
Type: Warning Category: 0
Event: 3 Source: SQLBrowser
The configuration of the AdminConnection\TCP protocol in the SQL instance SQLEXPRESS is not valid.

Log: 'Application' Date/Time: 10/08/2016 11:44:08 AM
Type: Warning Category: 0
Event: 3 Source: SQLBrowser
The configuration of the AdminConnection\TCP protocol in the SQL instance MSSMLBIZ is not valid.


  • 0

#19
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

Ok so I think I've done all that correctly. Firefox has been so bad that it has become unuseable, so I have uninstalled and deleted it. I took screenshots of the error messages should you wish to see them. Am now using the dreaded IE which is very slow and keeps crashing.


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
I'm wondering why this line shows up in your FRST log:
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
Normally FRST will white list Microsoft stuff.  Let's make sure it's OK.
 
 
Copy then next two lines;

reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AppMgmt" /s > \junk.txt

notepad \junk.txt
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 
 
 
 
Please download MiniToolBox, save it to your desktop and run it.
 
Checkmark the following checkboxes:
 
Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer Errors
List Installed Programs
List Devices
List Users, Partitions and Memory size.
List Minidump Files
 
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
 
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

  • 0

#21
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AppMgmt
    ImagePath    REG_EXPAND_SZ    %SystemRoot%\system32\svchost.exe -k netsvcs

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AppMgmt\Parameters
    ServiceDll    REG_EXPAND_SZ    %SystemRoot%\System32\appmgmts.dll


  • 0

#22
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Celia (administrator) on 11-08-2016 at 10:05:21
Running from "C:\Users\Celia\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Model: Satellite A500 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Celia-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : homerouter.cpe

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : homerouter.cpe
   Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 70-F1-A1-42-C1-E7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::29db:9f0:6b8e:d0b4%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.8.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, 11 August 2016 3:27:28 AM
   Lease Expires . . . . . . . . . . : Friday, 12 August 2016 3:27:32 AM
   Default Gateway . . . . . . . . . : 192.168.8.1
   DHCP Server . . . . . . . . . . . : 192.168.8.1
   DHCPv6 IAID . . . . . . . . . . . : 326168993
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-6B-BC-8F-70-5A-B6-BA-74-0E
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       4.2.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : homerouter.cpe
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 70-5A-B6-BA-74-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::68a4:5a69:f075:98e0%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.8.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, 11 August 2016 3:27:22 AM
   Lease Expires . . . . . . . . . . : Friday, 12 August 2016 3:27:22 AM
   Default Gateway . . . . . . . . . : 192.168.8.1
   DHCP Server . . . . . . . . . . . : 192.168.8.1
   DHCPv6 IAID . . . . . . . . . . . : 242244278
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-6B-BC-8F-70-5A-B6-BA-74-0E
   DNS Servers . . . . . . . . . . . : 192.168.8.1
                                       192.168.8.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.homerouter.cpe:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : homerouter.cpe
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    google.com
Addresses:  2404:6800:4006:806::200e
   101.119.5.108
   101.119.5.87
   101.119.5.102
   101.119.5.91
   101.119.5.109
   101.119.5.117
   101.119.5.83
   101.119.5.93
   101.119.5.98
   101.119.5.123
   101.119.5.106
   101.119.5.121
   101.119.5.113
   101.119.5.79
   101.119.5.94

Pinging google.com [101.119.5.108] with 32 bytes of data:
Reply from 101.119.5.108: bytes=32 time=37ms TTL=58
Reply from 101.119.5.108: bytes=32 time=29ms TTL=58

Ping statistics for 101.119.5.108:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 37ms, Average = 33ms
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
   2001:4998:c:a06::2:4008
   2001:4998:58:c02::a9
   98.138.253.109
   98.139.183.24
   206.190.36.45

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=229ms TTL=45
Reply from 98.138.253.109: bytes=32 time=238ms TTL=45

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 229ms, Maximum = 238ms, Average = 233ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...70 f1 a1 42 c1 e7 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
 10...70 5a b6 ba 74 0e ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.8.1    192.168.8.100     20
          0.0.0.0          0.0.0.0      192.168.8.1    192.168.8.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.8.0    255.255.255.0         On-link     192.168.8.100    276
      192.168.8.0    255.255.255.0         On-link     192.168.8.101    281
    192.168.8.100  255.255.255.255         On-link     192.168.8.100    276
    192.168.8.101  255.255.255.255         On-link     192.168.8.101    281
    192.168.8.255  255.255.255.255         On-link     192.168.8.100    276
    192.168.8.255  255.255.255.255         On-link     192.168.8.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.8.100    276
        224.0.0.0        240.0.0.0         On-link     192.168.8.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.8.100    276
  255.255.255.255  255.255.255.255         On-link     192.168.8.101    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    276 fe80::/64                On-link
 12    281 fe80::/64                On-link
 12    281 fe80::29db:9f0:6b8e:d0b4/128
                                    On-link
 10    276 fe80::68a4:5a69:f075:98e0/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/11/2016 03:27:43 AM) (Source: Bonjour Service) (User: )
Description: 484: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (08/11/2016 03:27:43 AM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

System errors:
=============
Error: (08/11/2016 03:28:16 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (08/11/2016 03:28:15 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

Error: (08/11/2016 03:03:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3042058).

Error: (08/11/2016 03:03:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3071756).

Error: (08/11/2016 03:02:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3080149).

Error: (08/11/2016 03:02:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3068708).

Error: (08/11/2016 03:02:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3126587).

Error: (08/11/2016 03:01:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3061518).

Error: (08/11/2016 03:01:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3060716).

Microsoft Office Sessions:
=========================
Error: (08/11/2016 03:27:43 AM) (Source: Bonjour Service)(User: )
Description: 484: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (08/11/2016 03:27:43 AM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

=========================== Installed Programs ============================

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\{78DFDC88-FA40-408F-8397-1D7908A6DA21}) (Version: 20.0.0.260 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824191728}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-bit) (HKLM\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk Pixlr (HKLM\...\{B0547B43-3AEE-453C-9945-800B9F92052D}) (Version: 1.0.3.0 - Autodesk) Hidden
Autodesk Pixlr (HKLM\...\Autodesk Pixlr) (Version: 1.0.3.0 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.2.2262 - AVAST Software)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.01(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Direct DiscRecorder (HKLM\...\{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}) (Version: 1.00.0000 - Corel Corporation) Hidden
Direct DiscRecorder (HKLM\...\InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}) (Version: 1.00.0000 - Corel Corporation) Hidden
DocuPrint P115 w (HKLM\...\{92EA7FDC-323F-406F-BEE9-601B8EB1E209}) (Version: 1.0.0.0 - Fuji Xerox)
Dolby Control Center (HKLM\...\{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3}) (Version: 2.2.1 - Dolby)
Dropbox (HKCU\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
DVD MovieFactory for TOSHIBA (HKLM\...\{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Hidden
DVD MovieFactory for TOSHIBA (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
ENE CIR Receiver Driver (HKLM\...\D751CB2FD39EE07639D08542EEF9BF77AD1D9696) (Version: 2.7.4.1 - ENE)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HDMI Control Manager (HKLM\...\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}) (Version: 2.0 - TOSHIBA CORPORATION)
iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
InterVideo WinDVD BD for TOSHIBA (HKLM\...\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.153 - InterVideo Inc.) Hidden
InterVideo WinDVD BD for TOSHIBA (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.153 - InterVideo Inc.)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}) (Version: 12.1.0.71 - Apple Inc.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5928 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SafeZone Stable 1.48.2066.101 (HKLM\...\SafeZone 1.48.2066.101) (Version: 1.48.2066.101 - Avast Software) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.11.0 - Synaptics Incorporated)
Telstra Mobile Broadband Manager (HKLM\...\{D42FD0CF-F36F-42D5-A12F-CE58397FD78A}) (Version: 3.0.514 - Telstra) Hidden
Telstra Mobile Broadband Manager (HKLM\...\Telstra Mobile Broadband Manager) (Version: 3.0.514 - Telstra)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.12 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM\...\InstallShield_{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}) (Version: 1.5.05.32 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.07-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.12.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.3.32 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.3 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.4 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.0.0 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM\...\InstallShield_{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}) (Version: 1.5.07.32 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1.0 - TOSHIBA CORPORATION)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
TOSHIBA USB Sleep and Charge Utility (HKLM\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.2.0 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.32 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
Utility Common Driver (HKLM\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.50.27C - TOSHIBA) Hidden
Windows Driver Package - Cmotech (cmusbnet) Net  (06/11/2007 2.0.0.9) (HKLM\...\E7E257830CD4614E7CF1B3792DF19B85FE5E7BE7) (Version: 06/11/2007 2.0.0.9 - Cmotech)
Windows Driver Package - Cmotech Modem  (12/13/2006 2.0.3.5) (HKLM\...\5E8F128761A9B07EC2DEC909F167D92DB8B3A348) (Version: 12/13/2006 2.0.3.5 - Cmotech)
Windows Driver Package - Cmotech Ports  (12/13/2006 2.0.3.5) (HKLM\...\6A032F4180B5A0E8F4BC27384D0A423B2595A785) (Version: 12/13/2006 2.0.3.5 - Cmotech)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

========================= Devices: ================================

Name: TOSHIBA USB DVB-T/Analog Hybrid Tuner
Description: TOSHIBA USB DVB-T/Analog Hybrid Tuner
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service:
Device ID: USB\VID_1164&PID_0871\0000000001
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

========================= Memory info: ===================================

Percentage of memory in use: 70%
Total physical RAM: 3061.59 MB
Available physical RAM: 901.69 MB
Total Virtual: 6121.51 MB
Available Virtual: 3516.95 MB

========================= Partitions: =====================================

1 Drive c: (S3A8113D003) (Fixed) (Total:583.45 GB) (Free:330.56 GB) NTFS

========================= Users: ========================================

User accounts for \\CELIA-PC

Administrator            Celia                    Guest                   

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

To fix your update problems try:

 

System Update Readiness Tool for Windows 7
 
 
This one for 32 bit:
 
(Expect it to take several hours)
 
Once that runs then get
 
 KB3083710 and KB3102810 if you don't already have them
 
 
 
Then try Windows Update again and see if you have better luck.
 
As far as the popup and such on ebay I'm not seeing anything that could cause them.  Do you get them just on Firefox or on IE too?  Have you tried Chrome just see if you have the same problem?
 
 
Let's try aswmbr and see if it sees something hidden:
 

Download aswMBR.exe  to your desktop.
Right click on aswMBR.exe and Run As ADmin
uncheck trace disk IO calls
Change the Quickscan to C:\
 (Allow the Avast engine download if asked) Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply
 
 
 

  • 0

#24
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

.


Edited by andrea22, 11 August 2016 - 07:51 AM.

  • 0

#25
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

Thanks I'll do the above tonight. I'm only getting the popups on IE when I open UK ebay (always the most problematic site) and am getting the little messages that its blocking the popups on other sites. And as I said, IE is crashing frequently and is very slow. I haven't tried chrome.


  • 0

Advertisements


#26
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

Thanks I'll do the above tonight. I'm only getting the popups on IE when I open UK ebay (always the most problematic site) and am getting the little messages that its blocking the popups on other sites. And as I said, IE is crashing frequently and is very slow. I haven't tried chrome.


  • 0

#27
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

I got the first microsoft thingo done but got stuck on the second two- didn't know what to do there. The asw said 'scan error' after a few lines. I'm not able to copy and paste what it says though.


  • 0

#28
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

Ok got it now.

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-08-12 00:04:52
-----------------------------
00:04:52.139    OS Version: Windows 6.1.7601 Service Pack 1
00:04:52.139    Number of processors: 4 586 0x2502
00:04:52.155    ComputerName: CELIA-PC  UserName: Celia
00:04:53.949    Initialze error C000010E - driver not loaded
00:04:55.977    AVAST engine defs: 16081104
00:05:11.827    Scan error: Incorrect function.
00:05:24.681    The log file has been saved successfully to "C:\Users\Celia\Desktop\aswMBR.txt"


  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Did you forget to right click on aswmbr.exe and Run As Admin?


  • 0

#30
andrea22

andrea22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 139 posts

no I definitely did that.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP