Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer very slow

Started by Pat_54 , Aug 02 2016 07:59 AM

  • Please log in to reply

#16
Pat_54
Posted 03 August 2016 - 09:11 PM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

ok here is the frst scan

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-08-2016
Ran by jim (administrator) on JIM-PC (03-08-2016 23:00:15)
Running from C:\Users\jim\Downloads
Loaded Profiles: jim (Available Profiles: jim)
Platform: Microsoft Windows 8.1 Pro (Update) (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-08-01] (AVAST Software)
HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [191488 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-06-06] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{586A7A0F-C41F-44F1-92DC-65D8FD042321}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-06] (AVAST Software)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-06]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-06]
StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-06] (AVAST Software)
S4 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S4 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-06-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-06-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-06-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2016-06-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-06-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [815792 2016-06-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449640 2016-06-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [124808 2016-06-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224616 2016-08-02] (AVAST Software)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
S3 netr28u; C:\WINDOWS\system32\DRIVERS\netr28u.sys [1696528 2013-06-18] (Ralink Technology Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38928 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [233304 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-28] (Microsoft Corporation)
S1 MpKsl3e3d4e73; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4E22EC1-B5BA-4EB9-81D2-146C6D02A629}\MpKsl3e3d4e73.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-03 23:00 - 2016-08-03 23:01 - 00006720 _____ C:\Users\jim\Downloads\FRST.txt
2016-08-03 22:57 - 2016-08-03 22:57 - 00000000 ____D C:\Users\jim\Downloads\FRST-OlderVersion
2016-08-03 22:50 - 2016-08-03 22:50 - 00088810 _____ C:\Users\jim\Desktop\DxDiag.txt
2016-08-03 21:40 - 2016-08-03 22:47 - 00016030 _____ C:\WINDOWS\ntbtlog.txt
2016-08-03 17:26 - 2016-08-03 17:26 - 00004387 _____ C:\Users\jim\Desktop\Hardware Interrupts and DPCs.txt
2016-08-03 17:06 - 2016-08-03 17:06 - 00017010 _____ C:\Users\jim\Desktop\VEW.txt
2016-08-03 17:02 - 2016-08-03 17:15 - 00016295 _____ C:\VEW.txt
2016-08-03 17:00 - 2016-08-03 17:00 - 00061440 _____ ( ) C:\Users\jim\Desktop\VEW.exe
2016-08-03 00:05 - 2016-08-03 00:44 - 00265071 _____ C:\Users\jim\Desktop\JIM-PC.txt
2016-08-03 00:02 - 2016-08-03 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-08-03 00:02 - 2016-08-03 00:02 - 00000000 ____D C:\Program Files\Speccy
2016-08-02 23:58 - 2016-08-02 23:58 - 00004538 _____ C:\junk.txt
2016-08-02 23:45 - 2016-08-02 23:45 - 00003713 _____ C:\Users\jim\Documents\System.txt
2016-08-02 17:21 - 2016-08-02 17:21 - 01610560 _____ (Malwarebytes) C:\Users\jim\Downloads\JRT.exe
2016-08-02 17:19 - 2016-08-02 17:19 - 03712064 _____ C:\Users\jim\Downloads\AdwCleaner.exe
2016-08-02 13:14 - 2016-08-03 23:00 - 00000000 ____D C:\FRST
2016-08-02 13:11 - 2016-08-03 22:57 - 01743872 _____ (Farbar) C:\Users\jim\Downloads\FRST.exe
2016-08-02 04:02 - 2016-08-02 04:02 - 08136664 _____ (Piriform Ltd) C:\Users\jim\Downloads\ccsetup520.exe
2016-08-02 03:21 - 2016-08-02 03:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-02 03:21 - 2016-08-02 03:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-02 03:19 - 2016-06-18 14:40 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-08-02 03:19 - 2016-06-11 12:24 - 01117696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-02 03:19 - 2016-06-11 12:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-02 03:19 - 2016-06-11 12:20 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-08-02 03:19 - 2016-06-11 12:16 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-08-02 03:19 - 2016-06-10 14:15 - 05468136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-02 03:19 - 2016-06-10 13:30 - 02976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-02 03:19 - 2016-06-03 20:38 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-02 03:19 - 2016-05-28 14:31 - 19788688 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-02 03:19 - 2016-05-18 16:16 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-02 03:19 - 2016-05-14 01:23 - 00888896 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-02 03:19 - 2016-05-13 18:23 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-02 03:19 - 2016-05-13 17:20 - 03033600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-02 03:19 - 2016-05-13 17:13 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-08-02 03:19 - 2016-05-06 12:23 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-08-02 03:19 - 2016-05-05 13:39 - 01212256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-02 03:19 - 2016-04-16 09:43 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-02 03:19 - 2016-04-12 11:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-02 03:19 - 2016-04-09 17:57 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-08-02 03:19 - 2016-04-07 11:20 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-08-02 03:19 - 2016-04-06 13:53 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-08-02 03:19 - 2016-04-06 12:49 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-02 03:19 - 2016-04-06 12:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-02 03:18 - 2016-06-18 14:41 - 00063088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-08-02 03:18 - 2016-06-14 18:09 - 05761880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-02 03:18 - 2016-06-11 14:34 - 00479320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-02 03:18 - 2016-06-11 14:34 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-02 03:18 - 2016-06-11 14:33 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-02 03:18 - 2016-06-11 14:30 - 00318304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-02 03:18 - 2016-06-11 14:30 - 00047968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-02 03:18 - 2016-06-11 13:14 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2016-08-02 03:18 - 2016-06-11 12:21 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-08-02 03:18 - 2016-06-10 23:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-08-02 03:18 - 2016-06-10 14:15 - 01192576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-02 03:18 - 2016-06-10 14:15 - 00227736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-02 03:18 - 2016-06-10 14:10 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2016-08-02 03:18 - 2016-06-10 14:07 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-08-02 03:18 - 2016-06-10 14:04 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-02 03:18 - 2016-06-09 14:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-08-02 03:18 - 2016-06-07 13:13 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hbaapi.dll
2016-08-02 03:18 - 2016-05-18 17:15 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2016-08-02 03:18 - 2016-05-18 16:59 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-02 03:18 - 2016-05-18 16:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-08-02 03:18 - 2016-05-14 16:29 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-02 03:18 - 2016-05-13 18:23 - 00026880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-02 03:18 - 2016-05-13 18:23 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-02 03:18 - 2016-05-13 17:18 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-08-02 03:18 - 2016-05-13 17:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-08-02 03:18 - 2016-05-13 17:16 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-02 03:18 - 2016-05-13 17:16 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-02 03:18 - 2016-05-13 17:16 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-08-02 03:18 - 2016-05-12 13:39 - 00030984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-02 03:18 - 2016-05-06 18:03 - 00288600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-08-02 03:18 - 2016-05-05 12:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-08-02 03:18 - 2016-05-05 12:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-08-02 03:18 - 2016-05-05 12:29 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-08-02 03:18 - 2016-05-05 11:16 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-08-02 03:18 - 2016-04-10 01:38 - 00410968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-08-02 03:18 - 2016-04-09 17:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-02 03:18 - 2016-04-09 17:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-08-02 03:18 - 2016-04-09 17:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-08-02 03:18 - 2016-04-09 17:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-08-02 03:18 - 2016-04-09 17:49 - 00665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-08-02 03:18 - 2016-04-07 11:38 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-08-02 03:18 - 2016-04-07 11:33 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-08-02 03:18 - 2016-04-07 11:26 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-08-02 03:18 - 2016-04-06 12:50 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2016-08-02 03:18 - 2016-04-05 17:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-08-02 03:18 - 2016-04-02 09:50 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2016-08-02 03:18 - 2016-04-02 09:42 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-02 03:18 - 2016-04-01 13:04 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-08-02 03:18 - 2016-04-01 12:41 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-08-02 03:18 - 2016-04-01 12:36 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-08-02 03:18 - 2016-04-01 12:35 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-02 03:15 - 2015-12-16 12:51 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-08-02 02:56 - 2016-05-25 09:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-08-02 02:56 - 2016-05-25 09:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-08-02 02:15 - 2016-06-25 13:15 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-08-02 02:15 - 2016-06-25 12:47 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-08-02 02:15 - 2016-06-25 12:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-08-02 02:15 - 2016-06-25 12:03 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-08-02 02:15 - 2016-06-25 11:59 - 00878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-08-02 02:15 - 2016-06-25 11:59 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-08-02 02:15 - 2016-06-25 11:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-08-02 02:15 - 2016-06-21 09:40 - 01288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-02 02:15 - 2016-06-21 09:40 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-08-02 02:15 - 2016-06-21 09:40 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-08-02 02:15 - 2016-05-18 18:26 - 01131592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-08-02 02:15 - 2016-05-14 16:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-08-02 02:15 - 2016-05-13 18:22 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-08-02 02:15 - 2016-05-13 18:22 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-08-02 02:15 - 2016-05-13 18:22 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-08-02 02:15 - 2016-05-13 18:21 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-08-02 02:15 - 2016-05-13 17:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-08-02 02:14 - 2016-06-25 14:40 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-02 02:14 - 2016-06-22 09:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-08-02 02:14 - 2016-06-21 10:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-08-02 02:14 - 2016-06-21 09:40 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-02 02:14 - 2016-06-21 09:40 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-08-02 02:14 - 2016-06-21 09:40 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-08-02 02:14 - 2016-06-21 09:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-02 02:14 - 2016-06-11 13:22 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-02 02:14 - 2016-06-11 13:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2016-08-02 02:14 - 2016-06-11 13:13 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-02 02:14 - 2016-06-11 13:12 - 20348928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-02 02:14 - 2016-06-11 13:07 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-08-02 02:14 - 2016-06-11 12:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-08-02 02:14 - 2016-06-11 12:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-08-02 02:14 - 2016-06-11 12:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-08-02 02:14 - 2016-06-11 12:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-08-02 02:14 - 2016-06-11 12:31 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-02 02:14 - 2016-06-11 12:31 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-02 02:14 - 2016-06-11 12:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-02 02:14 - 2016-06-11 12:31 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-02 02:14 - 2016-06-11 12:29 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-02 02:14 - 2016-06-11 12:15 - 13806080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-02 02:14 - 2016-06-11 11:59 - 02392576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-02 02:14 - 2016-06-11 11:56 - 01315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-02 02:14 - 2016-06-11 11:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-02 02:14 - 2016-06-10 15:06 - 03485184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-02 02:14 - 2016-06-01 12:02 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-08-02 02:14 - 2016-05-18 01:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-08-02 02:14 - 2016-05-13 18:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-08-02 02:14 - 2016-05-12 13:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-08-02 02:14 - 2016-05-12 11:48 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-08-02 02:14 - 2016-05-12 11:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-08-02 02:14 - 2016-05-12 11:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-08-02 02:14 - 2016-05-12 11:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-08-02 02:14 - 2016-05-12 11:35 - 01210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-08-02 02:14 - 2016-05-12 11:32 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-08-02 02:14 - 2016-05-09 16:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-02 02:14 - 2016-05-09 16:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-02 02:14 - 2016-05-06 11:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-08-02 02:14 - 2016-01-31 14:37 - 00108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-08-02 02:14 - 2016-01-31 13:32 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-03 22:53 - 2014-10-08 01:21 - 00000000 ____D C:\Users\jim\AppData\Local\Deployment
2016-08-03 21:40 - 2013-08-22 03:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-03 19:01 - 2012-05-17 23:48 - 00000000 ____D C:\Users\jim\Desktop\shortcut icons
2016-08-03 15:30 - 2012-07-26 02:43 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-03 14:18 - 2011-10-12 19:42 - 00000000 ___RD C:\Users\jim\Desktop\program downloads
2016-08-03 14:16 - 2013-08-22 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-03 01:12 - 2013-08-22 02:21 - 00000000 ____D C:\WINDOWS\inf
2016-08-02 22:32 - 2013-12-11 04:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-02 13:33 - 2013-08-22 04:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-02 13:33 - 2013-08-22 04:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-02 12:44 - 2013-08-22 03:22 - 00335400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-02 11:49 - 2013-08-22 04:17 - 00000000 ____D C:\WINDOWS\rescache
2016-08-02 10:17 - 2014-10-22 18:25 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2016-08-02 08:36 - 2014-05-12 23:46 - 00224616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-02 03:32 - 2013-08-22 04:17 - 00000000 ___RD C:\WINDOWS\ToastData
2016-08-02 02:59 - 2015-04-15 17:51 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-02 02:53 - 2014-01-06 17:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-02 02:50 - 2014-01-06 17:03 - 141983760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-10-11 00:17 - 2014-10-11 00:17 - 0000017 _____ () C:\Users\jim\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-03 01:20

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-08-2016
Ran by jim (2016-08-03 23:01:37)
Running from C:\Users\jim\Downloads
Microsoft Windows 8.1 Pro (Update) (X86) (2014-10-03 22:00:48)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2591139470-2079622777-1480923985-500 - Administrator - Disabled)
Guest (S-1-5-21-2591139470-2079622777-1480923985-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2591139470-2079622777-1480923985-1004 - Limited - Enabled)
jim (S-1-5-21-2591139470-2079622777-1480923985-1000 - Administrator - Enabled) => C:\Users\jim

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.2 - Auslogics Software Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.2.2262 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Hardwood Euchre (HKLM\...\Hardwood Euchre) (Version:  - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iSkysoft Data Recovery(Build 1.2.0.6) (HKLM\...\{656DB838-DB63-4acd-82E3-BB363ED99116}_is1) (Version: 1.2.0.6 - iSkysoft Software Co.,Ltd.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 en-US) (HKLM\...\Mozilla Thunderbird 45.1.1 (x86 en-US)) (Version: 45.1.1 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.24.0 - Ralink)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH R5U8xx Media Driver ver.3.62.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.62.02 - RICOH)
RuneScape Launcher 1.2.7 (HKLM\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SafeZone Stable 1.48.2066.101 (Version: 1.48.2066.101 - Avast Software) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1309F641-D96C-4266-8FCC-08BC2AB0851B} - System32\Tasks\SafeZone scheduled Autoupdate 1455255454 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {8B601E6D-E433-41B4-9F02-A4911D8FA191} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-06] (AVAST Software)
Task: {97C1D7E2-8DCC-43C1-B454-0C6048ACC759} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {ABAF52CF-61F1-4100-9E0C-C596F79EB59C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {B8E94945-76E8-42BA-9004-2B863616FC8B} - System32\Tasks\{0B45C01B-7366-4336-AEAD-4BC23257ED91} => pcalua.exe -a "C:\Program Files\Windows Live\Installer\wlarp.exe"
Task: {D699F0B9-23B7-492F-8BD0-74A6A33D2050} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-06-06 22:28 - 2016-06-06 22:28 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-06 22:28 - 2016-06-06 22:28 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-03 11:48 - 2016-08-03 11:48 - 03004416 _____ () C:\Program Files\AVAST Software\Avast\defs\16080301\algo.dll
2016-06-06 22:28 - 2016-06-06 22:28 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-06 22:28 - 2016-06-06 22:28 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-12 01:26 - 2016-02-12 01:27 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4791 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 02:13 - 2013-08-22 02:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jim\Pictures\Oldsmobile\P8310034.JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RaMediaServer => 3

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A019A72D-48D7-422C-8A04-F78D7D3B3DD6}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FEB0DBB1-1928-4BDF-B97F-C3A0108BA4CE}] => (Allow) LPort=1900
FirewallRules: [{F1823DAF-174B-43F9-96FA-72F51905C26C}] => (Allow) LPort=2869
FirewallRules: [{D10736D3-DB84-4A1C-96B6-2DC7F3721E92}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FC1F58F8-871E-4303-97E5-01B6EABF1701}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{9D6464D8-E782-46AC-8E2F-6AED3A8BB4BB}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{470805FF-04C8-4DB7-9C41-131E6371B973}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe
FirewallRules: [{A3A6B5CA-7B45-4EED-BB2A-749342EAB0A0}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe
FirewallRules: [{7E04CEFB-1852-4C6B-8AAD-797177470729}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{9F89C310-50B6-4841-8A77-954E292D9F01}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{19516769-816F-4367-9101-E5C0F771C41E}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe
FirewallRules: [{7DEB0DD5-73D1-4226-823B-7CA9535B44E1}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe

==================== Restore Points =========================

02-08-2016 02:41:21 Windows Update

==================== Faulty Device Manager Devices =============

Name: Broadcom 440x 10/100 Integrated Controller
Description: Broadcom 440x 10/100 Integrated Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: bcm4sbxp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2016 12:02:55 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (08/02/2016 01:04:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5d8

Start Time: 01d1ecdfca30a807

Termination Time: 31

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 34b1d8f8-58d3-11e6-affb-a7480b6b8e2f

Faulting package full name:

Faulting package-relative application ID:

Error: (08/02/2016 01:03:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d88

Start Time: 01d1ecdfac939b78

Termination Time: 42

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 05cc021c-58d3-11e6-affb-a7480b6b8e2f

Faulting package full name:

Faulting package-relative application ID:

Error: (08/02/2016 01:02:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bfc

Start Time: 01d1ecdf75badb06

Termination Time: 46

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: e8364786-58d2-11e6-affb-a7480b6b8e2f

Faulting package full name:

Faulting package-relative application ID:

Error: (08/02/2016 12:49:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2b4

Start Time: 01d1ecdd8174863e

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 00b351ae-58d1-11e6-affb-a7480b6b8e2f

Faulting package full name:

Faulting package-relative application ID:

Error: (08/02/2016 04:23:58 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (08/02/2016 03:43:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6e8

Start Time: 01d1ec912a27c8e6

Termination Time: 4294967295

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: c7c1e89a-5884-11e6-affa-d2b69864c09d

Faulting package full name:

Faulting package-relative application ID:

Error: (08/02/2016 03:43:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: jim-PC)
Description: Package DefaultBrowser_NOPUBLISHERID+Microsoft.InternetExplorer.Default was terminated because it took too long to suspend.

Error: (08/02/2016 03:40:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OpenWith.exe, version: 6.3.9600.17415, time stamp: 0x5450443d
Faulting module name: COMCTL32.dll, version: 6.3.9600.18233, time stamp: 0x56bb4e17
Exception code: 0xc0000142
Fault offset: 0x00096f03
Faulting process id: 0xc54
Faulting application start time: 0xOpenWith.exe0
Faulting application path: OpenWith.exe1
Faulting module path: OpenWith.exe2
Report Id: OpenWith.exe3
Faulting package full name: OpenWith.exe4
Faulting package-relative application ID: OpenWith.exe5

Error: (08/02/2016 03:34:35 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070013, The media is write protected.
.

System errors:
=============
Error: (08/03/2016 09:35:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.

Error: (08/03/2016 07:36:31 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/03/2016 07:36:31 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/03/2016 03:37:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (08/03/2016 03:35:14 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/03/2016 03:35:14 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/03/2016 02:19:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (08/03/2016 02:17:46 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/03/2016 02:17:46 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/03/2016 11:59:20 AM) (Source: DCOM) (EventID: 10010) (User: jim-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

==================== Memory info ===========================

Processor: Mobile AMD Sempron™ Processor 3500+
Percentage of memory in use: 37%
Total physical RAM: 1918.04 MB
Available physical RAM: 1197.62 MB
Total Virtual: 4734.04 MB
Available Virtual: 4066.5 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:64.45 GB) (Free:35.31 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 18000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=64.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

Advertisements

#17
RKinner
Posted 03 August 2016 - 11:56 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

I found a better way to turn off ICS:

 

https://answers.syr....ndows 8 and 8.1

 

IE is crashing for some reason.  Looking back at your speccy log I see a lot of failed updates.

 

Check for updates and see if it has any for you.

 

http://www.eightforu...indows-8-a.html

 

Also look for optional updates.


  • 0

#18
Pat_54
Posted 04 August 2016 - 12:59 AM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts
Hi I did and followed instructions for disable internet connection that you gave me but got to the very last part and there is no sharing tab available only a networking tab. also rechecked windows updates and there isn't any or no optionals either.
  • 0

#19
RKinner
Posted 04 August 2016 - 05:58 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

You can try the second option on this page: https://support.micr...en-us/kb/318378 where it says:

 

Reinstall Internet Explorer
Reinstall Internet Explorer in Windows 8.1 and Windows 8

 

 

Make sure you have an alternative browser like Chrome or Firefox first.


  • 0

#20
Pat_54
Posted 04 August 2016 - 11:44 AM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

Hi again. I just decided to download chrome and use that for my browser. Will need to learn how to use but have had to many problems with IE in the past. Need to figure out on chrome how to delete history upon closing the browser have gone into settings but confusing. Computer seems to be running ok right now but still slow at shutdown and startup. Is there anything we can do to help remedy this.


Edited by Pat_54, 04 August 2016 - 02:13 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP