Jump to content

Blazer66

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. 1, The main problem is that when I run MBAM, it stalls/hangs up in the Pre-Scan Operations (PSO) task. - MBAM previously worked fine and produced the report of findings. - Now it looks like it checks and installs updates, and starts the PSO task. But the PSO task doesn't end. It either hangs up after 1 1/2 hours or I kill it by powering down the laptop - the Pause Scan and Cancel buttons don't work. - Ran RKILL but didn't see anything there. - Tried some of the alternatives (Safe Mode, Cameleon, ... but same result. 2. Other programs like Task Manager, AVG, and AVG PC Tuneup won't start. Thanks in advance for your help Start of SCAN RESULTS - full results are attached Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 Ran by Scott (administrator) on KIDS_LAPTOP (11-11-2015 20:35:11) Running from E:\ Loaded Profiles: Scott (Available Profiles: Scott & Guest) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\HelpPane.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-23] (Realtek Semiconductor) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-10] (COMODO) HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.) HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\eMachines\OOBEOffer\OOTag.exe [13856 2010-02-22] (Microsoft) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2569616 2015-10-04] () HKLM-x32\...\Run: [PrivDogService] => C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-29] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [CenturyLinkTouchPointAgent] => C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe [48616 2015-07-21] (CenturyLink Inc) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1130408 2015-10-28] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2211032015-3751181627-1635469974-1002\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-10-30] (SUPERAntiSpyware) HKU\S-1-5-21-2211032015-3751181627-1635469974-1002\...\MountPoints2: {11d1c285-12dc-11e5-a9ed-705ab6ed6275} - E:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2211032015-3751181627-1635469974-1002\...\MountPoints2: {e073c314-02ec-11e5-aaea-705ab6ed6275} - E:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-2211032015-3751181627-1635469974-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\eMachines.scr HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-26] (Microsoft Corporation) IFEO\centurylinkinstaller.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\centurylinktouchpointagent.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\icloud.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\icloudweb.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\shellstreamsshortcut.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\totalsystemcare.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25 Tcpip\..\Interfaces\{107459C7-B5D0-495F-A8EE-E3368C1FB3D1}: [DhcpNameServer] 192.168.0.1 205.171.3.25 Tcpip\..\Interfaces\{A23860ED-02D2-43B7-B241-03AED0695C54}: [DhcpNameServer] 192.168.0.123 Internet Explorer: ================== HKU\S-1-5-21-2211032015-3751181627-1635469974-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BEC8CCDDD-9C99-49B1-BA4B-744B0E2023EB%7D&mid=c8fc92975c9247d3b451a113f0098b86-ccbe8c740107154b04f7ca8c3c70117ec7a5c1ca〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-07%2019:09:09&v=18.9.0.231&pid=safeguard&sg=&sap=hp HKU\S-1-5-21-2211032015-3751181627-1635469974-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=e527&r=27361213l205l04d4z1h5r4542r20s SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW SearchScopes: HKU\S-1-5-21-2211032015-3751181627-1635469974-1002 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKU\S-1-5-21-2211032015-3751181627-1635469974-1002 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKU\S-1-5-21-2211032015-3751181627-1635469974-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-2211032015-3751181627-1635469974-1002 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKU\S-1-5-21-2211032015-3751181627-1635469974-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EC8CCDDD-9C99-49B1-BA4B-744B0E2023EB}&mid=c8fc92975c9247d3b451a113f0098b86-ccbe8c740107154b04f7ca8c3c70117ec7a5c1ca〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-07 19:09:09&v=18.9.0.231&pid=safeguard&sg=&sap=dsp&q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation) BHO-x32: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia) Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.9.0\ViProtocol.dll [2015-10-04] (AVG Secure Search) FireFox: ======== FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\7q5gvxnt.default FF DefaultSearchEngine: AVG Secure Search FF SelectedSearchEngine: AVG Secure Search FF Homepage: hxxps://mysearch.avg.com?cid={EC8CCDDD-9C99-49B1-BA4B-744B0E2023EB}&mid=c8fc92975c9247d3b451a113f0098b86-ccbe8c740107154b04f7ca8c3c70117ec7a5c1ca〈=en&ds=AVG&coid=avgtbavg&cmpid=0415tb&pr=fr&d=2014-02-07 19:09:09&v=18.7.0.147&pid=safeguard&sg=&sap=hp FF Keyword.URL: FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.9.0\\npsitesafety.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-08] (VideoLAN) FF Plugin HKU\S-1-5-21-2211032015-3751181627-1635469974-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-10] (Unity Technologies ApS) FF SearchPlugin: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\7q5gvxnt.default\searchplugins\avg-secure-search.xml [2015-07-25] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-10-04] FF Extension: WOT - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\7q5gvxnt.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-08-24] FF Extension: Download Status Bar - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\7q5gvxnt.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-29] FF Extension: Adblock Plus - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\7q5gvxnt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-17] FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.9.0.231 => not found Chrome: ======= CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={EC8CCDDD-9C99-49B1-BA4B-744B0E2023EB}&mid=c8fc92975c9247d3b451a113f0098b86-ccbe8c740107154b04f7ca8c3c70117ec7a5c1ca〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-07 19:09:09&v=18.1.9.799&pid=safeguard&sg=&sap=hp CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={EC8CCDDD-9C99-49B1-BA4B-744B0E2023EB}&mid=c8fc92975c9247d3b451a113f0098b86-ccbe8c740107154b04f7ca8c3c70117ec7a5c1ca〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-07 19:09:09&v=18.1.9.799&pid=safeguard&sg=&sap=hp" CHR Profile: C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (PrivDog) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-10-02] [updateUrl: hxxp://privdog.com/updates/1123/googlechrome/update.xml] <==== ATTENTION CHR Extension: (Google Search) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (AVG SafeGuard toolbar) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-08-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28] CHR HKU\S-1-5-21-2211032015-3751181627-1635469974-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Users\Scott\AppData\Local\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-05-14] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-10-30] (SUPERAntiSpyware.com) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-29] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-29] (AVG Technologies CZ, s.r.o.) S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-10-28] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-29] (AVG Technologies CZ, s.r.o.) S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-07] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-10] (COMODO) S2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [865824 2010-02-05] (Acer Incorporated) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-08-10] (McAfee, Inc.) S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-28] (DEVGURU Co., LTD.) S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4368808 2015-10-28] (AVG Technologies CZ, s.r.o.) S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group) S2 vToolbarUpdater18.9.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\ToolbarUpdater.exe [1862032 2015-10-04] (AVG Secure Search) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.