Jump to content

URL:MAL Virus

redrix

By redrix
in Resolved Malware Removal Logs

 Share

Recommended Posts

redrix

redrix

Posted
Posted

Hi,

 

as I was requested I did the scanning. Please see FRST.txt  and Addition.txt.

 

Please let me know if you need anything else.

 

Many thanks for your help.

 

Giuliano

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by home (administrator) on HOME-PC on 02-10-2014 20:11:15
Running from C:\Users\home\Downloads
Loaded Profile: home (Available profiles: home)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [iSUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-249298758-3835570970-1532920298-1000\...\Run: [iSUSPM Startup] => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
HKU\S-1-5-21-249298758-3835570970-1532920298-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7763736 2014-09-16] (SUPERAntiSpyware)
HKU\S-1-5-21-249298758-3835570970-1532920298-1000\...\MountPoints2: {8c3da3e7-6c41-11e2-80c5-74de2b9cda94} - F:\AutoRun.exe
HKU\S-1-5-21-249298758-3835570970-1532920298-1000\...\MountPoints2: {8c3da3f8-6c41-11e2-80c5-74de2b9cda94} - F:\AutoRun.exe
HKU\S-1-5-21-249298758-3835570970-1532920298-1000\...\MountPoints2: {f2844972-6b00-11e2-827e-806e6f6e6963} - E:\SETUP.EXE
HKU\S-1-5-18\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
FireFox:
========
FF ProfilePath: C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\jyqe59p1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Adblock Plus - C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\jyqe59p1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-30]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn [2013-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn [2014-10-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-05]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Users\home\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-27]
CHR Extension: (Google Drive) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-01]
CHR Extension: (YouTube) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-27]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-01]
CHR Extension: (Google Search) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-27]
CHR Extension: (avast! Online Security) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-30]
CHR Extension: (No Name) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2014-09-24]
CHR Extension: (Google Wallet) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-18]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-18] (AVAST Software)
R2 BecHelperService; C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [1740696 2011-03-23] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-18] (AVAST Software)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130116.013\BHDrvx64.sys [1388120 2013-01-16] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-01-30] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130207.002\IDSvia64.sys [513184 2013-01-29] (Symantec Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-02] (Malwarebytes Corporation)
S2 mdvrmng; C:\Windows\SysWOW64\drivers\mdvrmng.sys [10240 2011-03-23] () [File not signed]
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130208.003\ENG64.SYS [126192 2013-01-30] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130208.003\EX64.SYS [2087664 2013-01-30] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2013-02-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 aswVmm; \??\C:\Users\home\AppData\Local\Temp\aswVmm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-02 20:11 - 2014-10-02 20:11 - 00018575 _____ () C:\Users\home\Downloads\FRST.txt
2014-10-02 20:11 - 2014-10-02 20:11 - 00000000 ____D () C:\FRST
2014-10-02 20:10 - 2014-10-02 20:10 - 00001071 _____ () C:\Users\home\Desktop\scanning malwarebytes.txt
2014-10-02 20:09 - 2014-10-02 20:10 - 02108928 _____ (Farbar) C:\Users\home\Downloads\FRST64.exe
2014-10-02 19:48 - 2014-10-02 19:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\home\Downloads\mbam-setup-2.0.2.1012 (7).exe
2014-10-02 19:18 - 2014-10-02 19:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\home\Downloads\mbam-setup-2.0.2.1012 (6).exe
2014-10-02 17:53 - 2014-10-02 17:53 - 00004559 _____ () C:\Users\home\Desktop\aswMBR.txt
2014-10-02 17:53 - 2014-10-02 17:53 - 00000512 _____ () C:\Users\home\Desktop\MBR.dat
2014-10-02 17:41 - 2014-10-02 17:41 - 05185536 _____ (AVAST Software) C:\Users\home\Downloads\aswmbr.exe
2014-10-02 17:36 - 2014-10-02 17:39 - 00000000 ____D () C:\Users\home\Downloads\TrendMicro AntiThreat Toolkit
2014-10-02 17:36 - 2014-10-02 17:36 - 00173504 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-10-02 17:36 - 2014-10-02 17:36 - 00000036 _____ () C:\Users\home\AppData\Local\housecall.guid.cache
2014-10-02 17:19 - 2014-10-02 17:35 - 08372784 _____ (Trend Micro Inc.) C:\Users\home\Downloads\attk_far_gui_x64.exe
2014-10-02 17:12 - 2014-10-02 19:33 - 00001078 _____ () C:\Users\home\Desktop\Malwarebytes Anti-Malware.txt.txt
2014-10-02 17:12 - 2014-10-02 17:12 - 00001245 _____ () C:\Users\home\Desktop\Malwarebytes.xml.xml
2014-10-01 22:29 - 2014-10-01 22:29 - 01375089 _____ () C:\Users\home\Downloads\AdwCleaner.exe
2014-10-01 22:28 - 2014-10-01 22:28 - 01375089 _____ () C:\Users\home\Downloads\adwcleaner_3.311.exe
2014-10-01 22:02 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 22:02 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 20:16 - 2014-09-28 20:16 - 00011344 _____ () C:\Users\home\Desktop\lesson 23.09.14.xlsx
2014-09-27 21:51 - 2014-09-27 21:51 - 00001224 _____ () C:\Windows\system32\.crusader
2014-09-27 20:15 - 2014-09-27 20:15 - 00001053 _____ () C:\Users\home\Documents\test.txt
2014-09-26 21:25 - 2014-09-26 21:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 17:22 - 2014-09-25 17:22 - 00007597 _____ () C:\Users\home\AppData\Local\Resmon.ResmonCfg
2014-09-23 21:59 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 21:59 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-20 19:29 - 2014-09-20 19:29 - 00159744 _____ () C:\Users\home\Downloads\11ch16.ppt
2014-09-17 00:07 - 2014-09-17 00:07 - 00093184 _____ () C:\Users\home\Documents\Types of Organizational Structures.htm
2014-09-17 00:07 - 2014-09-17 00:07 - 00000000 ____D () C:\Users\home\Documents\Types of Organizational Structures_files
2014-09-16 23:58 - 2014-09-16 23:58 - 00089343 _____ () C:\Users\home\Documents\Different Types of Organizational Structure   Chron.com.htm
2014-09-16 23:58 - 2014-09-16 23:58 - 00000000 ____D () C:\Users\home\Documents\Different Types of Organizational Structure   Chron.com_files
2014-09-16 23:42 - 2014-09-16 23:42 - 00119571 _____ () C:\Users\home\Documents\Functional Vs Divisional Structure.htm
2014-09-16 23:42 - 2014-09-16 23:42 - 00000000 ____D () C:\Users\home\Documents\Functional Vs Divisional Structure_files
2014-09-15 21:07 - 2014-09-22 17:27 - 00000000 ____D () C:\Users\home\Desktop\E1-Organisational
2014-09-14 23:30 - 2014-09-14 23:30 - 11770177 _____ () C:\Users\home\Downloads\Y Kaplan Chapter 7 (1).xps
2014-09-14 23:26 - 2014-09-14 23:26 - 03431924 _____ () C:\Users\home\Downloads\04 TYU 1 and 3 answers (1).xps
2014-09-14 22:12 - 2014-09-14 22:13 - 11770177 _____ () C:\Users\home\Downloads\Y Kaplan Chapter 7.xps
2014-09-14 22:10 - 2014-09-14 22:10 - 03431924 _____ () C:\Users\home\Downloads\04 TYU 1 and 3 answers.xps
2014-09-14 21:15 - 2014-09-25 21:48 - 00000000 ____D () C:\Users\home\Desktop\F1-Financial Accounting
2014-09-13 18:47 - 2014-09-30 17:04 - 00000000 ____D () C:\Users\home\Desktop\P1-Management Accounting
2014-09-12 00:33 - 2014-09-12 00:33 - 00008937 _____ () C:\Users\home\Desktop\cima.xlsx
2014-09-10 23:50 - 2014-08-19 19:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 23:50 - 2014-08-19 18:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:50 - 2014-08-19 00:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 23:50 - 2014-08-18 23:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 23:50 - 2014-08-18 23:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 23:50 - 2014-08-18 23:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:50 - 2014-08-18 23:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 23:50 - 2014-08-18 23:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 23:50 - 2014-08-18 23:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 23:50 - 2014-08-18 23:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 23:50 - 2014-08-18 23:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 23:50 - 2014-08-18 23:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 23:50 - 2014-08-18 23:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:50 - 2014-08-18 23:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 23:50 - 2014-08-18 23:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 23:50 - 2014-08-18 23:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 23:50 - 2014-08-18 23:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 23:50 - 2014-08-18 23:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 23:50 - 2014-08-18 23:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 23:50 - 2014-08-18 22:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:50 - 2014-08-18 22:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 23:50 - 2014-08-18 22:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 23:50 - 2014-08-18 22:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:50 - 2014-08-18 22:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 23:50 - 2014-08-18 22:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:50 - 2014-08-18 22:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:50 - 2014-08-18 22:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:50 - 2014-08-18 22:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:50 - 2014-08-18 22:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 23:50 - 2014-08-18 22:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 23:50 - 2014-08-18 22:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:50 - 2014-08-18 22:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:50 - 2014-08-18 22:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 23:50 - 2014-08-18 22:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 23:50 - 2014-08-18 22:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:50 - 2014-08-18 22:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:50 - 2014-08-18 22:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:50 - 2014-08-18 22:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 23:50 - 2014-08-18 22:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 23:50 - 2014-08-18 22:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 23:50 - 2014-08-18 22:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 23:50 - 2014-08-18 22:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:50 - 2014-08-18 22:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:50 - 2014-08-18 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:50 - 2014-08-18 22:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:50 - 2014-08-18 22:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 23:50 - 2014-08-18 22:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:50 - 2014-08-18 22:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 23:50 - 2014-08-18 22:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:50 - 2014-08-18 22:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:50 - 2014-08-18 22:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 23:50 - 2014-08-18 21:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 23:50 - 2014-08-18 21:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:50 - 2014-08-18 21:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:50 - 2014-08-18 21:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 23:50 - 2014-08-18 21:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:42 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 23:42 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 22:23 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 22:23 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 22:23 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 22:23 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 22:22 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 22:22 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 22:22 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 22:22 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 22:22 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-02 19:52 - 2013-01-30 18:25 - 01706158 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 19:48 - 2014-08-06 20:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-02 19:45 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 19:45 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 19:39 - 2014-08-06 21:02 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-10-02 19:38 - 2014-07-18 15:56 - 00017868 _____ () C:\Windows\PFRO.log
2014-10-02 19:38 - 2014-06-01 00:00 - 00008456 _____ () C:\Windows\setupact.log
2014-10-02 19:38 - 2014-04-27 11:51 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 19:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 19:22 - 2014-08-06 20:41 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-02 19:22 - 2014-08-06 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-02 19:22 - 2014-08-06 20:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-02 19:21 - 2014-06-01 11:39 - 00000000 ____D () C:\Users\home\AppData\Roaming\.ACEStream
2014-10-02 19:21 - 2014-06-01 11:38 - 00000000 ____D () C:\Users\home\AppData\Roaming\ACEStream
2014-10-02 19:20 - 2011-10-14 06:23 - 00000000 ____D () C:\Program Files\Acer
2014-10-02 19:20 - 2011-10-14 06:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-10-02 19:20 - 2011-10-14 05:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 22:35 - 2014-03-30 12:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-01 22:32 - 2014-05-31 20:26 - 00000000 ____D () C:\AdwCleaner
2014-10-01 22:14 - 2014-04-27 11:51 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-30 17:02 - 2013-02-04 20:37 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-09-28 14:24 - 2014-06-29 17:36 - 00000000 ___HD () C:\_acestream_cache_
2014-09-27 21:55 - 2013-01-30 21:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-27 21:51 - 2014-08-30 12:53 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-25 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 17:21 - 2014-04-27 11:52 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 00:00 - 2013-01-30 19:49 - 00000000 ____D () C:\Users\home
2014-09-23 22:35 - 2014-03-30 12:07 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 22:35 - 2014-03-30 12:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 22:35 - 2011-10-14 06:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 17:26 - 2014-04-05 14:04 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-16 21:51 - 2014-03-30 12:00 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-15 09:06 - 2010-11-21 04:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-10 23:55 - 2013-02-04 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 23:49 - 2014-03-30 02:37 - 00766100 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 23:48 - 2014-03-30 01:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 23:48 - 2009-07-14 06:13 - 00766100 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 23:43 - 2013-01-30 21:07 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-07 16:25 - 2014-03-31 20:21 - 00000000 ____D () C:\Users\home\Documents\Personal
 
Some content of TEMP:
====================
C:\Users\home\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-27 14:16
 
==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01

Ran by home at 2014-10-02 20:11:58
Running from C:\Users\home\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3Connect (HKLM-x32\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - 3 Mobile Broadband)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Huawei modem (HKLM-x32\...\Huawei Modems) (Version:  - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-GB)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1116 - SUPERAntiSpyware.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
27-09-2014 13:22:55 Scheduled Checkpoint
27-09-2014 20:49:39 Checkpoint by HitmanPro
27-09-2014 20:50:55 Checkpoint by HitmanPro
30-09-2014 16:11:57 Windows Update
02-10-2014 18:42:06 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0269428C-159F-4507-97E5-F8B0F92654E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {24EEF824-6431-4B49-A3A2-6BAF162B0656} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {4FF8CD27-4603-4B39-8538-C96E16FF5D1F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {6C33DA19-9FCB-45D7-A5E1-A5494670F3B8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18] (AVAST Software)
Task: {80E55C55-BB26-48DF-B06F-F6A0A8DFA7A2} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe
Task: {916D679F-2F20-4E19-B4BF-E34DE236A244} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {A99E6FB5-2339-415E-B275-C2D1107902C8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {C4CE72B6-1079-4314-8465-84192D636C3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {CA838830-9E6A-4188-9641-830A5ABE957E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {DECE0E94-E3F3-4444-99BB-124F93392BCB} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {F9B19C2D-6C2E-4046-A46F-1706EF909B48} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-02-01 09:00 - 2011-03-23 17:32 - 01740696 _____ () C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
2014-07-18 15:54 - 2014-07-18 15:54 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-01 21:51 - 2014-10-01 21:51 - 02867712 _____ () C:\Program Files\AVAST Software\Avast\defs\14100101\algo.dll
2014-10-02 19:38 - 2014-10-02 19:38 - 02858496 _____ () C:\Program Files\AVAST Software\Avast\defs\14100201\algo.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-07-18 15:54 - 2014-07-18 15:54 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-25 17:17 - 2014-09-23 05:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 17:17 - 2014-09-23 05:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 17:17 - 2014-09-23 05:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 17:17 - 2014-09-23 05:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 17:17 - 2014-09-23 05:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-11 21:44 - 2014-09-11 21:44 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\dd49b882285401662f1addb58b7d0ce6\IsdiInterop.ni.dll
2011-10-14 05:31 - 2010-04-13 17:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-249298758-3835570970-1532920298-500 - Administrator - Disabled)
Guest (S-1-5-21-249298758-3835570970-1532920298-501 - Limited - Disabled)
home (S-1-5-21-249298758-3835570970-1532920298-1000 - Administrator - Enabled) => C:\Users\home
 
==================== Faulty Device Manager Devices =============
 
Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Tcpip
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/02/2014 07:39:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/02/2014 07:20:30 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\home\AppData\Local\Temp\{C5540FC2-18F1-4E8A-B681-6DA623C0CBD7}\setup.exe -removeonly -media_path:"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\" -tempdisk1folder:"C:\Users\home\AppData\Local\Temp\{C5540FC2-18F1-4E8A-B681-6DA623C0CBD7}\"; Description = Removed Acer Updater; Error = 0x8007043c).
 
Error: (10/02/2014 04:53:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/01/2014 11:10:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/01/2014 10:34:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/01/2014 09:51:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2014 09:32:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/30/2014 05:02:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/29/2014 05:39:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/29/2014 05:24:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (10/02/2014 07:38:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile IP Route Manager service failed to start due to the following error: 
%%1275
 
Error: (10/02/2014 07:38:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (10/02/2014 05:03:51 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (10/02/2014 04:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (10/02/2014 04:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (10/02/2014 04:52:32 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (10/02/2014 04:52:26 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (10/02/2014 04:52:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
aswRvrt
aswSnx
aswSP
aswVmm
BHDrvx64
ccSet_NIS
discache
eeCtrl
IDSVia64
mwlPSDFilter
mwlPSDNServ
mwlPSDVDisk
SASDIFSV
SASKUTIL
spldr
SRTSPX
SymIRON
SymNetS
Wanarpv6
 
Error: (10/01/2014 11:19:05 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (10/01/2014 11:09:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 27%
Total physical RAM: 7862.7 MB
Available physical RAM: 5698.36 MB
Total Pagefile: 15723.59 MB
Available Pagefile: 13260.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:350.01 GB) (Free:305.1 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:97.66 GB) (Free:97.51 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 06BF4365)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=350 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=97.7 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

 

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 

adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.
 
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner
 
 
 
 
 
FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

Link to post
Share on other sites
redrix

redrix

Posted
  • Author
Posted

Hi,

 

Since yesterday the pop-up Avast's warning has disappeared. I don't get anymore that warning.

 

I don't know why, considering that after the scanning you requested (2 day's ago) I kept receiving the warning and then yesterday it disappeared

 

Any idea, advise?

 

Many thanks for your help

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Okay, we will now perform some maintenance. Your PC seems clean, and this will be last thing we need to do.
 
 
warning.gif Multiple Resident Protection warning!
 
Always have one (and no more than one!) AntiVirus program! In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. Please choose only one from the listed below to stay with and uninstall the others:

  • avast Free Antivirus
  • Norton Internet Security

Uninstallation procedure:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for each uninstalled entry, right-click it and select Uninstall.

This should be done until any other steps will be taken.
 
 
 
 
FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

fixlist.txt

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Yes, keep it :)
 
 

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifCryptoPrevent - to secure yourself from very severe CryptoLocker infection.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifFiheHippo.com Update Checker - to keep your programs up-to-date.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: xbtn_donate_SM.gif.pagespeed.ic.MMi5tqVp

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Your question is a little questionable. I don't know if this is some paid service or free. If this is free service, that probably it is not legal. On the other side, these kind of sites are maintained from advertising, and a lot of ads may appear. Some of them are just annoying and some of them could be malicious. So my answer is NO, I do not recommend it.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.