Jump to content

Scan Freezes Malwarebytes/Avast/Eset


Recommended Posts

Hi;

 

I cannot do a full scan with Malwarebytes, Avast or Eset online scanner. Evidently, something is wrong and hoping someone can help fix it.

 

Thank You.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
Ran by user (administrator) on USER-PC (29-07-2015 22:28:48)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Users\user\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-29] (AVAST Software)
HKU\S-1-5-21-1391047636-372100706-1968810174-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-1391047636-372100706-1968810174-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-1391047636-372100706-1968810174-1000\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [1842384 2012-05-30] (Gadwin Systems, Inc)
HKU\S-1-5-21-1391047636-372100706-1968810174-1000\...\Run: [Amazon Music] => C:\Users\user\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-18] ()
HKU\S-1-5-21-1391047636-372100706-1968810174-1000\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2012-12-30]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1391047636-372100706-1968810174-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1391047636-372100706-1968810174-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-29] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-29] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0EBA6662-D6CB-442D-BC5D-79872672EAB3}: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\spvigt56.default
FF DefaultSearchEngine.US: Google
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-29]

Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-29] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-29] (Avast Software)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-29] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-29] (AVAST Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-29] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 22:28 - 2015-07-29 22:29 - 00014958 _____ C:\Users\user\Desktop\FRST.txt
2015-07-29 22:27 - 2015-07-29 22:28 - 00000000 ____D C:\FRST
2015-07-29 22:27 - 2015-07-29 22:27 - 02169856 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-07-29 22:22 - 2015-07-29 22:25 - 00000000 ____D C:\Users\user\Desktop\Mutts
2015-07-29 22:12 - 2015-07-29 22:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-29 22:11 - 2015-07-29 22:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-29 22:11 - 2015-07-29 22:11 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-29 22:11 - 2015-07-29 22:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-29 21:51 - 2015-07-29 21:51 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-29 20:43 - 2015-07-29 22:02 - 00000224 _____ C:\Windows\setupact.log
2015-07-29 20:43 - 2015-07-29 20:43 - 00109296 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-29 20:43 - 2015-07-29 20:43 - 00000000 _____ C:\Windows\setuperr.log
2015-07-29 20:42 - 2015-07-29 21:00 - 00004576 _____ C:\Windows\PFRO.log
2015-07-29 20:42 - 2015-07-29 20:43 - 00421144 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-29 19:40 - 2015-07-29 19:40 - 00000000 ____D C:\Users\user\AppData\Roaming\AVAST Software
2015-07-29 19:39 - 2015-07-29 19:39 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-29 19:39 - 2015-07-29 19:39 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-29 19:39 - 2015-07-29 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-29 19:38 - 2015-07-29 19:38 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-29 19:38 - 2015-07-29 19:38 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-29 19:38 - 2015-07-29 19:38 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-29 19:38 - 2015-07-29 19:38 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-29 19:37 - 2015-07-29 19:37 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-29 19:36 - 2015-07-29 19:36 - 05685584 _____ (AVAST Software) C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
2015-07-29 19:30 - 2015-07-29 19:30 - 00003288 ____N C:\bootsqm.dat
2015-07-29 19:30 - 2015-07-29 19:30 - 00000000 __SHD C:\found.000
2015-07-21 20:55 - 2015-07-21 20:55 - 00000802 _____ C:\Users\user\Desktop\paypal button.txt
2015-07-20 14:45 - 2015-07-20 14:45 - 00000197 _____ C:\Windows\system32\2015-07-20-18-45-18.015-AvastVBoxSVC.exe-4876.log
2015-07-20 05:50 - 2015-07-20 05:53 - 00000000 ____D C:\Users\user\Documents\Mutt's Cove Stuff
2015-07-20 03:09 - 2015-07-20 03:09 - 00000197 _____ C:\Windows\system32\2015-07-20-07-09-40.004-AvastVBoxSVC.exe-2884.log
2015-07-19 19:45 - 2015-07-19 19:46 - 00000197 _____ C:\Windows\system32\2015-07-19-23-45-48.032-AvastVBoxSVC.exe-4880.log
2015-07-19 10:30 - 2015-07-19 10:30 - 00000197 _____ C:\Windows\system32\2015-07-19-14-30-19.028-AvastVBoxSVC.exe-4156.log
2015-07-19 08:18 - 2015-07-19 08:18 - 00000197 _____ C:\Windows\system32\2015-07-19-12-18-35.065-AvastVBoxSVC.exe-4176.log
2015-07-18 23:40 - 2015-07-18 23:40 - 00000197 _____ C:\Windows\system32\2015-07-19-03-40-32.024-AvastVBoxSVC.exe-2236.log
2015-07-18 17:05 - 2015-07-18 17:05 - 00000197 _____ C:\Windows\system32\2015-07-18-21-05-04.087-AvastVBoxSVC.exe-5000.log
2015-07-18 06:37 - 2015-07-18 06:38 - 00000197 _____ C:\Windows\system32\2015-07-18-10-37-48.020-AvastVBoxSVC.exe-2336.log
2015-07-17 18:03 - 2015-07-17 18:03 - 00000197 _____ C:\Windows\system32\2015-07-17-22-03-51.099-AvastVBoxSVC.exe-4976.log
2015-07-17 06:21 - 2015-07-17 06:22 - 00000197 _____ C:\Windows\system32\2015-07-17-10-21-39.030-AvastVBoxSVC.exe-4592.log
2015-07-16 17:55 - 2015-07-16 17:55 - 00000197 _____ C:\Windows\system32\2015-07-16-21-55-09.056-AvastVBoxSVC.exe-4384.log
2015-07-16 07:23 - 2015-07-16 07:23 - 00000197 _____ C:\Windows\system32\2015-07-16-11-23-11.065-AvastVBoxSVC.exe-4204.log
2015-07-16 00:44 - 2015-07-16 00:44 - 00000197 _____ C:\Windows\system32\2015-07-16-04-44-38.012-AvastVBoxSVC.exe-4328.log
2015-07-15 18:55 - 2015-07-15 18:55 - 00000000 ____D C:\Users\user\AppData\Local\CEF
2015-07-15 17:54 - 2015-07-15 17:55 - 00000197 _____ C:\Windows\system32\2015-07-15-21-54-47.060-AvastVBoxSVC.exe-3984.log
2015-07-15 05:07 - 2015-07-15 05:07 - 00000197 _____ C:\Windows\system32\2015-07-15-09-07-06.095-AvastVBoxSVC.exe-2612.log
2015-07-14 18:43 - 2015-07-14 18:44 - 00000197 _____ C:\Windows\system32\2015-07-14-22-43-42.094-AvastVBoxSVC.exe-3792.log
2015-07-14 08:36 - 2015-07-14 08:37 - 00000197 _____ C:\Windows\system32\2015-07-14-12-36-46.077-AvastVBoxSVC.exe-4008.log
2015-07-13 23:57 - 2015-07-13 23:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-13 19:31 - 2015-07-13 19:32 - 00000197 _____ C:\Windows\system32\2015-07-13-23-31-37.041-AvastVBoxSVC.exe-4584.log
2015-07-13 03:59 - 2015-07-13 03:59 - 00000197 _____ C:\Windows\system32\2015-07-13-07-59-00.027-AvastVBoxSVC.exe-4628.log
2015-07-12 19:21 - 2015-07-12 19:21 - 00000197 _____ C:\Windows\system32\2015-07-12-23-21-42.025-AvastVBoxSVC.exe-4516.log
2015-07-12 15:30 - 2015-07-12 15:31 - 00000197 _____ C:\Windows\system32\2015-07-12-19-30-42.049-AvastVBoxSVC.exe-4792.log
2015-07-12 07:26 - 2015-07-12 07:27 - 00000197 _____ C:\Windows\system32\2015-07-12-11-26-26.047-AvastVBoxSVC.exe-2760.log
2015-07-11 17:54 - 2015-07-11 17:54 - 00000197 _____ C:\Windows\system32\2015-07-11-21-54-03.075-AvastVBoxSVC.exe-4504.log
2015-07-11 07:25 - 2015-07-11 07:25 - 00000197 _____ C:\Windows\system32\2015-07-11-11-25-19.095-AvastVBoxSVC.exe-4112.log
2015-07-10 20:03 - 2015-07-10 20:03 - 00000197 _____ C:\Windows\system32\2015-07-11-00-03-24.046-AvastVBoxSVC.exe-4320.log
2015-07-10 19:12 - 2015-07-10 19:13 - 00000197 _____ C:\Windows\system32\2015-07-10-23-12-43.086-AvastVBoxSVC.exe-4084.log
2015-07-10 09:40 - 2015-07-10 09:40 - 00000197 _____ C:\Windows\system32\2015-07-10-13-40-38.083-AvastVBoxSVC.exe-3984.log
2015-07-10 01:38 - 2015-07-10 01:38 - 00000197 _____ C:\Windows\system32\2015-07-10-05-38-43.087-AvastVBoxSVC.exe-4680.log
2015-07-09 15:03 - 2015-07-09 15:03 - 00000197 _____ C:\Windows\system32\2015-07-09-19-03-22.008-AvastVBoxSVC.exe-4568.log
2015-07-09 06:21 - 2015-07-09 06:21 - 00000197 _____ C:\Windows\system32\2015-07-09-10-21-00.064-AvastVBoxSVC.exe-4300.log
2015-07-08 19:24 - 2015-07-08 19:25 - 00000197 _____ C:\Windows\system32\2015-07-08-23-24-44.083-AvastVBoxSVC.exe-4264.log
2015-07-07 18:44 - 2015-07-07 18:44 - 00000197 _____ C:\Windows\system32\2015-07-07-22-44-08.098-AvastVBoxSVC.exe-4324.log
2015-07-07 08:32 - 2015-07-07 08:32 - 00000197 _____ C:\Windows\system32\2015-07-07-12-32-04.049-AvastVBoxSVC.exe-3352.log
2015-07-06 22:00 - 2015-07-06 22:00 - 00000197 _____ C:\Windows\system32\2015-07-07-02-00-49.004-AvastVBoxSVC.exe-3912.log
2015-07-06 16:30 - 2015-07-06 16:31 - 00000197 _____ C:\Windows\system32\2015-07-06-20-30-59.044-AvastVBoxSVC.exe-2840.log
2015-07-06 09:54 - 2015-07-06 09:55 - 00000197 _____ C:\Windows\system32\2015-07-06-13-54-29.034-AvastVBoxSVC.exe-4020.log
2015-07-05 22:34 - 2015-07-05 22:34 - 00000197 _____ C:\Windows\system32\2015-07-06-02-34-33.058-AvastVBoxSVC.exe-3932.log
2015-07-05 17:44 - 2015-07-05 17:45 - 00000197 _____ C:\Windows\system32\2015-07-05-21-44-35.021-AvastVBoxSVC.exe-4368.log
2015-07-05 08:29 - 2015-07-05 08:29 - 00000197 _____ C:\Windows\system32\2015-07-05-12-29-00.070-AvastVBoxSVC.exe-2892.log
2015-07-04 23:10 - 2015-07-04 23:10 - 00000197 _____ C:\Windows\system32\2015-07-05-03-10-10.016-AvastVBoxSVC.exe-4320.log
2015-07-04 20:09 - 2015-07-04 20:10 - 00000197 _____ C:\Windows\system32\2015-07-05-00-09-42.072-AvastVBoxSVC.exe-2468.log
2015-07-04 14:53 - 2015-07-04 14:53 - 00000197 _____ C:\Windows\system32\2015-07-04-18-53-42.051-AvastVBoxSVC.exe-4444.log
2015-07-04 08:13 - 2015-07-04 08:14 - 00000197 _____ C:\Windows\system32\2015-07-04-12-13-34.015-AvastVBoxSVC.exe-4904.log
2015-07-03 22:04 - 2015-07-03 22:04 - 00000197 _____ C:\Windows\system32\2015-07-04-02-04-12.073-AvastVBoxSVC.exe-4048.log
2015-07-03 17:57 - 2015-07-03 17:57 - 00000197 _____ C:\Windows\system32\2015-07-03-21-57-27.006-AvastVBoxSVC.exe-5076.log
2015-07-03 07:46 - 2015-07-03 07:47 - 00000197 _____ C:\Windows\system32\2015-07-03-11-46-47.056-AvastVBoxSVC.exe-4128.log
2015-07-03 01:40 - 2015-07-03 01:40 - 00000197 _____ C:\Windows\system32\2015-07-03-05-40-57.017-AvastVBoxSVC.exe-4456.log
2015-07-02 20:14 - 2015-07-02 20:14 - 00000197 _____ C:\Windows\system32\2015-07-03-00-14-21.042-AvastVBoxSVC.exe-4472.log
2015-07-02 08:07 - 2015-07-02 08:08 - 00000197 _____ C:\Windows\system32\2015-07-02-12-07-41.021-AvastVBoxSVC.exe-5108.log
2015-07-02 01:38 - 2015-07-02 01:38 - 00000197 _____ C:\Windows\system32\2015-07-02-05-38-30.087-AvastVBoxSVC.exe-3040.log
2015-07-01 18:03 - 2015-07-01 18:03 - 00000197 _____ C:\Windows\system32\2015-07-01-22-03-00.060-AvastVBoxSVC.exe-4876.log
2015-07-01 05:49 - 2015-07-01 05:50 - 00000197 _____ C:\Windows\system32\2015-07-01-09-49-26.033-AvastVBoxSVC.exe-364.log
2015-06-30 19:10 - 2015-06-30 19:10 - 00004096 ____H C:\Users\user\AppData\Local\keyfile3.drm
2015-06-30 18:15 - 2015-06-30 18:16 - 00000197 _____ C:\Windows\system32\2015-06-30-22-15-37.010-AvastVBoxSVC.exe-4388.log
2015-06-30 05:31 - 2015-06-30 05:31 - 00000197 _____ C:\Windows\system32\2015-06-30-09-31-04.068-AvastVBoxSVC.exe-4584.log
2015-06-29 16:39 - 2015-06-29 16:39 - 00000247 _____ C:\Windows\system32\2015-06-29-20-39-04.022-aswFe.exe-3516.log
2015-06-29 16:29 - 2015-06-29 16:38 - 00000247 _____ C:\Windows\system32\2015-06-29-20-29-13.077-aswFe.exe-2784.log
2015-06-29 16:29 - 2015-06-29 16:29 - 00000197 _____ C:\Windows\system32\2015-06-29-20-29-03.096-AvastVBoxSVC.exe-4304.log
2015-06-29 08:50 - 2015-06-29 08:51 - 00000000 ____D C:\Users\user\AppData\Local\UmmyVideoDownloader
2015-06-29 08:50 - 2015-06-29 08:50 - 00001196 _____ C:\Users\Public\Desktop\UmmyVideoDownloader.lnk
2015-06-29 08:50 - 2015-06-29 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader
2015-06-29 08:48 - 2015-06-29 08:48 - 00411008 _____ C:\Users\user\Downloads\UmmyVD-Web-Loader-[113].exe
2015-06-29 08:34 - 2015-06-29 08:34 - 00000197 _____ C:\Windows\system32\2015-06-29-12-34-50.037-AvastVBoxSVC.exe-3268.log
2015-06-29 07:59 - 2015-06-29 08:00 - 00000197 _____ C:\Windows\system32\2015-06-29-11-59-52.014-AvastVBoxSVC.exe-3952.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 22:12 - 2012-12-22 18:45 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-07-29 22:10 - 2009-07-14 00:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 22:10 - 2009-07-14 00:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 22:08 - 2012-12-20 10:21 - 00000000 ____D C:\ProgramData\Adobe
2015-07-29 22:06 - 2014-12-12 23:07 - 02057347 _____ C:\Windows\WindowsUpdate.log
2015-07-29 22:03 - 2014-08-31 18:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-29 22:03 - 2013-01-10 23:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-29 22:02 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 21:06 - 2014-08-31 18:16 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-29 21:06 - 2014-08-31 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-29 21:06 - 2014-08-31 18:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-29 20:00 - 2013-01-10 23:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-29 19:42 - 2013-01-10 23:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-29 19:40 - 2013-01-10 23:12 - 00000000 ____D C:\Users\user\AppData\Local\Google
2015-07-29 19:40 - 2012-12-13 05:34 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2015-07-29 19:36 - 2012-12-22 19:36 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-23 02:00 - 2012-12-22 19:11 - 00000000 ____D C:\Users\user\Documents\Outlook Files
2015-07-22 10:47 - 2014-01-26 15:08 - 00000000 ____D C:\Users\user\Documents\PrintScreen Files
2015-07-20 18:28 - 2015-01-16 23:08 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-20 18:28 - 2015-01-16 23:08 - 00000000 ____D C:\Windows\system32\vbox
2015-07-15 17:55 - 2013-01-10 23:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 17:55 - 2013-01-10 23:12 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 05:05 - 2015-03-13 01:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 05:47 - 2013-09-09 13:24 - 00000000 ____D C:\Users\user\AppData\Local\Windows Live
2015-07-03 07:44 - 2009-07-14 01:08 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-30 18:55 - 2012-12-20 10:41 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help

==================== Files in the root of some directories =======

2013-06-10 08:58 - 2013-06-10 08:58 - 4096000 _____ () C:\Program Files (x86)\GUT754F.tmp
2014-08-31 17:56 - 2014-08-31 17:56 - 0000055 _____ () C:\Users\user\AppData\Roaming\mbam.context.scan
2015-06-30 19:10 - 2015-06-30 19:10 - 0004096 ____H () C:\Users\user\AppData\Local\keyfile3.drm
2012-12-26 10:05 - 2012-12-26 10:20 - 0007604 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2012-12-22 19:27 - 2012-12-22 19:27 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-24 08:59

==================== End of log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-07-2015
Ran by user (2015-07-29 22:29:23)
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1391047636-372100706-1968810174-500 - Administrator - Disabled)
Guest (S-1-5-21-1391047636-372100706-1968810174-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1391047636-372100706-1968810174-1170 - Limited - Enabled)
user (S-1-5-21-1391047636-372100706-1968810174-1000 - Administrator - Enabled) => C:\Users\user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3Planesoft Screensaver Manager 1.0 (HKLM-x32\...\3Planesoft Screensaver Manager_is1) (Version: 1.0 - 3Planesoft)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1391047636-372100706-1968810174-1000\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon PowerShot SX260 HS and SX240 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSSX260HSandSX240HS) (Version: 1.0.0.9 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.1.1.19 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.7 - Gadwin Systems, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{FB555BCF-9202-4886-9203-88C9A210D727}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{710D4D91-1924-4A6B-8659-9CDE02DC7207}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Lightning Storm (HKLM-x32\...\{B2B7CAD5-6032-416A-9049-1E9C2721CBF6}) (Version: 1.0.2 - InstallX, LLC) <==== ATTENTION
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mechanical Clock 3D Screensaver 1.0 (HKLM-x32\...\Mechanical Clock 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
Quick PDF Converter v4.1 (HKLM-x32\...\Quick PDF Converter v4.1) (Version: 4.1.0.0 - QuickPDFtoWord)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.4.0.2 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

29-07-2015 20:05:15 Removed Adobe Acrobat DC.
29-07-2015 20:18:10 Removed Adobe Reader XI (11.0.12).
29-07-2015 22:25:00 Installed Microsoft Office Single Image 2010

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-08-31 20:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1520D9C5-3D05-4013-A5E7-485A927C927B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-10] (Google Inc.)
Task: {494A0EA8-7BCD-45D9-B722-BC586DE22ED3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-29] (AVAST Software)
Task: {73DA1A9F-1EB7-4887-81CC-CDF7F560F885} - System32\Tasks\{E3CE908C-D94D-446F-9C7B-3AEB16FB16A8} => pcalua.exe -a C:\Users\user\Downloads\Dogwaffle_Install_1_2_free.exe -d C:\Users\user\Downloads
Task: {7D0294F1-C8CC-4F27-A7A4-F5111774CF8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {9E9B011E-8DA8-4576-A5BF-D4DD2683C360} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-06-08] (Hewlett-Packard Co.)
Task: {B0916554-ED13-4DA2-82E4-E8DB7CEC29C6} - System32\Tasks\{6EBBC16E-AFA3-49D4-BADA-E87E45858E93} => pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0KULTN1\WM9Codecs.exe" -d C:\Users\user\Desktop
Task: {B0C007DF-8C14-4BDF-A27A-74EA07C6C8E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {E61A516C-B099-4D8A-BC4B-63822A641874} - System32\Tasks\hpUrlLauncher.exe_{677713FF-4D4B-4013-98E2-64B5F18DDEF7} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\utils\hpUrlLauncher.exe [2011-06-08] (Hewlett-Packard Co.)
Task: {FBFFD425-0D54-46E1-B86C-F324782448B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-10] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-09-15 19:13 - 2014-09-15 19:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-12-11 01:50 - 2014-11-18 20:55 - 06277952 _____ () C:\Users\user\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-12-30 15:54 - 2012-11-27 14:48 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2011-06-08 17:57 - 2011-06-08 17:57 - 02812776 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2014-09-15 19:13 - 2014-09-15 19:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-07-29 19:38 - 2015-07-29 19:38 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-29 19:38 - 2015-07-29 19:38 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-29 19:38 - 2015-07-29 19:38 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072900\algo.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-30 15:54 - 2012-11-27 14:38 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2015-07-29 19:38 - 2015-07-29 19:38 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1391047636-372100706-1968810174-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FD009A5A-E381-4C5A-AFC5-EC854929F0DD}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{6731399B-BFF9-40AC-A01D-74EF37B8CABF}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{76783037-FB16-4D77-A12D-0F5A2F82C18C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{FBC4DC8E-BA59-4C83-9768-BA240070DC9D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{316A3BAB-B313-470D-B0E1-B6F4CBAB2628}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DCA05BDF-BF15-4639-AC3E-AE8C68630BDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{24B25074-7D0F-4730-9942-2892A97DE138}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{61C4838C-C8AB-43D5-9CEC-5BB0CD892AF3}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [uDP Query User{81D50C34-7293-435A-83BA-610CE980A295}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{D36E5559-1080-4431-9711-12950EF5C2C7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{31F9BECE-6782-4BDF-8324-74860E8366BE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A8CE65C6-1FDA-4592-8181-0C0C6F37BA51}] => (Allow) LPort=2869
FirewallRules: [{C69B522A-2591-41A8-B105-28B895E7E7E8}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{F43B8B84-B7B9-474F-A220-AD00646478DF}C:\program files\easy-hide-ip\easy-hide-ip.exe] => (Allow) C:\program files\easy-hide-ip\easy-hide-ip.exe
FirewallRules: [uDP Query User{97730C78-E20F-4878-8273-95FB58417D82}C:\program files\easy-hide-ip\easy-hide-ip.exe] => (Allow) C:\program files\easy-hide-ip\easy-hide-ip.exe
FirewallRules: [{0F07AD7E-A6E0-4E79-A209-1747481F4C08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50040F81-1DE5-4DAB-8363-4F5052156AA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DCBBC747-5CC9-4694-BEBB-1447AB2C5E40}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C1EDFF70-4311-48CE-BEC4-0C06F0D12A22}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/29/2015 10:03:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

System errors:
=============
Error: (07/29/2015 10:02:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:00:20 PM on ‎7/‎29/‎2015 was unexpected.

Error: (07/29/2015 09:55:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (07/29/2015 09:55:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/29/2015 09:55:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (07/29/2015 09:55:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/29/2015 09:55:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (07/29/2015 09:55:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/29/2015 09:52:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (07/29/2015 09:52:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\user\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/29/2015 09:52:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Microsoft Office:
=========================
Error: (07/29/2015 10:03:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (07/29/2015 09:32:27 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description:
Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

CodeIntegrity:
===================================
  Date: 2015-07-29 22:19:48.944
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 22:03:58.090
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 21:51:13.036
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 21:40:06.711
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 21:32:23.000
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 21:21:48.859
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 21:03:20.849
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 20:45:04.004
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 20:25:05.046
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-29 19:58:54.832
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD FX-8350 Eight-Core Processor
Percentage of memory in use: 27%
Total physical RAM: 8120.4 MB
Available physical RAM: 5849.43 MB
Total Virtual: 16238.98 MB
Available Virtual: 13632.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:849.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 806951DB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of log ============================

 

Link to post
Share on other sites

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • I volunteer to help you, so please, do not ask for help for your company/business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


 

FRST.gif Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please upload them into your next reply.
Link to post
Share on other sites

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.
A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.

To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.
Link to post
Share on other sites

It is not allowing me to check for errors but is telling me to use system restore.

 

My word 2010 program will not open as the windows installer now continues to pop up every time I try. I did not have the windows installer pop up before using the Farbar tool as administrator.

 

Do you happen to know what I can do to fix this? I have a lot of documents saved and need some of them for a Monday meeting.

 

I do not have the Word disk or the windows disk as they came preinstalled by my computer guy when he built my computer.

 

Thank You.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.