Jump to content

Malware?


Recommended Posts

At first, Google Chrome would repeatedly have problems with Shockwave Player. I tried to reinstall both but Chrome would still crash whenever I would connect to the internet, and I can't reinstall Shockwave Player at all. I can't tell if it's because of malware or not. Any help would be appreciated.

 

Thank you.

 

---------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2015
Ran by Asapaboi (administrator) on ASAPABOI-PC (02-09-2015 22:20:29)
Running from C:\Users\Asapaboi\Desktop
Loaded Profiles: Asapaboi (Available Profiles: Asapaboi)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\upeksvr.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Coupons.com Inc.) C:\Program Files\Coupons\CouponPrinterService.exe
() C:\Toshiba\IVP\swupdate\swupdtmr.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
() C:\Program Files\Toshiba\Utilities\KeNotify.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\psqltray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [448632 2006-12-11] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [530552 2006-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [413696 2006-11-01] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [sVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [421888 2006-01-18] (TOSHIBA)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [PINGER] => C:\TOSHIBA\IVP\ISM\pinger.exe [151552 2006-07-20] (TOSHIBA Corporation)
HKLM\...\Run: [synTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [204800 2007-07-27] (Synaptics, Inc.)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite QL\launcher.exe [49416 2007-11-14] (UPEK Inc.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-06] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6111824 2015-09-02] (AVAST Software)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-07-26] (Oracle Corporation)
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll [2007-11-14] (UPEK Inc.)
HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
Lsa: [Notification Packages] scecli psqlpwd
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-09-02] (AVAST Software)
ShellIconOverlayIdentifiers: [uEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite QL\farchns.dll [2007-11-14] (UPEK Inc.)
ShellIconOverlayIdentifiers: [uEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite QL\farchns.dll [2007-11-14] (UPEK Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{6F2E565A-2A4D-4CBA-A6F8-EDA5F5B1B675}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.toshibadirect.com/dpdstart
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-09-02] (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-26] (Oracle Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

FireFox:
========
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-26] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2011-08-22] (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2006-10-07] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2006-10-07] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll [No File]
FF Plugin HKU\S-1-5-21-1276177871-1407396258-3323346848-1000: @bittorrent.com/BitTorrentDNA -> C:\Users\Asapaboi\Program Files\DNA\plugins\npbtdna.dll No File
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-09-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-12-28]
FF HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\Asapaboi\Program Files\DNA

Chrome:
=======
CHR Profile: C:\Users\Asapaboi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Asapaboi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asapaboi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-09-02] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3218624 2015-09-02] (Avast Software)
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-08-06] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-06] (COMODO)
R2 CouponPrinterService; C:\Program Files\Coupons\CouponPrinterService.exe [153072 2014-09-05] (Coupons.com Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-05] (Malwarebytes Corporation)
R2 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [40960 2006-07-20] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-09-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-09-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-09-02] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-09-02] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-09-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-02] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-08-04] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [627824 2015-08-04] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [40712 2015-08-04] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-04] (COMODO)
S4 KR10I; C:\Windows\system32\drivers\kr10i.sys [216320 2006-02-14] (TOSHIBA CORPORATION) [File not signed]
S4 KR10N; C:\Windows\system32\drivers\kr10n.sys [207104 2005-09-27] (TOSHIBA CORPORATION) [File not signed]
S4 KR3NPXP; C:\Windows\system32\drivers\kr3npxp.sys [479488 2006-09-27] (TOSHIBA CORPORATION) [File not signed]
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-07-05] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-07-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-09-02] (AVAST Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-01-06] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220752 2015-09-02] (Avast Software)
U3 a2mu1yxc; C:\Windows\system32\Drivers\a2mu1yxc.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S1 Tosrfcom; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 22:20 - 2015-09-02 22:21 - 00015526 _____ C:\Users\Asapaboi\Desktop\FRST.txt
2015-09-02 22:17 - 2015-09-02 22:20 - 00000000 ____D C:\FRST
2015-09-02 22:16 - 2015-09-02 22:16 - 01690624 _____ (Farbar) C:\Users\Asapaboi\Desktop\FRST.exe
2015-09-02 22:15 - 2015-09-02 22:15 - 01690624 _____ (Farbar) C:\Users\Asapaboi\Downloads\FRST.exe
2015-09-02 22:15 - 2015-09-02 22:15 - 00000000 _____ C:\Users\Asapaboi\Downloads\FRST.exe.m4rjq6g.partial
2015-09-02 21:29 - 2015-09-02 21:29 - 00001942 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-02 21:29 - 2015-09-02 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-02 21:27 - 2015-09-02 22:01 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-02 21:27 - 2015-09-02 21:32 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-02 21:05 - 2015-09-02 21:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-02 20:34 - 2015-09-02 20:34 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-02 20:34 - 2015-09-02 20:34 - 00161472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-09-02 20:34 - 2015-09-02 20:34 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-02 20:34 - 2015-09-02 20:33 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-01 23:30 - 2015-09-01 23:30 - 00000000 ____D C:\Users\Asapaboi\AppData\Roaming\Sun
2015-09-01 23:30 - 2015-09-01 23:30 - 00000000 ____D C:\Users\Asapaboi\.oracle_jre_usage
2015-08-29 21:40 - 2015-08-29 21:40 - 00035532 _____ C:\Users\Asapaboi\AppData\Local\recently-used.xbel
2015-08-18 20:38 - 2015-08-18 20:38 - 12386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-18 20:38 - 2015-08-18 20:38 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-18 20:38 - 2015-08-14 15:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 22:07 - 2015-08-12 22:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-12 22:07 - 2015-08-12 22:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:07 - 2015-08-12 22:07 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:07 - 2015-08-12 22:07 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-12 22:07 - 2015-08-12 22:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-12 22:07 - 2015-08-12 22:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:07 - 2015-08-12 22:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:07 - 2015-08-12 22:07 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 22:06 - 2015-08-12 22:06 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:05 - 2015-08-12 22:05 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-12 22:04 - 2015-08-12 22:04 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:03 - 2015-08-12 22:03 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 21:44 - 2015-08-12 22:01 - 00000000 ____D C:\4868cbce5eb1eb2e13
2015-08-12 21:43 - 2015-08-12 21:43 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 21:42 - 2015-08-12 21:42 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 21:42 - 2015-08-12 21:42 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 21:41 - 2015-08-12 21:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 21:41 - 2015-08-12 21:41 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-12 21:41 - 2015-08-12 21:41 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 21:41 - 2015-08-12 21:41 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-12 21:41 - 2015-08-12 21:41 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-12 21:41 - 2015-08-12 21:41 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-12 21:40 - 2015-08-12 21:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 21:40 - 2015-08-12 21:40 - 02066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 21:40 - 2015-08-12 21:40 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 21:40 - 2015-08-12 21:40 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-12 21:40 - 2015-08-12 21:40 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 21:40 - 2015-08-12 21:40 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-12 21:39 - 2015-08-12 21:39 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 21:38 - 2015-08-12 21:38 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 21:38 - 2015-08-12 21:38 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:56 - 2015-08-11 20:56 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 20:56 - 2015-08-11 20:56 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 20:56 - 2015-08-11 20:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-11 20:56 - 2015-08-11 20:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-11 20:56 - 2015-08-11 20:56 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-11 20:56 - 2015-07-22 13:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 22:15 - 2010-01-27 21:55 - 01555243 _____ C:\Windows\WindowsUpdate.log
2015-09-02 22:00 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-02 22:00 - 2006-11-02 05:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-02 22:00 - 2006-11-02 05:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-02 21:59 - 2010-02-04 19:57 - 00217322 _____ C:\Windows\PFRO.log
2015-09-02 21:57 - 2006-11-02 06:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-02 21:32 - 2013-10-16 10:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-02 21:28 - 2011-12-15 10:42 - 00000000 ____D C:\Program Files\Google
2015-09-02 21:26 - 2007-09-12 00:16 - 00000000 ____D C:\Users\Asapaboi\AppData\Local\Deployment
2015-09-02 21:21 - 2015-06-22 01:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-02 21:21 - 2011-01-07 18:14 - 00000000 ____D C:\ProgramData\Apple
2015-09-02 21:18 - 2007-01-05 15:58 - 00000000 ____D C:\Windows\system32\Macromed
2015-09-02 21:12 - 2014-11-13 21:11 - 00000000 ____D C:\KMPlayer
2015-09-02 20:34 - 2014-04-21 07:59 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-02 20:34 - 2013-03-24 23:11 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-02 20:34 - 2013-03-24 23:11 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-02 20:34 - 2011-02-07 21:15 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-02 20:34 - 2011-02-07 21:15 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-02 20:34 - 2011-02-07 21:15 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-09-02 20:34 - 2011-02-07 21:15 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-09-02 20:33 - 2011-09-19 16:43 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-02 20:26 - 2014-11-13 22:17 - 00001811 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-02 20:07 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-09-02 20:04 - 2006-11-02 03:22 - 47710208 _____ C:\Windows\system32\config\software_previous
2015-09-02 20:04 - 2006-11-02 03:22 - 46399488 _____ C:\Windows\system32\config\components_previous
2015-09-02 20:04 - 2006-11-02 03:22 - 32768000 _____ C:\Windows\system32\config\system_previous
2015-09-02 20:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-09-02 20:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-09-02 20:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\default_previous
2015-09-02 20:01 - 2007-03-11 20:38 - 00000000 ____D C:\Users\Asapaboi
2015-09-02 20:00 - 2014-08-11 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-02 20:00 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\spool
2015-09-02 20:00 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2015-09-01 23:19 - 2014-08-11 12:21 - 00000000 ____D C:\Program Files\Java
2015-08-31 09:03 - 2008-04-29 12:31 - 00000000 ____D C:\Users\Asapaboi\Documents\00 Bookstore
2015-08-29 21:50 - 2012-09-19 12:32 - 00000000 ____D C:\Users\Asapaboi\.gimp-2.8
2015-08-25 21:17 - 2014-09-29 22:11 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 19:52 - 2007-07-15 09:19 - 00000000 ___RD C:\Users\Asapaboi\Downloads\temp manga folder
2015-08-22 11:11 - 2006-11-02 03:33 - 00838608 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 19:43 - 2009-10-02 18:47 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-08-12 22:46 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-12 22:28 - 2006-11-02 05:47 - 00322024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:23 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-08-12 21:45 - 2013-07-14 15:28 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:44 - 2006-11-02 03:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-12 20:11 - 2011-12-15 11:01 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2015-08-11 20:32 - 2013-04-17 17:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-11 20:32 - 2011-07-08 17:47 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-07 00:24 - 2013-07-20 21:39 - 00008968 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-08-06 22:40 - 2013-07-18 19:59 - 00001777 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-08-04 17:30 - 2013-06-18 16:16 - 00091176 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-08-04 17:30 - 2013-06-18 16:15 - 00627824 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-08-04 17:30 - 2013-06-18 16:15 - 00040712 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-08-04 17:30 - 2013-06-18 16:15 - 00017064 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-08-04 17:29 - 2013-06-18 16:15 - 00445472 _____ (COMODO) C:\Windows\system32\guard32.dll
2015-08-04 17:29 - 2013-06-18 16:15 - 00033496 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-08-04 17:27 - 2013-06-18 16:15 - 00288448 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll
2015-08-04 17:26 - 2013-06-18 16:15 - 00040640 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll
2015-08-03 22:44 - 2011-08-01 00:45 - 00005780 _____ C:\Users\Asapaboi\Desktop\guide.txt

==================== Files in the root of some directories =======

2013-05-16 11:51 - 2013-05-16 11:51 - 4167680 _____ () C:\Program Files\GUT9944.tmp
2010-11-18 00:11 - 2010-11-18 00:11 - 0032768 _____ () C:\Users\Asapaboi\AppData\Roaming\000009FC_VTS_0.IFO
2015-01-25 20:31 - 2015-01-25 20:31 - 0087608 _____ () C:\Users\Asapaboi\AppData\Roaming\inst.exe
2010-01-27 21:36 - 2015-01-25 20:31 - 0007887 _____ () C:\Users\Asapaboi\AppData\Roaming\pcouffin.cat
2010-01-27 21:36 - 2015-01-25 20:31 - 0001144 _____ () C:\Users\Asapaboi\AppData\Roaming\pcouffin.inf
2010-01-27 21:38 - 2015-01-25 20:31 - 0000055 _____ () C:\Users\Asapaboi\AppData\Roaming\pcouffin.log
2010-01-27 21:36 - 2015-01-25 20:31 - 0047360 _____ (VSO Software) C:\Users\Asapaboi\AppData\Roaming\pcouffin.sys
2011-09-03 12:07 - 2011-09-03 12:07 - 0000000 _____ () C:\Users\Asapaboi\AppData\Roaming\wklnhst.dat
2007-08-27 10:31 - 2013-03-11 17:48 - 0005216 _____ () C:\Users\Asapaboi\AppData\Local\d3d9caps.dat
2007-03-11 21:03 - 2015-06-08 10:33 - 0050688 _____ () C:\Users\Asapaboi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-29 21:40 - 2015-08-29 21:40 - 0035532 _____ () C:\Users\Asapaboi\AppData\Local\recently-used.xbel
2010-07-25 18:17 - 2010-07-25 18:17 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Asapaboi\AppData\Local\temp\jre-8u45-windows-au.exe
C:\Users\Asapaboi\AppData\Local\temp\{081DA934-88C8-4579-8B5F-435F8B1F12CF}-44.0.2403.107_43.0.2357.134_chrome_updater.exe
C:\Users\Asapaboi\AppData\Local\temp\{33A02D76-FD6A-4FC8-9A34-0A147C76FF7A}-42.0.2311.152_42.0.2311.135_chrome_updater.exe
C:\Users\Asapaboi\AppData\Local\temp\{F42B393F-FE44-4840-A849-BD8CFA83EB9D}-44.0.2403.157_44.0.2403.155_chrome_updater.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-02 22:11

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-08-2015
Ran by Asapaboi (2015-09-02 22:22:26)
Running from C:\Users\Asapaboi\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1276177871-1407396258-3323346848-500 - Administrator - Disabled)
Asapaboi (S-1-5-21-1276177871-1407396258-3323346848-1000 - Administrator - Enabled) => C:\Users\Asapaboi
Guest (S-1-5-21-1276177871-1407396258-3323346848-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee 10 Photo Manager (HKLM\...\{F8B98EB6-FC06-45BF-87D4-9784E0408611}) (Version: 10.0.219 - ACD Systems International)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version:  - )
Canon MX310 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series) (Version:  - )
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.02 - TOSHIBA)
Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
COMODO Firewall (HKLM\...\{A0BABADE-E154-4F08-97A1-2903CD110E88}) (Version: 6.2.20728.2847 - COMODO Security Solutions Inc.)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)
DVDFab 6.2.1.8 (31/12/2009) (HKLM\...\DVDFab 6_is1) (Version:  - Fengtao Software Inc.)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{E610E660-C0C1-4636-8980-1110C4081033}) (Version: 8.3.87 - Nero AG)
Presto! PageManager 7.15.16 (HKLM\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)
Protector Suite QL 5.8 (HKLM\...\{2CD82D77-8D1E-44FC-9A90-BBA95AC8D6B7}) (Version: 5.8.0.4024 - UPEK Inc.)
Real Alternative 1.52 (HKLM\...\RealAlt_is1) (Version: 1.52 - )
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5322 - Realtek Semiconductor Corp.)
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.2.11.0 - Synaptics Incorporated)
TagScanner 5.0 build 511 (HKLM\...\TagScanner_is1) (Version:  - Sergey Serkov)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}) (Version: 1.23.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.23.0000 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.00 - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 7.00.21 - TOSHIBA)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.00.00 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.45.50.1C - TOSHIBA)
TOSHIBA Game Console (HKLM\...\TOSHIBA Game Console) (Version:  - WildTangent)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.45.50.8C - TOSHIBA)
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.6 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.0 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version:  - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.45.50.5C - TOSHIBA)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.8 - TOSHIBA Corporation)
Utility Common Driver (Version: 0.0.50.4C - TOSHIBA) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

24-08-2015 22:46:03 Scheduled Checkpoint
25-08-2015 19:44:10 Windows Update
26-08-2015 22:02:31 Scheduled Checkpoint
27-08-2015 21:08:34 Scheduled Checkpoint
29-08-2015 17:48:35 Windows Update
01-09-2015 22:24:02 Windows Update
01-09-2015 23:00:28 Windows Update
02-09-2015 19:55:05 Restore Operation
02-09-2015 20:19:14 Windows Update
02-09-2015 20:31:29 avast! antivirus system restore point
02-09-2015 21:03:56 Windows Update
02-09-2015 21:13:08 Removed Java 8 Update 45
02-09-2015 21:18:40 Removed Apple Application Support (32-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 03:23 - 2011-11-24 11:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F93EF5F-D15D-40B8-9E7A-0A30092F13DA} - System32\Tasks\{4CDA7259-8F75-43BC-802B-4758EA201E8F} => pcalua.exe -a D:\installers\avgremover.exe -d D:\installers
Task: {1DFDB5BE-EA7A-4972-87E6-93EAE0C9A450} - System32\Tasks\{2829CE18-67AD-4A81-B3DA-F718B96E783C} => pcalua.exe -a "C:\Users\Asapaboi\Downloads\temp manga folder\setup\setup.exe" -d "C:\Users\Asapaboi\Downloads\temp manga folder\setup"
Task: {1F6E5E6F-4AF4-429D-9E92-B37372E2D055} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Asapaboi => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {277BE5E9-4D16-4E63-96CF-E2BD4B10CF9D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {2BF3B320-94DC-40B4-B6B6-3706058334E4} - System32\Tasks\RunAsStdUser Task => C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
Task: {34303CAC-9388-4CA9-8BC4-2DDE69E6CA87} - System32\Tasks\{FF407F2F-3176-4CE5-BDE5-F1349148F4BD} => pcalua.exe -a G:\setup.exe -d G:\
Task: {385EFAD7-0D21-452F-9D2B-0397EA8172D2} - System32\Tasks\{B69E65AA-F73D-4755-AA4E-227CE26FE6E8} => pcalua.exe -a "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE
Task: {51E70313-5751-427C-AFEC-2BBE73BC3247} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-09-02] (AVAST Software)
Task: {5FD38E3A-E6D8-48D6-8554-8B1CF2C3B716} - System32\Tasks\{C4371ADE-9E17-41ED-892C-4D929055F0EA} => pcalua.exe -a C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE -c C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Task: {765E76E8-D541-471E-BE82-AA671E0E26B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-06-22] (Apple Inc.)
Task: {780B6792-ACA0-433C-8286-A2FF16AE06A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {826CE8B5-E621-4B75-86C9-0BC3D5004B18} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {9AFF3DC7-0DF6-4CBD-AD56-E544FAFDA92C} - System32\Tasks\Avast Scan => C:\Program Files\Alwil Software\Avast4\ashQuick.exe
Task: {9BE95144-7D10-4337-ABF8-1651F0E68AB1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-06] (COMODO)
Task: {9CEACDF7-9BDA-47F3-807C-69F1445ECD3A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {9F9BA99A-47CD-47D5-88BC-1D03D290B185} - System32\Tasks\{D53B63E2-1BD5-4BCC-A5E1-3831933F53C1} => pcalua.exe -a "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE
Task: {BAE593BC-6A2E-438B-B3C3-D95185089C79} - System32\Tasks\{5E12E0A6-099B-4380-A907-4751C3F1025C} => pcalua.exe -a C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL -c Nokia Connection Manager
Task: {C3BD3AFC-039C-4135-9D4F-C1B1F759897D} - System32\Tasks\{3EB83942-4FCE-452E-9D8A-8B598BE83812} => pcalua.exe -a "C:\Program Files\GetRight\GETRIGHT.EXE" -c /UNINSTALL
Task: {E79F1464-B64A-473A-9FC4-236D08E69F93} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {ECF51E89-DB94-44A0-A15C-0D2B75978B34} - System32\Tasks\{F57BD144-4E19-45F8-9CA9-2FB97D8FD508} => pcalua.exe -a "C:\Program Files\CCCP\Settings.exe" -d "C:\Program Files\CCCP"
Task: {F5F906CD-7CCD-44E8-AEAE-24D493EC8054} - System32\Tasks\{076404D9-65C7-454C-88C3-704A8FA2DBA3} => pcalua.exe -a "C:\Program Files\CDisplay\unins000.exe"
Task: {F6EEA576-3F75-49DC-A7ED-913F6B9772D2} - System32\Tasks\{DB55CE34-04AC-4A13-926F-700FF7766664} => pcalua.exe -a "C:\Users\Asapaboi\Downloads\temp manga folder\HJTInstall.exe" -d "C:\Users\Asapaboi\Downloads\temp manga folder"
Task: {FB66D2BC-AAB0-4B9E-AF97-9F546238B685} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {FCC93A9B-04E6-4410-B11E-0E2E30A5E33E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-17 20:03 - 2015-09-02 20:34 - 00102864 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2015-03-17 20:03 - 2015-09-02 20:34 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2015-09-02 20:30 - 2015-09-02 20:30 - 02961408 _____ () C:\Program Files\Alwil Software\Avast5\defs\15090201\algo.dll
2007-01-05 15:51 - 2006-07-20 13:54 - 00040960 _____ () c:\Toshiba\IVP\swupdate\swupdtmr.exe
2007-09-06 18:45 - 2007-05-22 10:59 - 00128512 _____ () C:\Program Files\WinRAR\rarext.dll
2006-11-09 19:27 - 2006-11-09 19:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2007-01-05 15:46 - 2006-10-10 11:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-08 19:08 - 2006-11-08 19:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2007-01-05 15:40 - 2006-10-20 14:49 - 00009216 _____ () C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll
2006-12-01 19:55 - 2006-12-01 19:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2006-11-06 18:14 - 2006-11-06 18:14 - 00034352 _____ () C:\Program Files\Toshiba\Utilities\KeNotify.exe
2009-01-11 00:29 - 2006-09-20 09:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
2009-01-11 00:29 - 2006-10-30 17:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
2015-03-13 18:52 - 2015-03-17 20:03 - 40540672 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2011-09-24 00:31 - 2011-08-22 01:18 - 00925696 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10core.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10_1core.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\emdmgmt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mrt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeedsbs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeedssync.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshta.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\url.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ecache.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID
AlternateDataStreams: C:\Users\Asapaboi\Desktop\FRST.exe:$CmdTcID
AlternateDataStreams: C:\Users\Asapaboi\Desktop\FRST.exe:$CmdZnID
AlternateDataStreams: C:\Users\Asapaboi\Downloads\FRST.exe:$CmdTcID
AlternateDataStreams: C:\Users\Asapaboi\Downloads\FRST.exe.m4rjq6g.partial:$CmdZnID
AlternateDataStreams: C:\Users\Asapaboi\AppData\Roaming\inst.exe:$CmdTcID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Asapaboi\Downloads\temp manga folder\download25.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Asapaboi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: cdloader => "C:\Users\Asapaboi\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{1833FF1D-2B95-4212-BFCF-C8CB20A82DB0}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{D31D16DC-5C2B-4FA3-98E8-1B289BD1E08E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{FB53031C-4287-4B3F-A20B-D05233C5FBE3}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [uDP Query User{CBDFA802-D441-4DCB-B623-23637641FEFD}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{51CD27CE-9F45-4B2E-B8E6-66E488DA33BC}C:\program files\common files\ahead\nero web\setupx.exe] => (Block) C:\program files\common files\ahead\nero web\setupx.exe
FirewallRules: [uDP Query User{66108F28-2177-41A0-984D-D54C2B60B7F6}C:\program files\common files\ahead\nero web\setupx.exe] => (Block) C:\program files\common files\ahead\nero web\setupx.exe
FirewallRules: [{920731F2-468C-4BFC-9C80-43EA5C3782F4}] => (Allow) C:\Program Files\DNA\btdna.exe
FirewallRules: [{8B42DBDE-B243-4A26-B2DD-8763D3DBC134}] => (Allow) C:\Program Files\DNA\btdna.exe
FirewallRules: [TCP Query User{2D259DEE-D7DF-43EE-82A2-1DE2174128FB}C:\users\asapaboi\program files\dna\btdna.exe] => (Block) C:\users\asapaboi\program files\dna\btdna.exe
FirewallRules: [uDP Query User{4183BFB7-4BA5-461B-A9D9-E109A1E22384}C:\users\asapaboi\program files\dna\btdna.exe] => (Block) C:\users\asapaboi\program files\dna\btdna.exe
FirewallRules: [TCP Query User{4D19721C-1545-463F-B5E3-31EDFE944A41}C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [uDP Query User{BB8CAA4B-E656-4AE2-999A-D6F3A6B81C35}C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{0E2709AE-B16C-44DA-80C4-A81949689E40}C:\program files\toshiba games\jeopardy\jeopardy!.exe] => (Allow) C:\program files\toshiba games\jeopardy\jeopardy!.exe
FirewallRules: [uDP Query User{95A05AB6-E43D-46D6-AB7E-86C515B4AE84}C:\program files\toshiba games\jeopardy\jeopardy!.exe] => (Allow) C:\program files\toshiba games\jeopardy\jeopardy!.exe
FirewallRules: [{235DDE84-8298-406C-89C7-7B2319696302}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [{536F41E2-1047-4145-8EE8-0845ED26246E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [{3193269C-3242-4E76-B0E6-E5146DF72077}] => (Allow) LPort=80
FirewallRules: [{D8465265-0BB7-41E9-9D5C-87146B7AAEF2}] => (Allow) LPort=80
FirewallRules: [{7D8A5760-B73A-471D-8C2B-7EDDE1D3DB88}] => (Allow) LPort=80
FirewallRules: [{A49BB9E0-4364-4243-AE57-AFDFE186EFDA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [sLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [sLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{6143CB6D-4951-4153-8A21-AD601724B0FF}] => (Allow) C:\Program Files\Azureus\Azureus.exe
FirewallRules: [{462B7FEB-3766-43E7-BACB-ADE679AD029D}] => (Allow) C:\Program Files\Azureus\Azureus.exe
FirewallRules: [{D5152B53-0BF3-41E0-9BFF-8514A80E39AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{490C6C09-5BDD-44CF-A60E-8B5C3999D6F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ADB9D455-9366-4D34-9DAA-1B08DC3C5C6B}] => (Allow) C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exe
FirewallRules: [{1D87A40F-4695-4705-8F4A-C16E89966160}] => (Allow) C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exe
FirewallRules: [{06F58F27-14E0-4D5B-BB56-8BBA49F32928}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\TOSHIBA\ivp\NetInt\Netint.exe] => Enabled:NIE - Toshiba Software Upgrades Engine
StandardProfile\AuthorizedApplications: [C:\TOSHIBA\Ivp\ISM\pinger.exe] => Enabled:Toshiba Software Upgrades Pinger

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2015 10:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0x67c, application start time 0xchrome.exe0.

Error: (09/02/2015 10:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0xf74, application start time 0xchrome.exe0.

Error: (09/02/2015 10:03:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0x14f0, application start time 0xchrome.exe0.

Error: (09/02/2015 09:51:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0x144c, application start time 0xchrome.exe0.

Error: (09/02/2015 09:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0x1420, application start time 0xchrome.exe0.

Error: (09/02/2015 09:36:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0x12b8, application start time 0xchrome.exe0.

Error: (09/02/2015 09:30:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0x1744, application start time 0xchrome.exe0.

Error: (09/02/2015 09:30:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0xfdc, application start time 0xchrome.exe0.

Error: (09/02/2015 09:22:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,
process id 0x16b0, application start time 0xchrome.exe0.

Error: (09/02/2015 09:22:02 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Asapaboi-PC)
Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217820560

System errors:
=============
Error: (09/02/2015 10:07:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (09/02/2015 10:00:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Tosrfcom

Error: (09/02/2015 10:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Apple Mobile Device%%1053

Error: (09/02/2015 10:00:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Apple Mobile Device

Error: (09/02/2015 09:56:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}

Error: (09/02/2015 09:55:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (09/02/2015 09:53:06 PM) (Source: DCOM) (EventID: 10016) (User: Asapaboi-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Asapaboi-PCAsapaboiS-1-5-21-1276177871-1407396258-3323346848-1000LocalHost (Using LRPC)

Error: (09/02/2015 09:22:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Apple Mobile Device%%1053

Error: (09/02/2015 09:22:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Apple Mobile Device

Error: (09/02/2015 08:59:17 PM) (Source: cdrom) (EventID: 15) (User: )
Description: The device, \Device\CdRom0, is not ready for access yet.

Microsoft Office:
=========================
Error: (12/15/2014 06:57:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 156 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/08/2014 06:03:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 24615 seconds with 660 seconds of active time.  This session ended with a crash.

Error: (09/24/2013 02:06:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 623 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (12/05/2009 02:30:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1805 seconds with 1020 seconds of active time.  This session ended with a crash.

CodeIntegrity:
===================================
  Date: 2015-09-02 22:21:25.368
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-02 22:21:24.230
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-02 22:21:23.091
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-02 22:21:21.952
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-24 18:51:03.995
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-24 18:51:02.117
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-24 18:51:00.332
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-24 18:50:58.504
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-24 18:50:56.520
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-24 18:50:54.737
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core2 CPU T5500 @ 1.66GHz
Percentage of memory in use: 47%
Total physical RAM: 3061.38 MB
Available physical RAM: 1596.86 MB
Total Virtual: 6335.14 MB
Available Virtual: 4681.78 MB

==================== Drives ================================

Drive c: (SQ004286V02) (Fixed) (Total:91.69 GB) (Free:14.11 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:111.79 GB) (Free:13.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 6D702ECC)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=91.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 111.8 GB) (Disk ID: 5D379805)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.