scaredycat Posted September 3, 2015 ID:986842 Share Posted September 3, 2015 At first, Google Chrome would repeatedly have problems with Shockwave Player. I tried to reinstall both but Chrome would still crash whenever I would connect to the internet, and I can't reinstall Shockwave Player at all. I can't tell if it's because of malware or not. Any help would be appreciated. Thank you. ---------------------------Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2015Ran by Asapaboi (administrator) on ASAPABOI-PC (02-09-2015 22:20:29)Running from C:\Users\Asapaboi\DesktopLoaded Profiles: Asapaboi (Available Profiles: Asapaboi)Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)Internet Explorer Version 9 (Default browser: IE)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe(Microsoft Corporation) C:\Windows\System32\SLsvc.exe(UPEK Inc.) C:\Program Files\Protector Suite QL\upeksvr.exe(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe(Agere Systems) C:\Windows\System32\agrsmsvc.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe(Coupons.com Inc.) C:\Program Files\Coupons\CouponPrinterService.exe() C:\Toshiba\IVP\swupdate\swupdtmr.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\SmoothView\SmoothView.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe() C:\Program Files\Toshiba\Utilities\KeNotify.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe() C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe() C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe(Microsoft Corporation) C:\Windows\ehome\ehtray.exe(UPEK Inc.) C:\Program Files\Protector Suite QL\psqltray.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_232_ActiveX.exe(Microsoft Corporation) C:\Windows\System32\mcbuilder.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe==================== Registry (Whitelisted) ===========================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-20] (TOSHIBA Corporation)HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)HKLM\...\Run: [smoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [448632 2006-12-11] (TOSHIBA Corporation)HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [530552 2006-12-15] (TOSHIBA Corporation)HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [413696 2006-11-01] (TOSHIBA Electronics, Inc.)HKLM\...\Run: [sVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [421888 2006-01-18] (TOSHIBA)HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()HKLM\...\Run: [PINGER] => C:\TOSHIBA\IVP\ISM\pinger.exe [151552 2006-07-20] (TOSHIBA Corporation)HKLM\...\Run: [synTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [204800 2007-07-27] (Synaptics, Inc.)HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite QL\launcher.exe [49416 2007-11-14] (UPEK Inc.)HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-06] (COMODO)HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6111824 2015-09-02] (AVAST Software)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-07-26] (Oracle Corporation)Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll [2007-11-14] (UPEK Inc.)HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)Lsa: [Notification Packages] scecli psqlpwdShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-09-02] (AVAST Software)ShellIconOverlayIdentifiers: [uEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite QL\farchns.dll [2007-11-14] (UPEK Inc.)ShellIconOverlayIdentifiers: [uEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite QL\farchns.dll [2007-11-14] (UPEK Inc.)==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62Tcpip\..\Interfaces\{6F2E565A-2A4D-4CBA-A6F8-EDA5F5B1B675}: [DhcpNameServer] 209.18.47.61 209.18.47.62Internet Explorer:==================HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-1276177871-1407396258-3323346848-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeHKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.toshibadirect.com/dpdstartBHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-26] (Oracle Corporation)BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-09-02] (AVAST Software)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-26] (Oracle Corporation)DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cabFireFox:========FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll [No File]FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-26] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-26] (Oracle Corporation)FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2011-08-22] (Yahoo! Inc.)FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2006-10-07] (RealNetworks, Inc.)FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2006-10-07] (RealNetworks, Inc.)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-02] (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-02] (Google Inc.)FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll [No File]FF Plugin HKU\S-1-5-21-1276177871-1407396258-3323346848-1000: @bittorrent.com/BitTorrentDNA -> C:\Users\Asapaboi\Program Files\DNA\plugins\npbtdna.dll No FileFF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-09-19]FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtensionFF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-12-28]FF HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\Asapaboi\Program Files\DNAChrome:=======CHR Profile: C:\Users\Asapaboi\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Chrome Hotword Shared Module) - C:\Users\Asapaboi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]CHR Extension: (Chrome Web Store Payments) - C:\Users\Asapaboi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]==================== Services (Whitelisted) ========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-09-02] (AVAST Software)S3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [3218624 2015-09-02] (Avast Software)R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-08-06] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-06] (COMODO)R2 CouponPrinterService; C:\Program Files\Coupons\CouponPrinterService.exe [153072 2014-09-05] (Coupons.com Inc.)S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-07-05] (Malwarebytes Corporation)R2 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [40960 2006-07-20] () [File not signed]R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)===================== Drivers (Whitelisted) ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-02] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-02] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-09-02] (AVAST Software)R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-02] (AVAST Software)R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-09-02] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-09-02] (AVAST Software)R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-09-02] (AVAST Software)S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-09-02] (AVAST Software)R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-02] (AVAST Software)R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17064 2015-08-04] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [627824 2015-08-04] (COMODO)R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [40712 2015-08-04] (COMODO)R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91176 2015-08-04] (COMODO)S4 KR10I; C:\Windows\system32\drivers\kr10i.sys [216320 2006-02-14] (TOSHIBA CORPORATION) [File not signed]S4 KR10N; C:\Windows\system32\drivers\kr10n.sys [207104 2005-09-27] (TOSHIBA CORPORATION) [File not signed]S4 KR3NPXP; C:\Windows\system32\drivers\kr3npxp.sys [479488 2006-09-27] (TOSHIBA CORPORATION) [File not signed]R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-07-05] (Malwarebytes Corporation)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-25] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-07-05] (Malwarebytes Corporation)R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-09-02] (AVAST Software)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-01-06] () [File not signed]R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [220752 2015-09-02] (Avast Software)U3 a2mu1yxc; C:\Windows\system32\Drivers\a2mu1yxc.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)S1 Tosrfcom; no ImagePath==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-09-02 22:20 - 2015-09-02 22:21 - 00015526 _____ C:\Users\Asapaboi\Desktop\FRST.txt2015-09-02 22:17 - 2015-09-02 22:20 - 00000000 ____D C:\FRST2015-09-02 22:16 - 2015-09-02 22:16 - 01690624 _____ (Farbar) C:\Users\Asapaboi\Desktop\FRST.exe2015-09-02 22:15 - 2015-09-02 22:15 - 01690624 _____ (Farbar) C:\Users\Asapaboi\Downloads\FRST.exe2015-09-02 22:15 - 2015-09-02 22:15 - 00000000 _____ C:\Users\Asapaboi\Downloads\FRST.exe.m4rjq6g.partial2015-09-02 21:29 - 2015-09-02 21:29 - 00001942 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-09-02 21:29 - 2015-09-02 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-09-02 21:27 - 2015-09-02 22:01 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-09-02 21:27 - 2015-09-02 21:32 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-09-02 21:05 - 2015-09-02 21:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2015-09-02 20:34 - 2015-09-02 20:34 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2015-09-02 20:34 - 2015-09-02 20:34 - 00161472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys2015-09-02 20:34 - 2015-09-02 20:34 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr2015-09-02 20:34 - 2015-09-02 20:33 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys2015-09-01 23:30 - 2015-09-01 23:30 - 00000000 ____D C:\Users\Asapaboi\AppData\Roaming\Sun2015-09-01 23:30 - 2015-09-01 23:30 - 00000000 ____D C:\Users\Asapaboi\.oracle_jre_usage2015-08-29 21:40 - 2015-08-29 21:40 - 00035532 _____ C:\Users\Asapaboi\AppData\Local\recently-used.xbel2015-08-18 20:38 - 2015-08-18 20:38 - 12386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-08-18 20:38 - 2015-08-18 20:38 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-08-18 20:38 - 2015-08-14 15:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-08-12 22:07 - 2015-08-12 22:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe2015-08-12 22:07 - 2015-08-12 22:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-08-12 22:07 - 2015-08-12 22:07 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2015-08-12 22:07 - 2015-08-12 22:07 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll2015-08-12 22:07 - 2015-08-12 22:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys2015-08-12 22:07 - 2015-08-12 22:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys2015-08-12 22:07 - 2015-08-12 22:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-08-12 22:07 - 2015-08-12 22:07 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll2015-08-12 22:06 - 2015-08-12 22:06 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2015-08-12 22:05 - 2015-08-12 22:05 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys2015-08-12 22:04 - 2015-08-12 22:04 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2015-08-12 22:03 - 2015-08-12 22:03 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2015-08-12 21:44 - 2015-08-12 22:01 - 00000000 ____D C:\4868cbce5eb1eb2e132015-08-12 21:43 - 2015-08-12 21:43 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll2015-08-12 21:42 - 2015-08-12 21:42 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2015-08-12 21:42 - 2015-08-12 21:42 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2015-08-12 21:41 - 2015-08-12 21:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2015-08-12 21:41 - 2015-08-12 21:41 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll2015-08-12 21:41 - 2015-08-12 21:41 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-08-12 21:41 - 2015-08-12 21:41 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll2015-08-12 21:41 - 2015-08-12 21:41 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll2015-08-12 21:41 - 2015-08-12 21:41 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll2015-08-12 21:40 - 2015-08-12 21:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-08-12 21:40 - 2015-08-12 21:40 - 02066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-08-12 21:40 - 2015-08-12 21:40 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2015-08-12 21:40 - 2015-08-12 21:40 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll2015-08-12 21:40 - 2015-08-12 21:40 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll2015-08-12 21:40 - 2015-08-12 21:40 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2015-08-12 21:39 - 2015-08-12 21:39 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2015-08-12 21:38 - 2015-08-12 21:38 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe2015-08-12 21:38 - 2015-08-12 21:38 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe2015-08-11 20:56 - 2015-08-11 20:56 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-08-11 20:56 - 2015-08-11 20:56 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-08-11 20:56 - 2015-08-11 20:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-08-11 20:56 - 2015-08-11 20:56 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-08-11 20:56 - 2015-08-11 20:56 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-08-11 20:56 - 2015-08-11 20:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2015-08-11 20:56 - 2015-08-11 20:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2015-08-11 20:56 - 2015-08-11 20:56 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2015-08-11 20:56 - 2015-07-22 13:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll==================== One Month Modified files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2015-09-02 22:15 - 2010-01-27 21:55 - 01555243 _____ C:\Windows\WindowsUpdate.log2015-09-02 22:00 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-09-02 22:00 - 2006-11-02 05:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A02015-09-02 22:00 - 2006-11-02 05:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A02015-09-02 21:59 - 2010-02-04 19:57 - 00217322 _____ C:\Windows\PFRO.log2015-09-02 21:57 - 2006-11-02 06:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT2015-09-02 21:32 - 2013-10-16 10:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2015-09-02 21:28 - 2011-12-15 10:42 - 00000000 ____D C:\Program Files\Google2015-09-02 21:26 - 2007-09-12 00:16 - 00000000 ____D C:\Users\Asapaboi\AppData\Local\Deployment2015-09-02 21:21 - 2015-06-22 01:10 - 00000000 ____D C:\Program Files\Common Files\Apple2015-09-02 21:21 - 2011-01-07 18:14 - 00000000 ____D C:\ProgramData\Apple2015-09-02 21:18 - 2007-01-05 15:58 - 00000000 ____D C:\Windows\system32\Macromed2015-09-02 21:12 - 2014-11-13 21:11 - 00000000 ____D C:\KMPlayer2015-09-02 20:34 - 2014-04-21 07:59 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys2015-09-02 20:34 - 2013-03-24 23:11 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys2015-09-02 20:34 - 2013-03-24 23:11 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys2015-09-02 20:34 - 2011-02-07 21:15 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2015-09-02 20:34 - 2011-02-07 21:15 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2015-09-02 20:34 - 2011-02-07 21:15 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2015-09-02 20:34 - 2011-02-07 21:15 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys2015-09-02 20:33 - 2011-09-19 16:43 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2015-09-02 20:26 - 2014-11-13 22:17 - 00001811 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk2015-09-02 20:07 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\Msdtc2015-09-02 20:04 - 2006-11-02 03:22 - 47710208 _____ C:\Windows\system32\config\software_previous2015-09-02 20:04 - 2006-11-02 03:22 - 46399488 _____ C:\Windows\system32\config\components_previous2015-09-02 20:04 - 2006-11-02 03:22 - 32768000 _____ C:\Windows\system32\config\system_previous2015-09-02 20:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\security_previous2015-09-02 20:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\sam_previous2015-09-02 20:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\default_previous2015-09-02 20:01 - 2007-03-11 20:38 - 00000000 ____D C:\Users\Asapaboi2015-09-02 20:00 - 2014-08-11 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2015-09-02 20:00 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\spool2015-09-02 20:00 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache2015-09-01 23:19 - 2014-08-11 12:21 - 00000000 ____D C:\Program Files\Java2015-08-31 09:03 - 2008-04-29 12:31 - 00000000 ____D C:\Users\Asapaboi\Documents\00 Bookstore2015-08-29 21:50 - 2012-09-19 12:32 - 00000000 ____D C:\Users\Asapaboi\.gimp-2.82015-08-25 21:17 - 2014-09-29 22:11 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-08-23 19:52 - 2007-07-15 09:19 - 00000000 ___RD C:\Users\Asapaboi\Downloads\temp manga folder2015-08-22 11:11 - 2006-11-02 03:33 - 00838608 _____ C:\Windows\system32\PerfStringBackup.INI2015-08-20 19:43 - 2009-10-02 18:47 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2015-08-12 22:46 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET2015-08-12 22:28 - 2006-11-02 05:47 - 00322024 _____ C:\Windows\system32\FNTCACHE.DAT2015-08-12 22:23 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\system32\XPSViewer2015-08-12 21:45 - 2013-07-14 15:28 - 00000000 ____D C:\Windows\system32\MRT2015-08-12 21:44 - 2006-11-02 03:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe2015-08-12 20:11 - 2011-12-15 11:01 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR2015-08-11 20:32 - 2013-04-17 17:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2015-08-11 20:32 - 2011-07-08 17:47 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2015-08-07 00:24 - 2013-07-20 21:39 - 00008968 _____ C:\Windows\system32\Drivers\fvstore.dat2015-08-06 22:40 - 2013-07-18 19:59 - 00001777 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk2015-08-04 17:30 - 2013-06-18 16:16 - 00091176 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys2015-08-04 17:30 - 2013-06-18 16:15 - 00627824 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys2015-08-04 17:30 - 2013-06-18 16:15 - 00040712 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys2015-08-04 17:30 - 2013-06-18 16:15 - 00017064 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys2015-08-04 17:29 - 2013-06-18 16:15 - 00445472 _____ (COMODO) C:\Windows\system32\guard32.dll2015-08-04 17:29 - 2013-06-18 16:15 - 00033496 _____ (COMODO) C:\Windows\system32\cmdcsr.dll2015-08-04 17:27 - 2013-06-18 16:15 - 00288448 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll2015-08-04 17:26 - 2013-06-18 16:15 - 00040640 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll2015-08-03 22:44 - 2011-08-01 00:45 - 00005780 _____ C:\Users\Asapaboi\Desktop\guide.txt==================== Files in the root of some directories =======2013-05-16 11:51 - 2013-05-16 11:51 - 4167680 _____ () C:\Program Files\GUT9944.tmp2010-11-18 00:11 - 2010-11-18 00:11 - 0032768 _____ () C:\Users\Asapaboi\AppData\Roaming\000009FC_VTS_0.IFO2015-01-25 20:31 - 2015-01-25 20:31 - 0087608 _____ () C:\Users\Asapaboi\AppData\Roaming\inst.exe2010-01-27 21:36 - 2015-01-25 20:31 - 0007887 _____ () C:\Users\Asapaboi\AppData\Roaming\pcouffin.cat2010-01-27 21:36 - 2015-01-25 20:31 - 0001144 _____ () C:\Users\Asapaboi\AppData\Roaming\pcouffin.inf2010-01-27 21:38 - 2015-01-25 20:31 - 0000055 _____ () C:\Users\Asapaboi\AppData\Roaming\pcouffin.log2010-01-27 21:36 - 2015-01-25 20:31 - 0047360 _____ (VSO Software) C:\Users\Asapaboi\AppData\Roaming\pcouffin.sys2011-09-03 12:07 - 2011-09-03 12:07 - 0000000 _____ () C:\Users\Asapaboi\AppData\Roaming\wklnhst.dat2007-08-27 10:31 - 2013-03-11 17:48 - 0005216 _____ () C:\Users\Asapaboi\AppData\Local\d3d9caps.dat2007-03-11 21:03 - 2015-06-08 10:33 - 0050688 _____ () C:\Users\Asapaboi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2015-08-29 21:40 - 2015-08-29 21:40 - 0035532 _____ () C:\Users\Asapaboi\AppData\Local\recently-used.xbel2010-07-25 18:17 - 2010-07-25 18:17 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bcSome files in TEMP:====================C:\Users\Asapaboi\AppData\Local\temp\jre-8u45-windows-au.exeC:\Users\Asapaboi\AppData\Local\temp\{081DA934-88C8-4579-8B5F-435F8B1F12CF}-44.0.2403.107_43.0.2357.134_chrome_updater.exeC:\Users\Asapaboi\AppData\Local\temp\{33A02D76-FD6A-4FC8-9A34-0A147C76FF7A}-42.0.2311.152_42.0.2311.135_chrome_updater.exeC:\Users\Asapaboi\AppData\Local\temp\{F42B393F-FE44-4840-A849-BD8CFA83EB9D}-44.0.2403.157_44.0.2403.155_chrome_updater.exe==================== Bamital & volsnap =================(There is no automatic fix for files that do not pass verification.)C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2015-09-02 22:11==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-08-2015Ran by Asapaboi (2015-09-02 22:22:26)Running from C:\Users\Asapaboi\DesktopBoot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-1276177871-1407396258-3323346848-500 - Administrator - Disabled)Asapaboi (S-1-5-21-1276177871-1407396258-3323346848-1000 - Administrator - Enabled) => C:\Users\AsapaboiGuest (S-1-5-21-1276177871-1407396258-3323346848-501 - Limited - Disabled)==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)ACDSee 10 Photo Manager (HKLM\...\{F8B98EB6-FC06-45BF-87D4-9784E0408611}) (Version: 10.0.219 - ACD Systems International)Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) HiddenAdobe AIR (HKLM\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)Adobe Reader X (10.1.15) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version: - )Canon MX310 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series) (Version: - )CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.02 - TOSHIBA)Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)COMODO Firewall (HKLM\...\{A0BABADE-E154-4F08-97A1-2903CD110E88}) (Version: 6.2.20728.2847 - COMODO Security Solutions Inc.)Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)DVDFab 6.2.1.8 (31/12/2009) (HKLM\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)Google Update Helper (Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (Version: 1.3.28.13 - Google Inc.) HiddenIntel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)MSVC80_x86 (Version: 1.0.1.0 - Nokia) HiddenMSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)Nero 8 Essentials (HKLM\...\{E610E660-C0C1-4636-8980-1110C4081033}) (Version: 8.3.87 - Nero AG)Presto! PageManager 7.15.16 (HKLM\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)Protector Suite QL 5.8 (HKLM\...\{2CD82D77-8D1E-44FC-9A90-BBA95AC8D6B7}) (Version: 5.8.0.4024 - UPEK Inc.)Real Alternative 1.52 (HKLM\...\RealAlt_is1) (Version: 1.52 - )Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5322 - Realtek Semiconductor Corp.)Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.2.11.0 - Synaptics Incorporated)TagScanner 5.0 build 511 (HKLM\...\TagScanner_is1) (Version: - Sergey Serkov)Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}) (Version: 1.23.0000 - Texas Instruments Inc.)TIPCI (Version: 1.23.0000 - Texas Instruments Inc.) HiddenTOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.00 - )TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 7.00.21 - TOSHIBA)TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.00.00 - TOSHIBA Corporation)TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.45.50.1C - TOSHIBA)TOSHIBA Game Console (HKLM\...\TOSHIBA Game Console) (Version: - WildTangent)TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.45.50.8C - TOSHIBA)Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.6 - TOSHIBA)TOSHIBA Software Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.0 - TOSHIBA)TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.45.50.5C - TOSHIBA)TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.8 - TOSHIBA Corporation)Utility Common Driver (Version: 0.0.50.4C - TOSHIBA) HiddenWinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== Restore Points =========================24-08-2015 22:46:03 Scheduled Checkpoint25-08-2015 19:44:10 Windows Update26-08-2015 22:02:31 Scheduled Checkpoint27-08-2015 21:08:34 Scheduled Checkpoint29-08-2015 17:48:35 Windows Update01-09-2015 22:24:02 Windows Update01-09-2015 23:00:28 Windows Update02-09-2015 19:55:05 Restore Operation02-09-2015 20:19:14 Windows Update02-09-2015 20:31:29 avast! antivirus system restore point02-09-2015 21:03:56 Windows Update02-09-2015 21:13:08 Removed Java 8 Update 4502-09-2015 21:18:40 Removed Apple Application Support (32-bit)==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2006-11-02 03:23 - 2011-11-24 11:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {0F93EF5F-D15D-40B8-9E7A-0A30092F13DA} - System32\Tasks\{4CDA7259-8F75-43BC-802B-4758EA201E8F} => pcalua.exe -a D:\installers\avgremover.exe -d D:\installersTask: {1DFDB5BE-EA7A-4972-87E6-93EAE0C9A450} - System32\Tasks\{2829CE18-67AD-4A81-B3DA-F718B96E783C} => pcalua.exe -a "C:\Users\Asapaboi\Downloads\temp manga folder\setup\setup.exe" -d "C:\Users\Asapaboi\Downloads\temp manga folder\setup"Task: {1F6E5E6F-4AF4-429D-9E92-B37372E2D055} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Asapaboi => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)Task: {277BE5E9-4D16-4E63-96CF-E2BD4B10CF9D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)Task: {2BF3B320-94DC-40B4-B6B6-3706058334E4} - System32\Tasks\RunAsStdUser Task => C:\Program Files\Veoh Networks\Veoh\VeohClient.exeTask: {34303CAC-9388-4CA9-8BC4-2DDE69E6CA87} - System32\Tasks\{FF407F2F-3176-4CE5-BDE5-F1349148F4BD} => pcalua.exe -a G:\setup.exe -d G:\Task: {385EFAD7-0D21-452F-9D2B-0397EA8172D2} - System32\Tasks\{B69E65AA-F73D-4755-AA4E-227CE26FE6E8} => pcalua.exe -a "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSETask: {51E70313-5751-427C-AFEC-2BBE73BC3247} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-09-02] (AVAST Software)Task: {5FD38E3A-E6D8-48D6-8554-8B1CF2C3B716} - System32\Tasks\{C4371ADE-9E17-41ED-892C-4D929055F0EA} => pcalua.exe -a C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE -c C:\Windows\system32\Adobe\SHOCKW~1\Install.logTask: {765E76E8-D541-471E-BE82-AA671E0E26B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-06-22] (Apple Inc.)Task: {780B6792-ACA0-433C-8286-A2FF16AE06A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)Task: {826CE8B5-E621-4B75-86C9-0BC3D5004B18} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)Task: {9AFF3DC7-0DF6-4CBD-AD56-E544FAFDA92C} - System32\Tasks\Avast Scan => C:\Program Files\Alwil Software\Avast4\ashQuick.exeTask: {9BE95144-7D10-4337-ABF8-1651F0E68AB1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-06] (COMODO)Task: {9CEACDF7-9BDA-47F3-807C-69F1445ECD3A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)Task: {9F9BA99A-47CD-47D5-88BC-1D03D290B185} - System32\Tasks\{D53B63E2-1BD5-4BCC-A5E1-3831933F53C1} => pcalua.exe -a "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSETask: {BAE593BC-6A2E-438B-B3C3-D95185089C79} - System32\Tasks\{5E12E0A6-099B-4380-A907-4751C3F1025C} => pcalua.exe -a C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL -c Nokia Connection ManagerTask: {C3BD3AFC-039C-4135-9D4F-C1B1F759897D} - System32\Tasks\{3EB83942-4FCE-452E-9D8A-8B598BE83812} => pcalua.exe -a "C:\Program Files\GetRight\GETRIGHT.EXE" -c /UNINSTALLTask: {E79F1464-B64A-473A-9FC4-236D08E69F93} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)Task: {ECF51E89-DB94-44A0-A15C-0D2B75978B34} - System32\Tasks\{F57BD144-4E19-45F8-9CA9-2FB97D8FD508} => pcalua.exe -a "C:\Program Files\CCCP\Settings.exe" -d "C:\Program Files\CCCP"Task: {F5F906CD-7CCD-44E8-AEAE-24D493EC8054} - System32\Tasks\{076404D9-65C7-454C-88C3-704A8FA2DBA3} => pcalua.exe -a "C:\Program Files\CDisplay\unins000.exe"Task: {F6EEA576-3F75-49DC-A7ED-913F6B9772D2} - System32\Tasks\{DB55CE34-04AC-4A13-926F-700FF7766664} => pcalua.exe -a "C:\Users\Asapaboi\Downloads\temp manga folder\HJTInstall.exe" -d "C:\Users\Asapaboi\Downloads\temp manga folder"Task: {FB66D2BC-AAB0-4B9E-AF97-9F546238B685} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated)Task: {FCC93A9B-04E6-4410-B11E-0E2E30A5E33E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe==================== Loaded Modules (Whitelisted) ==============2015-03-17 20:03 - 2015-09-02 20:34 - 00102864 _____ () C:\Program Files\Alwil Software\Avast5\log.dll2015-03-17 20:03 - 2015-09-02 20:34 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll2015-09-02 20:30 - 2015-09-02 20:30 - 02961408 _____ () C:\Program Files\Alwil Software\Avast5\defs\15090201\algo.dll2007-01-05 15:51 - 2006-07-20 13:54 - 00040960 _____ () c:\Toshiba\IVP\swupdate\swupdtmr.exe2007-09-06 18:45 - 2007-05-22 10:59 - 00128512 _____ () C:\Program Files\WinRAR\rarext.dll2006-11-09 19:27 - 2006-11-09 19:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll2007-01-05 15:46 - 2006-10-10 11:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll2006-11-08 19:08 - 2006-11-08 19:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll2007-01-05 15:40 - 2006-10-20 14:49 - 00009216 _____ () C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll2006-12-01 19:55 - 2006-12-01 19:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll2006-11-06 18:14 - 2006-11-06 18:14 - 00034352 _____ () C:\Program Files\Toshiba\Utilities\KeNotify.exe2009-01-11 00:29 - 2006-09-20 09:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe2009-01-11 00:29 - 2006-10-30 17:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe2015-03-13 18:52 - 2015-03-17 20:03 - 40540672 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll2011-09-24 00:31 - 2011-08-22 01:18 - 00925696 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcIDAlternateDataStreams: C:\Windows\notepad.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\d3d10.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\d3d10core.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\d3d10_1.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\d3d10_1core.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\emdmgmt.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\FlashPlayerApp.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcIDAlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\mrt.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msfeedsbs.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msfeedssync.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\mshta.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\ntkrnlpa.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcIDAlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\url.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\ecache.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\ssudmdm.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\usbaapl.sys:$CmdTcIDAlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcIDAlternateDataStreams: C:\Users\Asapaboi\Desktop\FRST.exe:$CmdTcIDAlternateDataStreams: C:\Users\Asapaboi\Desktop\FRST.exe:$CmdZnIDAlternateDataStreams: C:\Users\Asapaboi\Downloads\FRST.exe:$CmdTcIDAlternateDataStreams: C:\Users\Asapaboi\Downloads\FRST.exe.m4rjq6g.partial:$CmdZnIDAlternateDataStreams: C:\Users\Asapaboi\AppData\Roaming\inst.exe:$CmdTcID==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)==================== EXE Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-1276177871-1407396258-3323346848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Asapaboi\Downloads\temp manga folder\download25.jpgDNS Servers: 209.18.47.61 - 209.18.47.62HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==(Currently there is no automatic fix for this section.)MSCONFIG\startupfolder: C:^Users^Asapaboi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.StartupMSCONFIG\startupreg: cdloader => "C:\Users\Asapaboi\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exeFirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exeFirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exeFirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exeFirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exeFirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exeFirewallRules: [{1833FF1D-2B95-4212-BFCF-C8CB20A82DB0}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeFirewallRules: [{D31D16DC-5C2B-4FA3-98E8-1B289BD1E08E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeFirewallRules: [TCP Query User{FB53031C-4287-4B3F-A20B-D05233C5FBE3}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exeFirewallRules: [uDP Query User{CBDFA802-D441-4DCB-B623-23637641FEFD}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exeFirewallRules: [TCP Query User{51CD27CE-9F45-4B2E-B8E6-66E488DA33BC}C:\program files\common files\ahead\nero web\setupx.exe] => (Block) C:\program files\common files\ahead\nero web\setupx.exeFirewallRules: [uDP Query User{66108F28-2177-41A0-984D-D54C2B60B7F6}C:\program files\common files\ahead\nero web\setupx.exe] => (Block) C:\program files\common files\ahead\nero web\setupx.exeFirewallRules: [{920731F2-468C-4BFC-9C80-43EA5C3782F4}] => (Allow) C:\Program Files\DNA\btdna.exeFirewallRules: [{8B42DBDE-B243-4A26-B2DD-8763D3DBC134}] => (Allow) C:\Program Files\DNA\btdna.exeFirewallRules: [TCP Query User{2D259DEE-D7DF-43EE-82A2-1DE2174128FB}C:\users\asapaboi\program files\dna\btdna.exe] => (Block) C:\users\asapaboi\program files\dna\btdna.exeFirewallRules: [uDP Query User{4183BFB7-4BA5-461B-A9D9-E109A1E22384}C:\users\asapaboi\program files\dna\btdna.exe] => (Block) C:\users\asapaboi\program files\dna\btdna.exeFirewallRules: [TCP Query User{4D19721C-1545-463F-B5E3-31EDFE944A41}C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exeFirewallRules: [uDP Query User{BB8CAA4B-E656-4AE2-999A-D6F3A6B81C35}C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\asapaboi\appdata\roaming\mjusbsp\magicjack.exeFirewallRules: [TCP Query User{0E2709AE-B16C-44DA-80C4-A81949689E40}C:\program files\toshiba games\jeopardy\jeopardy!.exe] => (Allow) C:\program files\toshiba games\jeopardy\jeopardy!.exeFirewallRules: [uDP Query User{95A05AB6-E43D-46D6-AB7E-86C515B4AE84}C:\program files\toshiba games\jeopardy\jeopardy!.exe] => (Allow) C:\program files\toshiba games\jeopardy\jeopardy!.exeFirewallRules: [{235DDE84-8298-406C-89C7-7B2319696302}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exeFirewallRules: [{536F41E2-1047-4145-8EE8-0845ED26246E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exeFirewallRules: [{3193269C-3242-4E76-B0E6-E5146DF72077}] => (Allow) LPort=80FirewallRules: [{D8465265-0BB7-41E9-9D5C-87146B7AAEF2}] => (Allow) LPort=80FirewallRules: [{7D8A5760-B73A-471D-8C2B-7EDDE1D3DB88}] => (Allow) LPort=80FirewallRules: [{A49BB9E0-4364-4243-AE57-AFDFE186EFDA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exeFirewallRules: [sLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exeFirewallRules: [sLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exeFirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exeFirewallRules: [{6143CB6D-4951-4153-8A21-AD601724B0FF}] => (Allow) C:\Program Files\Azureus\Azureus.exeFirewallRules: [{462B7FEB-3766-43E7-BACB-ADE679AD029D}] => (Allow) C:\Program Files\Azureus\Azureus.exeFirewallRules: [{D5152B53-0BF3-41E0-9BFF-8514A80E39AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{490C6C09-5BDD-44CF-A60E-8B5C3999D6F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{ADB9D455-9366-4D34-9DAA-1B08DC3C5C6B}] => (Allow) C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exeFirewallRules: [{1D87A40F-4695-4705-8F4A-C16E89966160}] => (Allow) C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exeFirewallRules: [{06F58F27-14E0-4D5B-BB56-8BBA49F32928}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exeStandardProfile\AuthorizedApplications: [C:\TOSHIBA\ivp\NetInt\Netint.exe] => Enabled:NIE - Toshiba Software Upgrades EngineStandardProfile\AuthorizedApplications: [C:\TOSHIBA\Ivp\ISM\pinger.exe] => Enabled:Toshiba Software Upgrades Pinger==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (09/02/2015 10:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0x67c, application start time 0xchrome.exe0.Error: (09/02/2015 10:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0xf74, application start time 0xchrome.exe0.Error: (09/02/2015 10:03:59 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0x14f0, application start time 0xchrome.exe0.Error: (09/02/2015 09:51:33 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0x144c, application start time 0xchrome.exe0.Error: (09/02/2015 09:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0x1420, application start time 0xchrome.exe0.Error: (09/02/2015 09:36:11 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0x12b8, application start time 0xchrome.exe0.Error: (09/02/2015 09:30:35 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0x1744, application start time 0xchrome.exe0.Error: (09/02/2015 09:30:10 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0xfdc, application start time 0xchrome.exe0.Error: (09/02/2015 09:22:57 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application chrome.exe, version 45.0.2454.85, time stamp 0x55df881b, faulting module guard32.dll, version 8.2.0.4674, time stamp 0x55c148a3, exception code 0xc0000409, fault offset 0x000269c9,process id 0x16b0, application start time 0xchrome.exe0.Error: (09/02/2015 09:22:02 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Asapaboi-PC)Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217820560System errors:=============Error: (09/02/2015 10:07:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: Windows UpdateError: (09/02/2015 10:00:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )Description: TosrfcomError: (09/02/2015 10:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Apple Mobile Device%%1053Error: (09/02/2015 10:00:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: 30000Apple Mobile DeviceError: (09/02/2015 09:56:07 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}Error: (09/02/2015 09:55:45 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}Error: (09/02/2015 09:53:06 PM) (Source: DCOM) (EventID: 10016) (User: Asapaboi-PC)Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Asapaboi-PCAsapaboiS-1-5-21-1276177871-1407396258-3323346848-1000LocalHost (Using LRPC)Error: (09/02/2015 09:22:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Apple Mobile Device%%1053Error: (09/02/2015 09:22:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: 30000Apple Mobile DeviceError: (09/02/2015 08:59:17 PM) (Source: cdrom) (EventID: 15) (User: )Description: The device, \Device\CdRom0, is not ready for access yet.Microsoft Office:=========================Error: (12/15/2014 06:57:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 156 seconds with 0 seconds of active time. This session ended with a crash.Error: (12/08/2014 06:03:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 24615 seconds with 660 seconds of active time. This session ended with a crash.Error: (09/24/2013 02:06:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 623 seconds with 540 seconds of active time. This session ended with a crash.Error: (12/05/2009 02:30:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1805 seconds with 1020 seconds of active time. This session ended with a crash.CodeIntegrity:=================================== Date: 2015-09-02 22:21:25.368 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 22:21:24.230 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 22:21:23.091 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-09-02 22:21:21.952 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-24 18:51:03.995 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-24 18:51:02.117 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-24 18:51:00.332 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-24 18:50:58.504 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-24 18:50:56.520 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-24 18:50:54.737 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.==================== Memory info ===========================Processor: Intel® Core2 CPU T5500 @ 1.66GHzPercentage of memory in use: 47%Total physical RAM: 3061.38 MBAvailable physical RAM: 1596.86 MBTotal Virtual: 6335.14 MBAvailable Virtual: 4681.78 MB==================== Drives ================================Drive c: (SQ004286V02) (Fixed) (Total:91.69 GB) (Free:14.11 GB) NTFS ==>[drive with boot components (obtained from BCD)]Drive d: () (Fixed) (Total:111.79 GB) (Free:13.55 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93.2 GB) (Disk ID: 6D702ECC)Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)Partition 2: (Active) - (Size=91.7 GB) - (Type=07 NTFS)========================================================Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 111.8 GB) (Disk ID: 5D379805)Partition 1: (Not Active) - (Size=111.8 GB) - (Type=OF Extended)==================== End of Addition.txt ============================ Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 9, 2015 Root Admin ID:987981 Share Posted September 9, 2015 Sorry for the delay. Do you still need help with this? Link to post Share on other sites More sharing options...
scaredycat Posted September 9, 2015 Author ID:988029 Share Posted September 9, 2015 No, I'm good, thank you. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 9, 2015 Root Admin ID:988146 Share Posted September 9, 2015 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts