irish Posted January 10, 2016 ID:1011844 Share Posted January 10, 2016 I was recieving help from another member. He (perhaps She) determined that I am infected.I'm not quiet sure if I have removed all the illegal stuff. But here are the logs. Addition.txtFRST.txt Link to post Share on other sites More sharing options...
kevinf80 Posted January 11, 2016 ID:1011989 Share Posted January 11, 2016 Hello and welcome to Malwarebytes,Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...Please open Malwarebytes Anti-Malware. On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits". Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button. A Threat Scan will begin. With some infections, you may or may not see this message box. 'Could not load DDA driver' Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions. When the scan is complete, click Apply Actions. Wait for the prompt to restart the computer to appear, then click on Yes. After the restart once you are back at your desktop, open MBAM once more.To get the log from Malwarebytes do the following: Click on the History tab > Application Logs. Double click on the scan log which shows the Date and time of the scan just performed. Click Export > From export you have three options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…If Malwarebytes is not installed follow these instructions first:Download Malwarebytes Anti-Malware to your desktop.Double-click mbam-setup and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-Malware A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program. Click Finish. Follow the instructions above....Next,Download AdwCleaner by Xplode onto your Desktop. Double click on Adwcleaner.exe to run the tool. Click on the Scan in the Actions box Please wait fot the scan to finish.. When "Waiting for action.Please uncheck elements you want to keep" shows in top line.. Click on the Cleaning box. Next click OK on the "Closing Programs" pop up box. Click OK on the Information box & again OK to allow the necessary reboot After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...Next,Download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make logs named (Addition.txt) and Shortcut.txt Please attach those logs to your reply.Let me see those logs in your next reply...Thank you,Kevin... Link to post Share on other sites More sharing options...
irish Posted January 11, 2016 Author ID:1012034 Share Posted January 11, 2016 Hi,Thanks for replying.First a few things.(1) For some reason, after running scan for rootkitsm and restarting, malware anti bytes no longer automaticaly starts.(2) after running one of the other programs, the taskbar no longer displays programs such as opera, as icons, but as text pages.But perhaps it'll be olay after another reboot.But I'll try that another time.Regarding Logs.I cannot gind the shortcuts log.Here is the malware bytes log.The others are attached Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 29/01/2015Scan Time: 10:54Logfile:Administrator: YesVersion: 2.00.4.1028Malware Database: v2015.01.29.05Rootkit Database: v2015.01.14.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: UserScan Type: Threat ScanResult: CompletedObjects Scanned: 321480Time Elapsed: 11 min, 10 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 0(No malicious items detected)Physical Sectors: 0(No malicious items detected)(end)AdwCleanerC1.txtFRST.txtAddition.txt Link to post Share on other sites More sharing options...
kevinf80 Posted January 12, 2016 ID:1012183 Share Posted January 12, 2016 Thanks for those logs, continue please: Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.Run FRST and press the Fix button just once and wait.The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Next, Scan with ESET Online ScannerThis step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.Temporary disable your AntiVirus and AntiSpyware protection - instructions here.Please visit ESET Online Scanner website.Click there Run ESET Online Scanner.If using Internet Explorer: Accept the Terms of Use and click Start.Allow the running of add-on.If using Mozilla Firefox or Google Chrome:Download esetsmartinstaller_enu.exe that you'll be given link to.Double click esetsmartinstaller_enu.exe.Allow the Terms of Use and click Start.To perform the scan:Make sure that Remove found threats is unchecked.Scan archives is checked.In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.Under “Enable Stealth Technology select “Change” select any extra drives in that window.Click StartThe program will begin to download it's virus database. The speed may vary depending on your Internet connection.When completed, the program will begin to scan. This may take several hours. Please, be patient.Do not do anything on your machine as it may interrupt the scan.When the scan is done, click Finish.A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.Please include this logfile in your next reply.Don't forget to re-enable protection software! Let me see those logs, also give an update on any remaining issues or concerns... Thank you, KevinFixlist.txt Link to post Share on other sites More sharing options...
irish Posted January 12, 2016 Author ID:1012282 Share Posted January 12, 2016 Hi, and thanks for all the help. When do i renable avast, and malware bytes.I am run the virus scan right now.But I think I'll wait until I hear back from you on that. Link to post Share on other sites More sharing options...
kevinf80 Posted January 12, 2016 ID:1012286 Share Posted January 12, 2016 Re-enable your security when ESET is finished... Link to post Share on other sites More sharing options...
irish Posted January 12, 2016 Author ID:1012288 Share Posted January 12, 2016 okay. Thank you, but am I not just leaving myself vulnerable while that's being done? Link to post Share on other sites More sharing options...
kevinf80 Posted January 12, 2016 ID:1012289 Share Posted January 12, 2016 Disconnect the internet connection.... Link to post Share on other sites More sharing options...
irish Posted January 12, 2016 Author ID:1012302 Share Posted January 12, 2016 okay, can't do that now, as someome else is using the same connection. Will try tomorrw. THANKS again. Link to post Share on other sites More sharing options...
kevinf80 Posted January 12, 2016 ID:1012312 Share Posted January 12, 2016 You should be able to disconnect your own connection, select your internet icon on system tray, connections will show, click on yours and select Disconnect.... Link to post Share on other sites More sharing options...
irish Posted January 13, 2016 Author ID:1012433 Share Posted January 13, 2016 Thanks again, okay I diaable my connection once the database is downloaded. Link to post Share on other sites More sharing options...
kevinf80 Posted January 13, 2016 ID:1012484 Share Posted January 13, 2016 Ok, let me see ESET log whenever you`re ready.... Link to post Share on other sites More sharing options...
irish Posted January 13, 2016 Author ID:1012487 Share Posted January 13, 2016 got as far as "cannot get update. Is Proxy configured" I know nothing about configuring proxies. Link to post Share on other sites More sharing options...
kevinf80 Posted January 13, 2016 ID:1012491 Share Posted January 13, 2016 I see no indication of Proxy server or settings in your logs, not sure why that alert shows.. Which browser did you use to d/l ESET....? Run the following, then try ESET again.. Please download MiniToolBox from here:http://www.bleepingcomputer.com/download/minitoolbox/dl/65/Checkmark the following checkboxes: Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList DevicesList Users, Partitions and Memory size.List Minidump FilesList Restore PointsClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed. Thank you, Kevin Link to post Share on other sites More sharing options...
irish Posted January 13, 2016 Author ID:1012525 Share Posted January 13, 2016 pale moon browser. logMiniToolBox by Farbar Version: 02-11-2015Ran by User (administrator) on 13-01-2016 at 20:19:20Running from "C:\Users\User\Downloads"Microsoft Windows 7 Professional Service Pack 1 (X64)Model: 7360W4Y Manufacturer: LENOVOBoot Mode: Normal***************************************************************************========================= Flush DNS: ===================================Windows IP ConfigurationCould not flush the DNS Resolver Cache: Function failed during execution.========================= IE Proxy Settings: ==============================Proxy is not enabled.No Proxy Server is set."Reset IE Proxy Settings": IE Proxy Settings were reset.========================= FF Proxy Settings: =============================="Reset FF Proxy Settings": Firefox Proxy settings were reset.========================= Hosts content: ========================================================== IP Configuration: ================================Intel® 82567LM-3 Gigabit Network Connection = Local Area Connection (Connected)# ----------------------------------# IPv4 Configuration# ----------------------------------pushd interface ipv4resetset global icmpredirects=enabledpopd# End of IPv4 configurationWindows IP Configuration Host Name . . . . . . . . . . . . : User-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® 82567LM-3 Gigabit Network Connection Physical Address. . . . . . . . . : 00-21-86-1D-F0-52 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::c158:4822:d16b:5a7f%10(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : 13 January 2016 11:03:14 Lease Expires . . . . . . . . . . : 20 January 2016 11:03:13 Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 234889168 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-86-D3-32-00-21-86-1D-F0-52 DNS Servers . . . . . . . . . . . : 89.101.160.5 89.101.160.4 NetBIOS over Tcpip. . . . . . . . : EnabledServer: ie-dub01a-dns02.upc.ieAddress: 89.101.160.5Name: google.comAddresses: 2a00:1450:400b:802::200e 216.58.198.78Pinging google.com [216.58.198.78] with 32 bytes of data:Reply from 216.58.198.78: bytes=32 time=14ms TTL=57Reply from 216.58.198.78: bytes=32 time=13ms TTL=57Ping statistics for 216.58.198.78: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 13ms, Maximum = 14ms, Average = 13msServer: ie-dub01a-dns02.upc.ieAddress: 89.101.160.5Name: yahoo.comAddresses: 2001:4998:44:204::a7 2001:4998:58:c02::a9 2001:4998:c:a06::2:4008 98.138.253.109 98.139.183.24 206.190.36.45Pinging yahoo.com [98.138.253.109] with 32 bytes of data:Reply from 98.138.253.109: bytes=32 time=160ms TTL=51Reply from 98.138.253.109: bytes=32 time=149ms TTL=51Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 149ms, Maximum = 160ms, Average = 154msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List 10...00 21 86 1d f0 52 ......Intel® 82567LM-3 Gigabit Network Connection 1...........................Software Loopback Interface 1===========================================================================IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 10 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.0 On-link 192.168.0.10 266 192.168.0.10 255.255.255.255 On-link 192.168.0.10 266 192.168.0.255 255.255.255.255 On-link 192.168.0.10 266 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.0.10 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.0.10 266===========================================================================Persistent Routes: NoneIPv6 Route Table===========================================================================Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 10 266 fe80::/64 On-link 10 266 fe80::c158:4822:d16b:5a7f/128 On-link 1 306 ff00::/8 On-link 10 266 ff00::/8 On-link===========================================================================Persistent Routes: None========================= Winsock entries =====================================Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)========================= Event log errors: ===============================Application errors:==================Error: (01/13/2016 08:17:51 PM) (Source: VSS) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it..Operation: Instantiating VSS serverError: (01/13/2016 08:17:51 PM) (Source: VSS) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.]Operation: Instantiating VSS serverError: (01/13/2016 02:41:46 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.Error: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it..Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.]Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it..Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.]Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it..Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.]Operation: Instantiating VSS serverError: (01/12/2016 09:19:12 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.System errors:=============Error: (01/13/2016 08:11:10 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 08:00:59 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 07:50:48 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 07:40:37 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 07:30:26 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 07:20:15 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 07:10:04 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 07:03:27 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 07:03:17 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Error: (01/13/2016 06:59:53 PM) (Source: Service Control Manager) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:%%1058Microsoft Office Sessions:=========================Error: (01/13/2016 08:17:51 PM) (Source: VSS)(User: )Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/13/2016 08:17:51 PM) (Source: VSS)(User: )Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/13/2016 02:41:46 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exeError: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.Operation: Instantiating VSS serverError: (01/12/2016 09:19:12 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exeCodeIntegrity Errors:=================================== Date: 2015-01-25 19:17:06.900 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-25 19:17:06.791 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-25 19:17:06.675 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-25 19:17:06.565 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-25 18:52:43.316 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-25 18:52:43.207 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-25 18:52:43.090 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-25 18:52:42.981 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.=========================== Installed Programs ============================Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)Breakaway Audio Enhancer (HKLM-x32\...\BreakawayPersonalForWindows) (Version: - )Clipboard Manager (HKLM-x32\...\{F1D6452D-4F52-4E6C-97A5-9DC54041FED0}) (Version: 1.0.0 - Frens)Create Multiple Files From Text File List Software (HKLM-x32\...\Create Multiple Files From Text File List Software_is1) (Version: - Sobolsoft)DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 1.97 - NCH Software)FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)GoldWave v6.15 (HKLM\...\GoldWave v6.15) (Version: 6.15 - GoldWave Inc.)Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) HiddenIntel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)Kobo (HKLM-x32\...\Kobo) (Version: 3.15.0 - Rakuten Kobo Inc.)Kodi (HKCU\...\Kodi) (Version: - XBMC-Foundation)LAV Filters 0.59.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.59.1 - Hendrik Leppkes)Light Alloy 4.8.8 (build 2038) (HKLM-x32\...\Light Alloy) (Version: 4.8.8 (build 2038) - )Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)Media Browser DVD/BD Image System Support Package (HKLM\...\pfm-license-mediabrowser.txt) (Version: - )MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)NTREGOPT 1.1j (HKLM-x32\...\NTREGOPT_is1) (Version: - Lars Hederer)Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)Pale Moon 25.8.1 (x86 en-US) (HKLM-x32\...\Pale Moon 25.8.1 (x86 en-US)) (Version: 25.8.1 - Moonchild Productions)Potplayer (HKLM-x32\...\PotPlayer) (Version: - Kakao Corp.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)R-Studio 7.1 (HKLM-x32\...\R-Studio 7.1NSIS) (Version: 7.1.154569 - R-Tools Technology Inc.)Smart Defrag 4 Pro (HKLM-x32\...\Smart Defrag 4 Pro_is1) (Version: 4.2 - IObit)STDU Viewer version 1.6.375.0 (HKLM-x32\...\STDU Viewer_is1) (Version: 1.6.375.0 - STDUtility)swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) HiddenTotal Commander Ultima Prime 6.6 (HKLM-x32\...\TC UP) (Version: 6.6.0.1215 - TC UP Team)TreePad Lite 4.3 (HKLM-x32\...\TreePadLite4) (Version: - )TVMC (HKCU\...\TVMC) (Version: - TVADDONS.ag)Txt2fil (HKLM-x32\...\Txt2fil) (Version: - )VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) HiddenVeoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)WinCatalog 2013 (HKLM-x32\...\{94145C48-3CDB-42FA-A8F4-8DAD34A564C5}_is1) (Version: 4.0 - WinCatalog.com)WinRAR 5.10 beta 4 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)Wise Data Recovery 3.82 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.82 - WiseCleaner.com, Inc.)Zona (HKLM-x32\...\Zona)) (Version: - )========================= Devices: ================================Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelDevice ID: ROOT\*TEREDO\0000Problem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.========================= Memory info: ===================================Percentage of memory in use: 37%Total physical RAM: 1900.23 MBAvailable physical RAM: 1182.48 MBTotal Virtual: 3800.47 MBAvailable Virtual: 2320.75 MB========================= Partitions: =====================================1 Drive b: (tcup) (Fixed) (Total:698.64 GB) (Free:1.45 GB) NTFS2 Drive c: () (Fixed) (Total:148.95 GB) (Free:8.29 GB) NTFS3 Drive d: (wallander (brana) (CDROM) (Total:4.16 GB) (Free:0 GB) CDFS4 Drive f: ((H)) (Fixed) (Total:232.83 GB) (Free:7.38 GB) FAT325 Drive h: () (Fixed) (Total:931.51 GB) (Free:2.09 GB) NTFS6 Drive i: (prog files) (Fixed) (Total:931.51 GB) (Free:6.02 GB) NTFS========================= Users: ========================================User accounts for \\USER-PCAdministrator Guest User ========================= Minidump Files ==================================No minidump file found========================= Restore Points ==================================**** End of log **** Link to post Share on other sites More sharing options...
kevinf80 Posted January 13, 2016 ID:1012532 Share Posted January 13, 2016 I have no experience with Pale Moon, never used it... Go to the following link and follow the instructions for a clean install, see if that makes any difference.... https://forum.palemoon.org/viewtopic.php?f=19&t=662 Link to post Share on other sites More sharing options...
irish Posted January 14, 2016 Author ID:1012566 Share Posted January 14, 2016 okay, the problem was that I had Avast still running while eset was sownloading it's database.I turnned it off, and everything worked fine. here is the eset log ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=f52b15f753a6834581324b5b81153459# end=init# utc_time=2016-01-12 09:19:20# local_time=2016-01-12 09:19:20 (+0000, GMT Standard Time)# country="Ireland"# osver=6.1.7601 NT Service Pack 1Update InitUpdate DownloadESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=f52b15f753a6834581324b5b81153459# end=init# utc_time=2016-01-13 02:45:40# local_time=2016-01-13 02:45:40 (+0000, GMT Standard Time)# country="Ireland"# osver=6.1.7601 NT Service Pack 1Update InitUpdate Downloadesets_scanner_update returned -1 esets_gle=37126Update FinalizeUpdated modules version: 0Old modules - leave modulesUpdate InitUpdate DownloadUpdate FinalizeUpdated modules version: 27626Update InitUpdate DownloadUpdate FinalizeUpdated modules version: 27629# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=f52b15f753a6834581324b5b81153459# end=updated# utc_time=2016-01-13 08:32:27# local_time=2016-01-13 08:32:27 (+0000, GMT Standard Time)# country="Ireland"# osver=6.1.7601 NT Service Pack 1# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.7777# api_version=3.1.1# EOSSerial=f52b15f753a6834581324b5b81153459# engine=27629# end=finished# remove_checked=false# archives_checked=true# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2016-01-14 01:22:48# local_time=2016-01-14 01:22:48 (+0000, GMT Standard Time)# country="Ireland"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode=782 16777213 71 94 3571085 59243374 0 0# compatibility_mode_1=''# compatibility_mode=5893 16776573 100 94 1511566 205199618 0 0# scanned=411506# found=18# cleaned=0# scan_time=17417sh=542D6E34EBD95C4000121E67E70EE00B0BA2C2C8 ft=1 fh=83920c181fa8a99c vn="Win32/ZvuZona.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\zona\plugins\zupdater\ZonaUpdater.exe.vir"sh=4B898B05DB9E603FDA67FCEA700DB6773CC9402C ft=1 fh=acfae6a1968281b8 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\unlocker-setup.exe"sh=11625ED786034F0FDC98E2CCCC1AE45DC174A94D ft=1 fh=ed438e1c18af58b5 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\ExpressRip\expressrip.exe"sh=F8B9E4E30159C0B5AB40B61454D349F3DEE641AF ft=1 fh=9d66e76b38f200a7 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\ExpressRip\expressripsetup_v1.97.exe"sh=02D28237F6DDB632C00C1B898F7AA807BFBDB67F ft=1 fh=4eadd020729affce vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Users\User\AppData\LocalLow\Sun\Java\jre1.7.0_51\java_sp.dll"sh=32E0D988BA9FD6C202933CC91C383E7FEE2C58A6 ft=1 fh=c71c00119277150a vn="Win32/Muter.A potentially unsafe application" ac=I fn="C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\t3a5jlio.default\extensions\muter@yxl.name\modules\ctypes-binary\MuterHook-32.dll"sh=0969CB4081F300BCA837B6AA18BC7B2A32C1145B ft=1 fh=d0d6ceac5381aefb vn="a variant of Win64/Muter.A potentially unsafe application" ac=I fn="C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\t3a5jlio.default\extensions\muter@yxl.name\modules\ctypes-binary\MuterHook-64.dll"sh=030E9556494C2784F301FAB8708E224C0E444106 ft=1 fh=f7783894cc13cc4e vn="a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application" ac=I fn="H:\found.003\dir0000.chk\SIW\siw.exe"sh=C0AC081667B5D61EED545A4451198CDA3ED76C30 ft=1 fh=964bc8e3d125fb49 vn="a variant of Win32/OpenCandy.A potentially unsafe application" ac=I fn="H:\loose exes\FreeWebMVideoConverter.exe"sh=030E9556494C2784F301FAB8708E224C0E444106 ft=1 fh=f7783894cc13cc4e vn="a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Media\SIW\siw.exe"sh=E16EAC79F4BEA4FE848BC5248A59765D1939A76B ft=1 fh=addc85385e5ed3b0 vn="a variant of Win32/Server-Web.HFS.A potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Tools\HFS\hfs.exe"sh=2BE6486F0E355489D9F2E5DA9C28875D830B81F0 ft=1 fh=11e72b199049b7ba vn="Win32/PSWTool.SnadBoy.2011 potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Tools\Revelation\Revelation.exe"sh=F937D3B2409F2D8C32C12E2F3F3CF8996B1DFCD3 ft=1 fh=ffbb1f6f3b7918a6 vn="Win32/PSWTool.SnadBoy.2011 potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Tools\Revelation\RevelationHelper.dll"sh=C89865B729E1F6027A461E7B48CFA68A54590A2D ft=1 fh=30a236b0a4800cbe vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="I:\program files\Avira\AntiVir Desktop\apnic.dll"sh=FDC2005CED8ACF86C68FE1B86B0698D0539E8CE0 ft=1 fh=1aa6a68885750335 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="I:\program files\Avira\AntiVir Desktop\apnstub.exe"sh=085E2EFA6A258EEC88044241035A37DFF3DE3AE9 ft=1 fh=561b7be0126badba vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="I:\program files\Avira\AntiVir Desktop\apntoolbarinstaller.exe"ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=f52b15f753a6834581324b5b81153459# end=init# utc_time=2016-01-14 01:29:50# local_time=2016-01-14 01:29:50 (+0000, GMT Standard Time)# country="Ireland"# osver=6.1.7601 NT Service Pack 1 Link to post Share on other sites More sharing options...
kevinf80 Posted January 14, 2016 ID:1012605 Share Posted January 14, 2016 Ok thanks for the update, what is the current status of your system, do you have any remaining issues or concerns? Link to post Share on other sites More sharing options...
irish Posted January 14, 2016 Author ID:1012631 Share Posted January 14, 2016 At the moment, no. Link to post Share on other sites More sharing options...
kevinf80 Posted January 14, 2016 ID:1012634 Share Posted January 14, 2016 OK, the ESET entries are not malicious per se, the ones listed for C:\ H:\ and I:\ drive are typical free software bundled unwanted extras. Your choice to uninstall or not.... A good free, clean program to stop most bundled extras is UnChecky, http://unchecky.com/ The Java entry is located to an outdated version, probably a good idea to update java... Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.Please follow these steps to remove older version of Java components and upgrade the application. Upgrading Java: Go to http://java.com/en/ and click on "Do I have Java"It will check your current version and then offer to update to the latest versionWatch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it. ***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very ImportantNext, To clean up... Download "Delfix by Xplode" and save it to your desktop.Or use the following if first link is down:"Delfix link mirror"If your security program alerts to Delfix either, accept the alert or turn your security off.Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administratorMake Sure the following items are checked: Remove disinfection tools Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created. Reset system settingsNow click on "Run" and wait patiently until the tool has completed.The tool will create a log when it has completed. We don't need you to post this.Any remnant files/logs from tools we have used can be deleted… Next, Read the following links to fully understand PC Security and Best Practices, you may find them useful....Answers to Common Security Questions and best PracticesDo I need a Registry Cleaner?Take care and surf safeKevin... Link to post Share on other sites More sharing options...
irish Posted January 14, 2016 Author ID:1012642 Share Posted January 14, 2016 thanks Kevin. Link to post Share on other sites More sharing options...
kevinf80 Posted January 14, 2016 ID:1012646 Share Posted January 14, 2016 You`re very welcome, comeback anytime..... Kevin.... Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 18, 2016 Root Admin ID:1013324 Share Posted January 18, 2016 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts