Jump to content

I'm infected


irish
 Share

Recommended Posts

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.

            'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.



To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…




If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...



Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make logs named (Addition.txt) and Shortcut.txt Please attach those logs to your reply.



Let me see those logs in your next reply...

Thank you,

Kevin...
 

Link to post
Share on other sites

Hi,

Thanks for replying.

First a few things.

(1) For some reason, after running scan for rootkitsm and restarting, malware anti bytes no longer automaticaly starts.

(2) after running one of the other programs, the taskbar no longer displays programs such as opera, as icons, but as text pages.

But perhaps it'll be olay after another reboot.

But I'll try that another time.

Regarding Logs.

I cannot gind the shortcuts log.

Here is the malware bytes log.

The others are attached

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29/01/2015
Scan Time: 10:54
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.29.05
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321480
Time Elapsed: 11 min, 10 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

AdwCleanerC1.txt

FRST.txt

Addition.txt

Link to post
Share on other sites

Thanks for those logs, continue please:

 

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.
 

Next,

 

ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.

Click there Run ESET Online Scanner.

If using Internet Explorer:
 

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.

To perform the scan:


  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Under “Enable Stealth Technology select “Change” select any extra drives in that window.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.

Don't forget to re-enable protection software!

 

 

Let me see those logs, also give an update on any remaining issues or concerns...

 

Thank you,

 

Kevin

Fixlist.txt

Link to post
Share on other sites

I see no indication of Proxy server or settings in your logs, not sure why that alert shows.. Which browser did you use to d/l ESET....?

 

Run the following, then try ESET again..

 

Please download MiniToolBox from here:

http://www.bleepingcomputer.com/download/minitoolbox/dl/65/


Checkmark the following checkboxes:
 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
 
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 

 

Thank you,

 

Kevin

Link to post
Share on other sites

pale moon browser.

 

 

log

MiniToolBox by Farbar  Version: 02-11-2015
Ran by User (administrator) on 13-01-2016 at 20:19:20
Running from "C:\Users\User\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: 7360W4Y Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Intel® 82567LM-3 Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : User-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82567LM-3 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-21-86-1D-F0-52
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c158:4822:d16b:5a7f%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 13 January 2016 11:03:14
   Lease Expires . . . . . . . . . . : 20 January 2016 11:03:13
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234889168
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-86-D3-32-00-21-86-1D-F0-52
   DNS Servers . . . . . . . . . . . : 89.101.160.5
                                       89.101.160.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  ie-dub01a-dns02.upc.ie
Address:  89.101.160.5

Name:    google.com
Addresses:  2a00:1450:400b:802::200e
      216.58.198.78


Pinging google.com [216.58.198.78] with 32 bytes of data:
Reply from 216.58.198.78: bytes=32 time=14ms TTL=57
Reply from 216.58.198.78: bytes=32 time=13ms TTL=57

Ping statistics for 216.58.198.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 14ms, Average = 13ms
Server:  ie-dub01a-dns02.upc.ie
Address:  89.101.160.5

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=160ms TTL=51
Reply from 98.138.253.109: bytes=32 time=149ms TTL=51

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 149ms, Maximum = 160ms, Average = 154ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 21 86 1d f0 52 ......Intel® 82567LM-3 Gigabit Network Connection
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.10     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.10    266
     192.168.0.10  255.255.255.255         On-link      192.168.0.10    266
    192.168.0.255  255.255.255.255         On-link      192.168.0.10    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.10    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.10    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    266 fe80::/64                On-link
 10    266 fe80::c158:4822:d16b:5a7f/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/13/2016 08:17:51 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (01/13/2016 08:17:51 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (01/13/2016 02:41:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Instantiating VSS server

Error: (01/12/2016 09:19:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/13/2016 08:11:10 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 08:00:59 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 07:50:48 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 07:40:37 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 07:30:26 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 07:20:15 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 07:10:04 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 07:03:27 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 07:03:17 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058

Error: (01/13/2016 06:59:53 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (01/13/2016 08:17:51 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/13/2016 08:17:51 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/13/2016 02:41:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/13/2016 01:35:47 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Instantiating VSS server

Error: (01/12/2016 09:19:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2015-01-25 19:17:06.900
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-25 19:17:06.791
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-25 19:17:06.675
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-25 19:17:06.565
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-25 18:52:43.316
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-25 18:52:43.207
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-25 18:52:43.090
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-25 18:52:42.981
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\TC UP\PLUGINS\Media\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Breakaway Audio Enhancer (HKLM-x32\...\BreakawayPersonalForWindows) (Version:  - )
Clipboard Manager (HKLM-x32\...\{F1D6452D-4F52-4E6C-97A5-9DC54041FED0}) (Version: 1.0.0 - Frens)
Create Multiple Files From Text File List Software (HKLM-x32\...\Create Multiple Files From Text File List Software_is1) (Version:  - Sobolsoft)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 1.97 - NCH Software)
FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
GoldWave v6.15 (HKLM\...\GoldWave v6.15) (Version: 6.15 - GoldWave Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Kobo (HKLM-x32\...\Kobo) (Version: 3.15.0 - Rakuten Kobo Inc.)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
LAV Filters 0.59.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.59.1 - Hendrik Leppkes)
Light Alloy 4.8.8 (build 2038) (HKLM-x32\...\Light Alloy) (Version: 4.8.8 (build 2038) - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Browser DVD/BD Image System Support Package (HKLM\...\pfm-license-mediabrowser.txt) (Version:  - )
MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)
NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
NTREGOPT 1.1j (HKLM-x32\...\NTREGOPT_is1) (Version:  - Lars Hederer)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Pale Moon 25.8.1 (x86 en-US) (HKLM-x32\...\Pale Moon 25.8.1 (x86 en-US)) (Version: 25.8.1 - Moonchild Productions)
Potplayer (HKLM-x32\...\PotPlayer) (Version:  - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
R-Studio 7.1 (HKLM-x32\...\R-Studio 7.1NSIS) (Version: 7.1.154569 - R-Tools Technology Inc.)
Smart Defrag 4 Pro (HKLM-x32\...\Smart Defrag 4 Pro_is1) (Version: 4.2 - IObit)
STDU Viewer version 1.6.375.0 (HKLM-x32\...\STDU Viewer_is1) (Version: 1.6.375.0 - STDUtility)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander Ultima Prime 6.6 (HKLM-x32\...\TC UP) (Version: 6.6.0.1215 - TC UP Team)
TreePad Lite 4.3 (HKLM-x32\...\TreePadLite4) (Version:  - )
TVMC (HKCU\...\TVMC) (Version:  - TVADDONS.ag)
Txt2fil (HKLM-x32\...\Txt2fil) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinCatalog 2013 (HKLM-x32\...\{94145C48-3CDB-42FA-A8F4-8DAD34A564C5}_is1) (Version: 4.0 - WinCatalog.com)
WinRAR 5.10 beta 4 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Wise Data Recovery 3.82 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.82 - WiseCleaner.com, Inc.)
Zona (HKLM-x32\...\Zona)) (Version:  - )

========================= Devices: ================================

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 1900.23 MB
Available physical RAM: 1182.48 MB
Total Virtual: 3800.47 MB
Available Virtual: 2320.75 MB

========================= Partitions: =====================================

1 Drive b: (tcup) (Fixed) (Total:698.64 GB) (Free:1.45 GB) NTFS
2 Drive c: () (Fixed) (Total:148.95 GB) (Free:8.29 GB) NTFS
3 Drive d: (wallander (brana) (CDROM) (Total:4.16 GB) (Free:0 GB) CDFS
4 Drive f: ((H)) (Fixed) (Total:232.83 GB) (Free:7.38 GB) FAT32
5 Drive h: () (Fixed) (Total:931.51 GB) (Free:2.09 GB) NTFS
6 Drive i: (prog files) (Fixed) (Total:931.51 GB) (Free:6.02 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-PC

Administrator            Guest                    User                     

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================


**** End of log ****
 

Link to post
Share on other sites

okay, the problem was that I had Avast still running while eset was sownloading it's database.

I turnned it off, and everything worked fine.

 

here is the eset log

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f52b15f753a6834581324b5b81153459
# end=init
# utc_time=2016-01-12 09:19:20
# local_time=2016-01-12 09:19:20 (+0000, GMT Standard Time)
# country="Ireland"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f52b15f753a6834581324b5b81153459
# end=init
# utc_time=2016-01-13 02:45:40
# local_time=2016-01-13 02:45:40 (+0000, GMT Standard Time)
# country="Ireland"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 27626
Update Init
Update Download
Update Finalize
Updated modules version: 27629
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f52b15f753a6834581324b5b81153459
# end=updated
# utc_time=2016-01-13 08:32:27
# local_time=2016-01-13 08:32:27 (+0000, GMT Standard Time)
# country="Ireland"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f52b15f753a6834581324b5b81153459
# engine=27629
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-01-14 01:22:48
# local_time=2016-01-14 01:22:48 (+0000, GMT Standard Time)
# country="Ireland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=782 16777213 71 94 3571085 59243374 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 1511566 205199618 0 0
# scanned=411506
# found=18
# cleaned=0
# scan_time=17417
sh=542D6E34EBD95C4000121E67E70EE00B0BA2C2C8 ft=1 fh=83920c181fa8a99c vn="Win32/ZvuZona.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\zona\plugins\zupdater\ZonaUpdater.exe.vir"
sh=4B898B05DB9E603FDA67FCEA700DB6773CC9402C ft=1 fh=acfae6a1968281b8 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\unlocker-setup.exe"
sh=11625ED786034F0FDC98E2CCCC1AE45DC174A94D ft=1 fh=ed438e1c18af58b5 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\ExpressRip\expressrip.exe"
sh=F8B9E4E30159C0B5AB40B61454D349F3DEE641AF ft=1 fh=9d66e76b38f200a7 vn="a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application" ac=I fn="C:\Program Files (x86)\NCH Software\ExpressRip\expressripsetup_v1.97.exe"
sh=02D28237F6DDB632C00C1B898F7AA807BFBDB67F ft=1 fh=4eadd020729affce vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Users\User\AppData\LocalLow\Sun\Java\jre1.7.0_51\java_sp.dll"
sh=32E0D988BA9FD6C202933CC91C383E7FEE2C58A6 ft=1 fh=c71c00119277150a vn="Win32/Muter.A potentially unsafe application" ac=I fn="C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\t3a5jlio.default\extensions\muter@yxl.name\modules\ctypes-binary\MuterHook-32.dll"
sh=0969CB4081F300BCA837B6AA18BC7B2A32C1145B ft=1 fh=d0d6ceac5381aefb vn="a variant of Win64/Muter.A potentially unsafe application" ac=I fn="C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\t3a5jlio.default\extensions\muter@yxl.name\modules\ctypes-binary\MuterHook-64.dll"
sh=030E9556494C2784F301FAB8708E224C0E444106 ft=1 fh=f7783894cc13cc4e vn="a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application" ac=I fn="H:\found.003\dir0000.chk\SIW\siw.exe"
sh=C0AC081667B5D61EED545A4451198CDA3ED76C30 ft=1 fh=964bc8e3d125fb49 vn="a variant of Win32/OpenCandy.A potentially unsafe application" ac=I fn="H:\loose exes\FreeWebMVideoConverter.exe"
sh=030E9556494C2784F301FAB8708E224C0E444106 ft=1 fh=f7783894cc13cc4e vn="a variant of Win32/RemoteAdmin.RemoteExec.AA potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Media\SIW\siw.exe"
sh=E16EAC79F4BEA4FE848BC5248A59765D1939A76B ft=1 fh=addc85385e5ed3b0 vn="a variant of Win32/Server-Web.HFS.A potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Tools\HFS\hfs.exe"
sh=2BE6486F0E355489D9F2E5DA9C28875D830B81F0 ft=1 fh=11e72b199049b7ba vn="Win32/PSWTool.SnadBoy.2011 potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Tools\Revelation\Revelation.exe"
sh=F937D3B2409F2D8C32C12E2F3F3CF8996B1DFCD3 ft=1 fh=ffbb1f6f3b7918a6 vn="Win32/PSWTool.SnadBoy.2011 potentially unsafe application" ac=I fn="H:\Program Files (x86)\TC UP\PLUGINS\Tools\Revelation\RevelationHelper.dll"
sh=C89865B729E1F6027A461E7B48CFA68A54590A2D ft=1 fh=30a236b0a4800cbe vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="I:\program files\Avira\AntiVir Desktop\apnic.dll"
sh=FDC2005CED8ACF86C68FE1B86B0698D0539E8CE0 ft=1 fh=1aa6a68885750335 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="I:\program files\Avira\AntiVir Desktop\apnstub.exe"
sh=085E2EFA6A258EEC88044241035A37DFF3DE3AE9 ft=1 fh=561b7be0126badba vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="I:\program files\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f52b15f753a6834581324b5b81153459
# end=init
# utc_time=2016-01-14 01:29:50
# local_time=2016-01-14 01:29:50 (+0000, GMT Standard Time)
# country="Ireland"
# osver=6.1.7601 NT Service Pack 1
 

Link to post
Share on other sites

OK, the ESET entries are not malicious per se, the ones listed for C:\ H:\ and I:\ drive are typical free software bundled unwanted extras. Your choice to uninstall or not....

 

A good free, clean program to stop most bundled extras is UnChecky, http://unchecky.com/

 

The Java entry is located to an outdated version, probably a good idea to update java...

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.


 

Upgrading Java:


 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.


 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very Important



Next,

 

To clean up...

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools
       
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
       
  • Reset system settings



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…
 

Next,

 

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin...  busy.gif
 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.