Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 35
  1. #21
    Member Arbfarkle's Avatar
    Join Date
    Jan 2003
    Location
    Houston Texas
    Posts
    237
    Points
    9

    Default

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-12-2014 01
    Ran by Alex at 2014-12-22 18:21:16 Run:1
    Running from C:\Users\Alex\Desktop
    Loaded Profiles: Alex & Administrator (Available profiles: Alex & Administrator)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    start
    CloseProcesses:
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    FF SearchEngineOrder.1: Search By ZoneAlarm
    2014-12-18 17:55 - 2014-12-18 17:55 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Alex\Downloads\SpyHunter-Installer.exe
    AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    CMD: bitsadmin /reset /allusers
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset catalog
    Host:
    Emptytemp:
    reboot:
    end
    *****************

    Processes closed successfully.
    "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    Firefox SearchEngineOrder.1 deleted successfully.
    C:\Users\Alex\Downloads\SpyHunter-Installer.exe => Moved successfully.
    C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
    C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.5.7601 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    {4EEEF354-1D42-4C0F-B444-CF23E09D75DE} canceled.
    1 out of 1 jobs canceled.

    ========= End of CMD: =========


    ========= netsh int ipv4 reset =========

    Reseting Global, OK!
    Reseting Interface, OK!
    Restart the computer to complete this action.


    ========= End of CMD: =========


    ========= netsh int ipv6 reset =========

    Reseting Interface, OK!
    Restart the computer to complete this action.


    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========


    ========= netsh winsock reset catalog =========


    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.


    ========= End of CMD: =========

    Host: => Error: No automatic fix found for this entry.
    EmptyTemp: => Removed 28.5 MB temporary data.


    The system needed a reboot.

    ==== End of Fixlog 18:21:17 ====

  2. #22
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,188
    Points
    1308

    Default

    Hello,

    Go to this site and run the "fix it for me", this will reset the host file. I tried to do it but it failed, may have forgot the s on hosts...

    How can I reset the Hosts file back to the default?

    Let me know you have done that
    Last edited by zep516; 12-22-2014 at 08:07 PM.

  3. The Following User Says Thank You to zep516 For This Useful Post:


  4. #23
    Member Arbfarkle's Avatar
    Join Date
    Jan 2003
    Location
    Houston Texas
    Posts
    237
    Points
    9

    Default

    Okay I can now go to the tax site.

  5. #24
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,188
    Points
    1308

    Default

    Hold on,

    Hello,

    Need to see 2 logs

    Open FRST


    Place a check in the additions.txt box
    Now click on scan.

    Post in your next reply.
    • FRST.txt
    • Additions.txt

  6. The Following User Says Thank You to zep516 For This Useful Post:


  7. #25
    Member Arbfarkle's Avatar
    Join Date
    Jan 2003
    Location
    Houston Texas
    Posts
    237
    Points
    9

    Default

    For Windows XP or for Windows Server 2003

    # Copyright (c) 1993-1999 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com # source server
    # 38.25.63.10 x.acme.com # x client host

    127.0.0.1 localhost

  8. #26
    Member Arbfarkle's Avatar
    Join Date
    Jan 2003
    Location
    Houston Texas
    Posts
    237
    Points
    9

    Default

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01
    Ran by Alex at 2014-12-22 19:18:53
    Running from C:\Users\Alex\Desktop\Unused
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
    AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
    AM-DeadLink 4.6 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.6 - WebSite-Watcher - Software to check websites for updates and changes (web page monitoring))
    Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
    Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
    Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
    Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
    Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    FileSearchEX (HKLM-x32\...\FileSearchEX) (Version: 1.0.9.3 - GOFF Concepts LLC)
    Hoyle Card Games 2012 (HKLM-x32\...\{01709BCA-8553-4B46-8A75-DBCCAC95DD62}) (Version: 1.1.1 - Encore Software, Inc.)
    HP Connected Music (Meridian - player) (HKU\S-1-5-21-103851785-592650043-581270036-1000\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
    HP Support Solutions Framework (HKLM-x32\...\{69FD2930-C361-47F6-822E-71B021526778}) (Version: 11.50.0015 - Hewlett-Packard Company)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
    NVIDIA Graphics Driver 311.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.10 - NVIDIA Corporation)
    NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
    QBeez (HKLM-x32\...\QBeez) (Version: - )
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    22-12-2014 14:49:49 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2014-12-22 19:10 - 2014-12-22 19:10 - 00449892 ____R C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 Gadgets And More
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {032576CC-6AB8-463C-82DB-D32C1EF9D0D8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-103851785-592650043-581270036-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
    Task: {079D1AA9-FAF6-4048-8A10-71491D3EFB30} - System32\Tasks\{AE9C2B13-EB5D-4A8A-A99B-6839B05BAA8C} => pcalua.exe -a "C:\Program Files (x86)\shockwave.com\QBeez\QBz.exe" -d C:\Users\Alex\Desktop
    Task: {08EA0A76-3F34-4404-AEF2-F0C85C9B29C5} - System32\Tasks\{AC53272D-AC77-4B18-B2D6-E9A5C6D387D6} => C:\SIERRA\HOYLECG\AUTOPLAY.EXE
    Task: {17D9D1F7-A492-4575-8B60-BF2291BA7C0B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {1CCFCFBE-1202-4690-8D63-3F58C1899CAA} - System32\Tasks\{2934CA0F-A8E2-4D59-95E7-1A1CF75E46BF} => pcalua.exe -a E:\sp61665.exe -d E:\
    Task: {2281A693-7274-477C-8441-D8F41F27AEBB} - System32\Tasks\{8C2D0B9E-616A-43A4-9F7C-E72E82A3D859} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24K99EIW\sp57873[1].exe" -d C:\Users\Alex\Desktop
    Task: {387ECB64-F7A6-4CAA-B8E4-7D52D6E8318F} - System32\Tasks\{C5A92A12-6928-459D-B829-247D28751832} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UVI43PK7\SetupBtwDownloadSE.exe" -d C:\Users\Alex\Desktop
    Task: {4D57D3C0-2937-4699-8A07-375CAD1C1959} - System32\Tasks\{77BEBDC2-5849-4459-AA15-89B7710BC689} => pcalua.exe -a "C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|16.0
    Task: {551D185A-1709-4E76-AFF1-52CFD4BFDBE2} - System32\Tasks\{FEB3E3E6-47C6-4796-AC13-993563A57D44} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24K99EIW\sp42298[1].exe" -d C:\Users\Alex\Desktop
    Task: {573A42EC-96F6-4666-A1D3-3F2D10B99A61} - System32\Tasks\{5788AB90-BC75-4273-BF11-4C21F341E2AD} => C:\SIERRA\HOYLECG\AUTOPLAY.EXE
    Task: {67621784-102F-40C7-8E5A-67FD2778DB51} - System32\Tasks\{B4515006-B4FC-4067-ACE4-BC549EB9991A} => C:\SIERRA\HOYLECG\AUTOPLAY.EXE
    Task: {76B3229F-F690-4874-802F-40944DF6ED1B} - System32\Tasks\{87B56749-02D4-48A8-A55C-9925D0A405F8} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB1H0DGE\sp61856.exe" -d C:\Users\Alex\Desktop
    Task: {A63D0435-4B90-400C-8A69-B45C7295A4AE} - System32\Tasks\{2B84B0C1-765B-49F7-AEA9-393DE61735FE} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UVI43PK7\MEI_allOS_8.1.0.1252_PV.exe" -d C:\Users\Alex\Desktop
    Task: {AF171136-43FB-44BD-A5A0-BB6F7C87908C} - System32\Tasks\{E57B62BF-C25E-463C-AAA2-2F7530B0D99A} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24K99EIW\sp61899[1].exe" -d C:\Users\Alex\Desktop
    Task: {B4825896-8EEF-4477-93E0-DA7952AB3ED5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-103851785-592650043-581270036-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
    Task: {DD690192-C704-4C48-A408-51A866E88404} - System32\Tasks\{B8D3B5DB-84B4-4BD4-94E3-74AB47263CA2} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CWW3BYFP\sp47902[1].exe" -d C:\Users\Alex\Desktop
    Task: {E911F716-70C9-4A5E-8527-8E7B5DA97034} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
    Task: {F00DE0DB-FB60-4993-91AE-A617F7415C13} - System32\Tasks\{ACBDC54E-58EC-4281-831A-1A575C47F4BE} => C:\SIERRA\HOYLECG\AUTOPLAY.EXE
    Task: {F2651504-47B9-4FCF-93C4-31C00202123E} - System32\Tasks\{23E45D98-96CD-4456-A6FD-CDAE1C0A46BC} => C:\SIERRA\HOYLECG\AUTOPLAY.EXE
    Task: {F4107118-BCDF-48FE-8BCA-ABCD16F0EF7D} - System32\Tasks\{52E25541-973C-4E84-9378-307DAFA1CD6E} => C:\SIERRA\HOYLECG\AUTOPLAY.EXE
    Task: {F8F47C5F-F1AE-48AC-BA60-CF869F5B8082} - System32\Tasks\{72B192D6-80AD-4057-9D2F-A7952E3DBAAB} => pcalua.exe -a "C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CWW3BYFP\sp45137[1].exe" -d C:\Users\Alex\Desktop

    ==================== Loaded Modules (whitelisted) =============

    2014-04-16 14:12 - 2013-01-24 16:57 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-11-10 09:33 - 2014-11-26 10:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-103851785-592650043-581270036-500 - Administrator - Enabled) => C:\Users\Administrator
    Alex (S-1-5-21-103851785-592650043-581270036-1000 - Administrator - Enabled) => C:\Users\Alex
    Guest (S-1-5-21-103851785-592650043-581270036-501 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Performance Counters
    Description: Performance Counters
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: BCM20702A0
    Description: BCM20702A0
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Performance Counters
    Description: Performance Counters
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Performance Counters
    Description: Performance Counters
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Performance Counters
    Description: Performance Counters
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: System Interrupt Controller
    Description: System Interrupt Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Base System Device
    Description: Base System Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/22/2014 06:33:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/22/2014 06:23:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/22/2014 02:40:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/22/2014 08:21:28 AM) (Source: SideBySide) (EventID: 63) (User: )
    Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
    The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

    Error: (12/22/2014 07:12:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/21/2014 07:11:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/20/2014 00:17:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/20/2014 00:08:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/20/2014 06:37:51 AM) (Source: SideBySide) (EventID: 63) (User: )
    Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
    The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

    Error: (12/20/2014 06:18:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (12/22/2014 06:58:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.

    Error: (12/22/2014 06:33:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Diagnostic Service Host service hung on starting.

    Error: (12/22/2014 06:31:40 PM) (Source: Application Popup) (EventID: 56) (User: )
    Description: Driver USB returned invalid ID for a child device (0).

    Error: (12/22/2014 06:31:36 PM) (Source: Application Popup) (EventID: 56) (User: )
    Description: Driver PCI returned invalid ID for a child device (080028000020000000).

    Error: (12/22/2014 06:21:59 PM) (Source: Application Popup) (EventID: 56) (User: )
    Description: Driver USB returned invalid ID for a child device (0).

    Error: (12/22/2014 06:21:55 PM) (Source: Application Popup) (EventID: 56) (User: )
    Description: Driver PCI returned invalid ID for a child device (080028000020000000).

    Error: (12/22/2014 06:21:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (12/22/2014 06:21:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

    Error: (12/22/2014 06:21:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (12/22/2014 06:21:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The HP Support Solutions Framework Service service terminated unexpectedly. It has done this 1 time(s).


    Microsoft Office Sessions:
    =========================
    Error: (12/22/2014 06:33:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/22/2014 06:23:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/22/2014 02:40:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/22/2014 08:21:28 AM) (Source: SideBySide) (EventID: 63) (User: )
    Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

    Error: (12/22/2014 07:12:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/21/2014 07:11:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/20/2014 00:17:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/20/2014 00:08:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/20/2014 06:37:51 AM) (Source: SideBySide) (EventID: 63) (User: )
    Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

    Error: (12/20/2014 06:18:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    CodeIntegrity Errors:
    ===================================
    Date: 2014-07-01 00:53:35.342
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:35.295
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:35.249
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:35.186
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:35.124
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:35.077
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:35.030
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:34.968
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:30.444
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.

    Date: 2014-07-01 00:53:30.397
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\SAVE\W8\WINDOWS\explorer.exe because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-3970X CPU @ 3.50GHz
    Percentage of memory in use: 9%
    Total physical RAM: 32695.6 MB
    Available physical RAM: 29732.33 MB
    Total Pagefile: 65389.38 MB
    Available Pagefile: 62037.04 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:238.37 GB) (Free:119.1 GB) NTFS
    Drive f: (Portable Drive) (Fixed) (Total:931.51 GB) (Free:835.01 GB) NTFS
    Drive k: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:1668.01 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5A919681)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 1863 GB) (Disk ID: 7669328E)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 931.5 GB) (Disk ID: 557D8DE1)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

  9. #27
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,188
    Points
    1308

    Default

    That looks lovely, But I need the other 2 logs I asked for. FRST.txt and Additions.txt


    ok got them

  10. #28
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,188
    Points
    1308

    Default

    Where is the FRST. txt log, thought i had but i don't can you post it?

  11. #29
    Member Arbfarkle's Avatar
    Join Date
    Jan 2003
    Location
    Houston Texas
    Posts
    237
    Points
    9

    Default

    As you might have noticed, I have restored a "long" hosts file. This one has the 127 addresses rather than the 0.0.0.0 that was there before I reset to the default hosts file. I thought that that was suspicious when I saw it. Spybot fully immunized this time for the first time in a long time. I often uncheck the global hosts block on Spybot and download a hosts file from a different source.

  12. #30
    Member Arbfarkle's Avatar
    Join Date
    Jan 2003
    Location
    Houston Texas
    Posts
    237
    Points
    9

    Default

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
    Ran by Alex (administrator) on ALEX-PC on 22-12-2014 19:18:42
    Running from C:\Users\Alex\Desktop\Unused
    Loaded Profile: Alex (Available profiles: Alex & Administrator)
    Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
    HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-08-24] (Hewlett-Packard )
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
    HKU\S-1-5-21-103851785-592650043-581270036-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-15] (SUPERAntiSpyware)
    HKU\S-1-5-21-103851785-592650043-581270036-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    HKU\S-1-5-21-103851785-592650043-581270036-1000\...\RunOnce: [Adobe Speed Launcher] => 1419294724

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-103851785-592650043-581270036-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

    FireFox:
    ========
    FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\uy209272.default
    FF SelectedSearchEngine: Startpage HTTPS
    FF Homepage: https://startpage.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\uy209272.default\searchplugins\startpage-https.xml

    Chrome:
    =======

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-01] (Hewlett-Packard Company)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
    S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-22 19:08 - 2014-12-22 19:08 - 00001254 _____ () C:\Users\Alex\Desktop\Spybot - Search & Destroy.lnk
    2014-12-22 19:08 - 2014-12-22 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    2014-12-22 18:55 - 2014-12-22 18:55 - 00000777 _____ () C:\Windows\system32\Drivers\etc\HOSTS.txt
    2014-12-22 17:44 - 2014-12-22 18:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2014-12-22 17:44 - 2014-12-22 17:44 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\SUPERAntiSpyware.com
    2014-12-22 17:44 - 2014-12-22 17:44 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2014-12-22 17:44 - 2014-12-22 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2014-12-20 11:18 - 2014-12-20 11:18 - 00000000 _____ () C:\autoexec.bat
    2014-12-19 06:33 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-19 06:33 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-18 19:01 - 2014-12-22 19:18 - 00000000 ____D () C:\FRST
    2014-12-18 17:29 - 2014-12-18 17:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
    2014-12-18 17:29 - 2014-12-18 17:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Mozilla
    2014-12-16 16:13 - 2014-12-16 16:13 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-13 20:59 - 2014-12-13 20:59 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-12-13 20:53 - 2014-12-13 20:53 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-13 20:29 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-13 20:29 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-12-13 20:28 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-13 20:28 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-13 20:28 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-13 20:28 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-13 20:28 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-13 20:28 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-13 20:28 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-13 20:28 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2014-12-13 20:28 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-13 20:28 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-13 20:28 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-13 20:28 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-13 20:28 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-13 20:28 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-13 20:28 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-13 20:28 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-13 20:28 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-13 20:28 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-13 20:28 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-13 20:28 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-13 20:28 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-13 20:28 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-13 20:28 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-13 20:28 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-13 20:28 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-13 20:28 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-13 20:28 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-13 20:28 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-13 20:28 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-13 20:28 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-13 20:28 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-13 20:28 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-13 20:28 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-13 20:28 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-13 20:28 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-13 20:28 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-13 20:28 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-13 20:28 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-13 20:28 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-13 20:28 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-13 20:28 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-13 20:28 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-13 20:28 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-13 20:28 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-13 20:28 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-13 20:28 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-13 20:28 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-13 20:28 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-13 20:28 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-13 20:28 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-13 20:28 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-13 20:28 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-13 20:28 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-13 20:28 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-13 20:28 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-13 20:28 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-13 20:28 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-13 20:28 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-13 20:28 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-13 20:28 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-13 20:28 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-13 20:28 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-13 20:28 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-13 20:28 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-13 20:28 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-13 20:28 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-13 20:28 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2014-12-13 20:27 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-13 20:27 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-13 20:27 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-13 20:27 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-13 20:27 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-13 20:27 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-13 20:27 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-13 20:27 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-13 20:27 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2014-12-13 20:27 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2014-12-13 20:27 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2014-12-13 20:27 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2014-12-13 20:06 - 2014-12-13 20:06 - 00244104 _____ () C:\Users\Alex\Downloads\Firefox Setup Stub 34.0.5.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-22 19:18 - 2014-05-27 23:18 - 00000000 ____D () C:\Users\Alex\Desktop\Unused
    2014-12-22 19:09 - 2014-08-16 16:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
    2014-12-22 19:08 - 2014-04-22 16:03 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-12-22 18:40 - 2009-07-13 22:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-22 18:40 - 2009-07-13 22:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-22 18:36 - 2014-10-30 14:26 - 01757822 ____N () C:\Windows\WindowsUpdate.log
    2014-12-22 18:35 - 2009-07-13 23:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-22 18:31 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-22 17:35 - 2014-04-22 16:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-22 14:58 - 2014-05-15 12:09 - 11222744 _____ (SurfRight B.V.) C:\Users\Alex\Downloads\HitmanPro_x64.exe
    2014-12-21 07:59 - 2014-04-30 22:32 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
    2014-12-21 07:59 - 2014-04-30 22:28 - 00000000 ____D () C:\ProgramData\TEMP
    2014-12-20 22:15 - 2014-07-10 18:21 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Hoyle Card Games 2012
    2014-12-20 16:08 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-12-20 06:16 - 2014-04-16 18:12 - 00000000 ____D () C:\AdwCleaner
    2014-12-16 16:13 - 2014-04-22 16:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-16 11:53 - 2014-04-29 13:53 - 00000000 ____D () C:\gwsxtra
    2014-12-15 07:56 - 2014-04-16 20:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-12-14 14:27 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
    2014-12-13 20:59 - 2014-11-10 09:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-12-13 20:59 - 2014-04-16 20:26 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-12-13 20:58 - 2014-08-20 20:52 - 00000000 ____D () C:\Users\Alex\AppData\Local\Adobe
    2014-12-13 20:58 - 2014-04-16 22:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-13 20:58 - 2014-04-16 22:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-13 20:56 - 2014-05-01 19:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-12-13 20:53 - 2014-04-29 19:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-13 20:53 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-13 20:53 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-13 20:31 - 2014-05-07 19:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-13 20:30 - 2014-04-16 13:54 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-13 20:29 - 2014-04-16 13:54 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-03 08:33 - 2009-07-13 23:08 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-11-28 20:10 - 2014-07-10 19:26 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Hoyle Blackjack

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-15 11:27

    ==================== End Of Log ============================

Page 3 of 4 FirstFirst 1234 LastLast