Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost malware message on Avast! Not sure what else to try.


  • Please log in to reply
12 replies to this topic

#1 lurcho

lurcho

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 24 June 2014 - 04:18 AM

Hello. I'm new on this board, and I'd really appreciate some help!

 

Avast signals an alert every ten mnutes to say that malware has been bocked. It always says something ending in 'svchost,.

 

When I check the 'Details', the following comes up:

 

Infekce zablokována
URL hxxp://getinstaal.info/?e=svon&cht=2&dcu=1&cpatch=2&dcs=1&pf=1&publisher=714&dd=4&country=GB&ind=1218507681100175637&exid=1403559918432850567&ssd=5705138279865466979&hid=18284283606151802211&osid=603&channel=0&sfx=1&jc=1&category_name=SaveOn2&install_date=20130623 Infection URL:Mal

Sometimes the URL is slightly different.

 

I've tried ADW Cleaner, RKill, TDSSKiller, and Malwarebytes Anti Root-Kit, but they seem to detect nothing wrong.

 

I'd appreciate any tips on this particular case.



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:45 AM

Posted 24 June 2014 - 05:02 AM

Hello and Welcome -

 

The programs you listed also create logs, so can you please Copy and Paste them here.

Copies of these should be on your desktop and named as such.

 

 

First -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

 

 

Next -

* Download Malwarebytes Anti-Malware Free and save it to your desktop
* Follow the normal install prompts as there are no hidden extras in the download.
* Select I accept the agreement then continue to click Next then finally click Install
** Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
* If you are notified the Database is out of date click Update Now
* Click Scan Now >>
----------

** Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
* Click Start (Start, Search, All files and folders for Windows XP) then type mbam
* Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com
----------

** When completed click the down arrow on Export Log and select Text file (*.txt)
* Save the file to your desktop as MBAM
* Click Apply Actions then restart your computer if requested
* Copy and past the contents of MBAM.txt in your reply



#3 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:45 PM

Posted 24 June 2014 - 05:36 AM

162.210.193.209 getinstaal.info  at VirusTotal lists numerous adware and malware downloads from that IP address.

Antivirus scan for 2652fece517dc139505db74a77739e8c912993e27275c384e89ddfaf72805482 at 2014-06-04 08:38:01 UTC - VirusTotal

 

You may have recently downloaded a free program or add-on for your browser(s) that is attempting to reach that address. 

 

Use Ccleaner to remove ad/ tracking cookies, temporary files, logs, etc. Pay close attention while installing and UNcheck

any offers of toolbars. Use the default settings. No need to use the Registry cleaning tool as it could cause a problem.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • Scan using the online ESET scanner.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • download MiniToolBox, save it to your desktop and run it.
    Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 lurcho

lurcho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 24 June 2014 - 07:21 AM

Scans are in progress, taking a little time!



#5 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:45 PM

Posted 24 June 2014 - 07:56 AM

Eset can take 1 or more hours....depending on computer resources and the amount and size of files on the hdd.

We'll keep a light on for ya...:)


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 lurcho

lurcho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 24 June 2014 - 08:28 AM

Hiya, guys. Thanks for your assistance so far.

 

I'm afraid one or two of the logs seemt have been deleted last night, but here are the majority. I collected them onto a Word doc and then cut from there to here. Hope that's all right.

 

The problem persists to date.

 

Results of screen317's Security Check version 0.99.85 

   x64 (UAC is enabled) 

 Internet Explorer 11 

``````````````Antivirus/Firewall Check:``````````````

 Windows Firewall Enabled! 

Windows Defender  

avast! Antivirus  

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:`````````

 Java 7 Update 60 

 Google Chrome 35.0.1916.114 

 Google Chrome 35.0.1916.153 

````````Process Check: objlist.exe by Laurent```````` 

 AVAST Software Avast AvastSvc.exe 

 AVAST Software Avast avastui.exe 

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C:  %

````````````````````End of Log``````````````````````

 


 

 

 

Rkill 2.6.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about Rkill can be found at this link:

 http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 06/24/2014 03:45:24 AM in x64 mode.

Windows Version: Windows 8.1

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * No malware processes found to kill.

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * Windows Defender Disabled

 

   [HKLM\SOFTWARE\Microsoft\Windows Defender]

   "DisableAntiSpyware" = dword:00000001

 

Checking Windows Service Integrity:

 

 * MsKeyboardFilter [Missing Service]

 * CSC [Missing Service]

 * E1G60 [Missing Service]

 * kbldfltr [Missing Service]

 * storvsp [Missing Service]

 * Vid [Missing Service]

 * vmbusr [Missing Service]

 * vpcivsp [Missing Service]

 

Searching for Missing Digital Signatures:

 

 * No issues found.

 

Checking HOSTS File:

 

 * No issues found.

 

Program finished at: 06/24/2014 03:48:05 AM

Execution time: 0 hours(s), 2 minute(s), and 40 seconds(s)

 


 

 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1012

www.malwarebytes.org

 

Database version: v2014.06.24.03

 

Windows 8.1 x64 NTFS

Internet Explorer 11.0.9600.17126

Martin :: MARTIN2 [administrator]

 

24/06/2014 04:35:55

mbar-log-2014-06-24 (04-35-55).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled:

Objects scanned: 276273

Time elapsed: 50 minute(s), 32 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1012

www.malwarebytes.org

 

Database version: v2014.06.24.03

 

Windows 8.1 x64 NTFS

Internet Explorer 11.0.9600.17126

Martin :: MARTIN2 [administrator]

 

24/06/2014 04:35:55

mbar-log-2014-06-24 (04-35-55).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled:

Objects scanned: 276273

Time elapsed: 50 minute(s), 32 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)


 

 

MiniToolBox by Farbar  Version: 20-06-2014

Ran by Martin (administrator) on 24-06-2014 at 14:23:19

Running from "C:\Users\Martin\Desktop"

Microsoft Windows 8.1  (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

 

 

 

========================= IP Configuration: ================================

 

Qualcomm Atheros AR956x Wireless Network Adapter = WiFi (Connected)

Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)

Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Bluetooth Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : Martin2

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : Home

 

Ethernet adapter Bluetooth Network Connection 2:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2

   Physical Address. . . . . . . . . : 40-F0-2F-6B-15-FB

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Local Area Connection* 3:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter

   Physical Address. . . . . . . . . : 12-F0-2F-6A-B4-5D

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter WiFi:

 

   Connection-specific DNS Suffix  . : Home

   Description . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter

   Physical Address. . . . . . . . . : 40-F0-2F-6A-B4-5D

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::e98a:a3f8:7152:5872%4(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 24 June 2014 03:08:42

   Lease Expires . . . . . . . . . . : 25 June 2014 11:25:43

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 121696303

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-3C-85-C1-0C-54-A5-4F-98-55

   DNS Servers . . . . . . . . . . . : 192.168.0.1

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Ethernet:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : CN02.com

   Description . . . . . . . . . . . : Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)

   Physical Address. . . . . . . . . : 0C-54-A5-4F-98-55

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

Server:  SkyRouter.Home

Address:  192.168.0.1

 

Name:    google.com

Addresses:  2a00:1450:4009:808::1005

              173.194.41.142

              173.194.41.134

              173.194.41.132

              173.194.41.130

              173.194.41.131

              173.194.41.129

              173.194.41.128

              173.194.41.137

              173.194.41.135

              173.194.41.133

              173.194.41.136

 

 

Pinging google.com [173.194.41.132] with 32 bytes of data:

Reply from 173.194.41.132: bytes=32 time=432ms TTL=58

Request timed out.

 

Ping statistics for 173.194.41.132:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 432ms, Maximum = 432ms, Average = 432ms

Server:  SkyRouter.Home

Address:  192.168.0.1

 

Name:    yahoo.com

Addresses:  98.138.253.109

              206.190.36.45

              98.139.183.24

 

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=453ms TTL=52

Reply from 206.190.36.45: bytes=32 time=551ms TTL=52

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 453ms, Maximum = 551ms, Average = 502ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

  6...40 f0 2f 6b 15 fb ......Bluetooth Device (Personal Area Network) #2

  5...12 f0 2f 6a b4 5d ......Microsoft Wi-Fi Direct Virtual Adapter

  4...40 f0 2f 6a b4 5d ......Qualcomm Atheros AR956x Wireless Network Adapter

  3...0c 54 a5 4f 98 55 ......Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)

  1...........................Software Loopback Interface 1

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.3     25

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

      192.168.0.0    255.255.255.0         On-link       192.168.0.3    281

      192.168.0.3  255.255.255.255         On-link       192.168.0.3    281

    192.168.0.255  255.255.255.255         On-link       192.168.0.3    281

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link       192.168.0.3    281

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link       192.168.0.3    281

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

  1    306 ::1/128                  On-link

  4    281 fe80::/64                On-link

  4    281 fe80::e98a:a3f8:7152:5872/128

                                    On-link

  1    306 ff00::/8                 On-link

  4    281 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)

Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)

x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (06/24/2014 00:17:24 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

 

Error: (06/24/2014 00:17:21 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

 

Error: (06/24/2014 00:17:14 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

 

Error: (06/24/2014 00:17:14 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

 

Error: (06/24/2014 00:16:57 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

 

Error: (06/24/2014 02:25:59 AM) (Source: Application Hang) (User: )

Description: The program Explorer.EXE version 6.3.9600.17039 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 9a0

 

Start Time: 01cf8f4782ad3264

 

Termination Time: 0

 

Application Path: C:\Windows\Explorer.EXE

 

Report Id: eaddfbd3-fb3b-11e3-826e-40f02f6b15fb

 

Faulting package full name:

 

Faulting package-relative application ID:

 

Error: (06/24/2014 02:04:23 AM) (Source: Application Hang) (User: )

Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: ad0

 

Start Time: 01cf8f4786aac42c

 

Termination Time: 4294967295

 

Application Path: C:\Windows\system32\backgroundTaskHost.exe

 

Report Id: 79d129c9-fb3b-11e3-826e-40f02f6b15fb

 

Faulting package full name: Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe

 

Faulting package-relative application ID: App

 

Error: (06/23/2014 11:50:47 PM) (Source: Application Error) (User: )

Description: Faulting application name: 27521U~1.EXE, version: 2.21.4.1, time stamp: 0x2a425e19

Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3

Exception code: 0x0eedfade

Fault offset: 0x00011d4d

Faulting process ID: 0xdc0

Faulting application start time: 0x27521U~1.EXE0

Faulting application path: 27521U~1.EXE1

Faulting module path: 27521U~1.EXE2

Report ID: 27521U~1.EXE3

Faulting package full name: 27521U~1.EXE4

Faulting package-relative application ID: 27521U~1.EXE5

 

Error: (06/23/2014 11:21:04 PM) (Source: Application Hang) (User: )

Description: The program Explorer.EXE version 6.3.9600.17039 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 17bc

 

Start Time: 01cf8f2e04181c6c

 

Termination Time: 0

 

Application Path: C:\Windows\Explorer.EXE

 

Report Id: 7d744c80-fb23-11e3-826d-40f02f6b15fb

 

Faulting package full name:

 

Faulting package-relative application ID:

 

Error: (06/23/2014 11:06:54 PM) (Source: Application Hang) (User: )

Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 17e0

 

Start Time: 01cf8f2e072629b0

 

Termination Time: 4294967295

 

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

 

Report Id: add57f34-fb22-11e3-826d-40f02f6b15fb

 

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

 

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

 

 

System errors:

=============

Error: (06/24/2014 11:52:47 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 04:36:41 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 04:28:19 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 03:48:17 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 03:09:06 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 03:08:41 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 03:06:30 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 02:05:38 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 02:00:13 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

Error: (06/24/2014 01:58:49 AM) (Source: Service Control Manager) (User: )

Description: The avast! HardwareID service failed to start due to the following error:

%%127

 

 

Microsoft Office Sessions:

=========================

 

 

=========================== Installed Programs ============================

Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)

Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden

Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden

Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)

Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.239 - Amazon)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)

Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

calibre 64bit (HKLM\...\{8CDE6A53-B721-407E-B59B-9E9E9605BF23}) (Version: 1.39.0 - Kovid Goyal)

CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)

DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)

Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.141 - Google, Inc.)

IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)

Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden

Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden

Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden

Jarte 5.2 (HKLM-x32\...\Jarte_is1) (Version: 5.2 - Carolina Road Software L.L.C.)

Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden

MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )

Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)

Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)

RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)

Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.1 - Synaptics Incorporated)

TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)

TOSHIBA Addendum (x32 Version: 1.00 - TOSHIBA) Hidden

TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)

TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)

TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)

TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)

TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)

TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)

TOSHIBA Password Utility (x32 Version: 3.00.344 - Toshiba Corporation) Hidden

TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)

TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)

TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)

TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)

TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)

Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)

TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)

Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)

Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)

Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)

WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.9 - WildTangent) Hidden

YTD Video Downloader 4.8.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.1 - GreenTree Applications SRL)

 

========================= Devices: ================================

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 66%

Total physical RAM: 3971.27 MB

Available physical RAM: 1344.23 MB

Total Pagefile: 5059.27 MB

Available Pagefile: 1980.57 MB

Total Virtual: 4095.88 MB

Available Virtual: 3974.2 MB

 

========================= Partitions: =====================================

 

1 Drive c: (TI31205500A) (Fixed) (Total:920.8 GB) (Free:778.91 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\MARTIN2

 

Administrator            Guest                    Martin                  

 

========================= Minidump Files ==================================

 

No minidump file found

 

========================= Restore Points ==================================

 

06-06-2014 14:47:01 Installed calibre 64bit

12-06-2014 14:03:58 Windows Update

15-06-2014 15:46:38 Windows Update

18-06-2014 22:46:46 Windows Update

 

**** End of log ****



#7 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:45 PM

Posted 24 June 2014 - 09:27 AM

Did the Eset online scan finish? Did it find anything?

 

Looks like the last program you installed was Calibre. Did you download it from the Calibre website? 

The reason I ask that is because other download sites usually bundle adware with their program downloads.

 

Do you use the Wild Tangent games?

Do you use the Real Networks video player?

 

Look in your Browser(s) add-ons/ extensions/ plugins for anything you did not intentionally install or do not recognize.

 

EDIT: You said....It always says something ending in 'svchost,.

Can you find the file on your computer that it is referring to? If so, have it scanned at VirusTotal - Free Online Virus and Malware Scan


Edited by buddy215, 24 June 2014 - 09:36 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 lurcho

lurcho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 24 June 2014 - 10:12 AM

Sorry, Thought the ESET report was in there. Here it is:

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dll.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dll.vir probably a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialsrv.exe.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll.vir a variant of Win32/Toolbar.Montiera.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll.vir a variant of Win32/Toolbar.Escort.A potentially unwanted application deleted - quarantined
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000bc a variant of Win32/AdWare.MultiPlug.R application cleaned by deleting - quarantined
C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 Win32/InstalleRex.M potentially unwanted application deleted - quarantined
C:\Users\Martin\AppData\Local\Temp\optprosetup.exe multiple threats cleaned by deleting - quarantined
C:\Users\Martin\AppData\Local\Temp\3505609.Uninstall\uninstaller.exe Win32/InstallCore.PC potentially unwanted application deleted - quarantined
C:\Users\Martin\AppData\Local\Temp\611203.Uninstall\uninstaller.exe Win32/InstallCore.PC potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Applications\DownloadApp_1_6_6_175f_Setup.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Applications\Open OfficeSetup.exe a variant of Win32/InstallCore.JO potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Applications\YTDSetup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\FreeYouTubeDownloaderInstallerIC.exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\Applications\7ZipSetup.exe Win32/Somoto.A potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\Applications\FreeYouTubeDownloaderInstallerIC.exe Win32/InstallCore.BL potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\Applications\YTDSetup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\Applications\ZipOpenerSetup (1).exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\Applications\ZipOpenerSetup.exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\DESKTOP\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\DESKTOP\Recent Miscellany - March 2013\pagenestfree.exe Win32/DownWare.W potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\DESKTOP\Recent Miscellany - March 2013\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\February 2014\VideoConverterSetup.exe a variant of Win32/InstallCore.JN potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Desktop\January 2014\cbsidlm-cbsi145-Free_PDF_to_Word-ORG-75732609.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\FreeYouTubeDownloaderInstallerIC.exe Win32/InstallCore.BL potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\fvd-converter-release.exe a variant of Win32/InstallIQ potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder\13_steps_mentalism_tony_corinda_pdf_downloader.exe a variant of Win32/ExpressFiles potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder\jZipV1.exe probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder\winzip160.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder (3)\13_steps_to_mentalism_complete_pdf_downloader_352.exe a variant of Win32/YourFileDownloader potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder (3)\Corinda_13_Steps_To_Mentalism_DVDs_downloader_98818.exe a variant of Win32/YourFileDownloader potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder (3)\WinZip170 (1).exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder (3)\WinZip170.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Downloads\New folder (4)\New folder (3)\YTDSetup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\FreeYouTubeDownloaderInstallerIC.exe Win32/InstallCore.BL potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\fvd-converter-release.exe a variant of Win32/InstallIQ potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder\13_steps_mentalism_tony_corinda_pdf_downloader.exe a variant of Win32/ExpressFiles potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder\jZipV1.exe probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder\winzip160.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder (3)\13_steps_to_mentalism_complete_pdf_downloader_352.exe a variant of Win32/YourFileDownloader potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder (3)\Corinda_13_Steps_To_Mentalism_DVDs_downloader_98818.exe a variant of Win32/YourFileDownloader potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder (3)\WinZip170 (1).exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder (3)\WinZip170.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\Italix and other samples\Downloads\New folder (4)\New folder (3)\YTDSetup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\RECOVERED DATA\My Documents\Downloads\cole2k.media.-.codec.pack.v7.9.1.-advanced-.setup.exe Win32/Toolbar.Widgi potentially unwanted application deleted - quarantined
C:\Users\Martin\Desktop\Dropbox Contents to 25.4.14\RECOVERED DATA\My Documents\Downloads\FinalTorrent2010Setup.exe a variant of Win32/InstallIQ.A potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\FreeYouTubeDownloaderInstallerIC.exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\Applications\7ZipSetup.exe Win32/Somoto.A potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\Applications\FreeYouTubeDownloaderInstallerIC.exe Win32/InstallCore.BL potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\Applications\YTDSetup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\Applications\ZipOpenerSetup (1).exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\Applications\ZipOpenerSetup.exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\DESKTOP\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\DESKTOP\Recent Miscellany - March 2013\pagenestfree.exe Win32/DownWare.W potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\DESKTOP\Recent Miscellany - March 2013\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\February 2014\VideoConverterSetup.exe a variant of Win32/InstallCore.JN potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Desktop\January 2014\cbsidlm-cbsi145-Free_PDF_to_Word-ORG-75732609.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\Video_Converter_TSV1BSII.exe a variant of Win32/Toolbar.Conduit.AB potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\FreeYouTubeDownloaderInstallerIC.exe Win32/InstallCore.BL potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\fvd-converter-release.exe a variant of Win32/InstallIQ potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder\13_steps_mentalism_tony_corinda_pdf_downloader.exe a variant of Win32/ExpressFiles potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder\jZipV1.exe probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder\winzip160.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder (3)\13_steps_to_mentalism_complete_pdf_downloader_352.exe a variant of Win32/YourFileDownloader potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder (3)\Corinda_13_Steps_To_Mentalism_DVDs_downloader_98818.exe a variant of Win32/YourFileDownloader potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder (3)\WinZip170 (1).exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder (3)\WinZip170.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\Downloads\New folder (4)\New folder (3)\YTDSetup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\RECOVERED DATA\My Documents\Downloads\cole2k.media.-.codec.pack.v7.9.1.-advanced-.setup.exe Win32/Toolbar.Widgi potentially unwanted application deleted - quarantined
C:\Users\Martin\Dropbox\RECOVERED DATA\My Documents\Downloads\FinalTorrent2010Setup.exe a variant of Win32/InstallIQ.A potentially unwanted application deleted - quarantined
 
To answer your questions: I never (intentionally) download or play games. I do use Real Networks. I think I downloaded Calibre a couple of weeks ago...
 
Perhaps the dodgiest thing I did recently was, having bought an Adobe Digital edfition ebook from a South African bookstore called Kalahari yesterday, to have then downloaded a couple of programs to remove the DRM in order to transfer the ebook to Kindle. 
 
I scanned theb htt....getmeegan.info address in that last thing you mentioned, and it came up as mostly clean, with three reported dodgy.
 
Not sure I've done that right, I'm afraid. I'm utterly out of my depth.


#9 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:45 PM

Posted 24 June 2014 - 11:46 AM

From what I see in Eset's log and your comments on some risky downloads, I suggest you start another topic following the

directions for posting a DDS log in the new topic in Virus, Trojan, Spyware, and Malware Removal Logs

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help - Virus, Trojan, Spyware, and Malware Removal Logs

 

Once you have posted the new topic including the DDS log and a link to this topic, do not bump your topic until

one of the members there has responded. Not sure of how long it will take for a response. But it will be worth waiting for.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 lurcho

lurcho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 24 June 2014 - 12:35 PM

I get the message, "DDS will not run in compatability mode". Sorry, but I don't know what that means.



#11 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:45 PM

Posted 24 June 2014 - 03:13 PM

It could be that DDS is still not compatible with Windows 8.1.

 

Go ahead and open the new topic. Note the warning you get when attempting to use DDS.

Include what Eset found and removed.


Edited by buddy215, 24 June 2014 - 03:16 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 lurcho

lurcho
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 24 June 2014 - 03:23 PM

Thanks very much for all your help.



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:45 AM

Posted 24 June 2014 - 07:16 PM

The problems of lurcho seem to be fixed for now.

 

Please start a new topic if you have more problems -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users