Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My AV keeps saying that it is turned off! And it takes time to turn on!


  • This topic is locked This topic is locked
14 replies to this topic

#1 comp_help2014

comp_help2014

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 27 February 2015 - 11:50 AM

Hi,

 

My old topic was 'Am I Infected???' where I posted all the results asked for. The white flag notification shows sometimes that my AV (Avira) is turned off. Am not sure why this is happening. And even when I click on Turn on, it takes time for the cross to go from the white flag. However, my AV application is loaded. Is this an error?

 

Secondly, I can't seem to save Word docs or other docs in C drive. It says its either write protected, or corrupted or full. I then have to save it in My Documents and then copy and paste into C drive. 

 

Thirdly, I have Glasswire and WhoisonmyWifi apps and I have followed all the steps of staying safe on the net like the mac filtering etc. My computer is working pretty fast and even the internet.

 

Please do check if my computer is clean and whether my AV is the best one. I'm using the free software of Avira and so far other than the notification saying that it is turned off, I haven't faced any issues. Sometimes, it says that windows defender is turned off. Please review the logs posted in my previous thread too.

 

Here is the FRST.txt result:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015 01
Ran by NM (administrator) on NM-PC on 27-02-2015 22:00:59
Running from C:\Users\NM\Downloads\Programs
Loaded Profiles: NM (Available profiles: NM)
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\AEstSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(DeviceVM, Inc.) C:\SPLASH.SYS\config\DVMExportService.exe
(SecureMix LLC) C:\Program Files\GlassWire\GWCtlSrv.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
(SecureMix LLC) C:\Program Files\GlassWire\GlassWire.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(SecureMix LLC) C:\Program Files\GlassWire\GWIdlMon.exe
() C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-11-04] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2009-10-12] (IDT, Inc.)
HKLM\...\Run: [HP] => C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe [589104 2009-07-14] (Hewlett-Packard)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-21] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-02] (Hewlett-Packard)
HKLM\...\Run: [WTClient] => C:\Windows\SYSTEM32\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [3G Modem Partner] => [X]
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Run: [Simplify Media] => C:\Program Files\Hp\HP MediaStream\HPMediaStream.exe [21498376 2009-10-23] (Simplify Media, Inc.)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Run: [GlassWire] => C:\Program Files\GlassWire\glasswire.exe [10387752 2014-12-26] (SecureMix LLC)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3890768 2015-02-24] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com/?fr=fp-spt_gen
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com/?fr=fp-spt_gen
HKU\S-1-5-21-551812208-478891508-1572922594-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com/?fr=fp-spt_gen
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-551812208-478891508-1572922594-1000 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-551812208-478891508-1572922594-1000 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL = https://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-551812208-478891508-1572922594-1000 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-551812208-478891508-1572922594-1000: @hola.org/vlc,version=1.6.732 -> C:\Users\NM\AppData\Local\Hola\firefox\app\vlc No File
FF Extension: Avira Browser Safety - C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\Extensions\abs@avira.com [2015-02-04]
FF Extension: Hola Better Internet - C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-25]
FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-01-27]
FF HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NM\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\NM\AppData\Roaming\IDM\idmmzcc5 [2015-02-25]
FF HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NM\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR Profile: C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-24]
CHR Extension: (Avira Browser Safety) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-01]
CHR Extension: (Cisco WebEx Extension) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-02-09]
CHR Extension: (IDM Integration Module) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-02-25]
CHR Extension: (Gmail) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-02-24]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 DvmMDES; C:\SPLASH.SYS\config\DVMExportService.exe [323584 2009-07-09] (DeviceVM, Inc.) [File not signed]
R2 GlassWire; C:\Program Files\GlassWire\GWCtlSrv.exe [6296872 2014-12-26] (SecureMix LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe [221266 2009-10-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 DVMIO; C:\SPLASH.SYS\config\dvmio.sys [17624 2009-09-30] (DeviceVM, Inc.)
R1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [27616 2014-12-25] (SecureMix LLC)
R3 PTSimBus; C:\Windows\System32\DRIVERS\PTSimBus.sys [23208 2009-06-22] (PenTablet Driver)
S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [14504 2009-06-22] (PenTablet Driver)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-05-17] (Anchorfree Inc.)
S3 TClass2k; C:\Windows\System32\DRIVERS\TClass2k.sys [23208 2009-06-22] (Tablet Driver)
S3 UCTblHid; C:\Windows\System32\DRIVERS\UCTblHid.sys [19624 2009-06-22] (Tablet Driver)
S3 WCDMA_Datacard_Usb_Ser; C:\Windows\System32\DRIVERS\WCDMA_Datacard_Usb_Ser.sys [105984 2013-01-15] (QUALCOMM Incorporated)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-27 22:00 - 2015-02-27 22:01 - 00000000 ____D () C:\FRST
2015-02-26 14:45 - 2015-02-26 14:35 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-26 14:34 - 2015-02-26 14:34 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Avira
2015-02-26 14:31 - 2014-11-24 10:23 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-26 14:31 - 2014-11-24 10:23 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-26 14:31 - 2014-11-24 10:23 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-26 14:31 - 2014-11-24 10:23 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2015-02-26 14:24 - 2015-02-27 21:49 - 00000012 ____H () C:\dvmexp.idx
2015-02-26 14:19 - 2015-02-26 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-26 14:19 - 2015-02-26 14:31 - 00000000 ____D () C:\ProgramData\Avira
2015-02-26 14:18 - 2015-02-26 14:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-26 14:18 - 2015-02-26 14:18 - 00000000 ____D () C:\OETemp
2015-02-25 15:54 - 2015-02-27 19:02 - 00000000 ____D () C:\Users\NM\AppData\Roaming\DMCache
2015-02-25 15:54 - 2015-02-26 14:38 - 00000000 ____D () C:\Users\NM\Downloads\Compressed
2015-02-25 15:54 - 2015-02-25 16:17 - 00000000 ____D () C:\Users\NM\Downloads\Video
2015-02-25 15:54 - 2015-02-25 16:10 - 00000000 ____D () C:\Users\NM\AppData\Roaming\IDM
2015-02-25 15:54 - 2015-02-25 15:55 - 00000000 ____D () C:\Program Files\Internet Download Manager
2015-02-25 15:54 - 2015-02-25 15:54 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-02-25 15:54 - 2015-02-25 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-02-25 15:54 - 2015-02-25 15:54 - 00000000 ____D () C:\ProgramData\IDM
2015-02-25 10:24 - 2015-02-25 10:24 - 00000000 ____D () C:\Program Files\ESET
2015-02-25 10:21 - 2015-02-25 10:22 - 02347384 _____ (ESET) C:\Users\NM\Downloads\esetsmartinstaller_enu.exe
2015-02-25 10:10 - 2015-01-09 05:14 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 08:15 - 2015-02-25 08:41 - 00000000 ____D () C:\AdwCleaner
2015-02-25 08:15 - 2015-02-25 08:15 - 02126848 _____ () C:\Users\NM\Downloads\AdwCleaner.exe
2015-02-24 19:11 - 2014-11-29 06:07 - 00115752 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2015-02-24 11:46 - 2015-02-24 11:47 - 00000000 ____D () C:\Users\N\Workouts
2015-02-21 18:18 - 2015-02-21 18:18 - 00000000 ____D () C:\Users\NM\Downloads\Hola
2015-02-21 17:57 - 2015-02-21 17:58 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\NM\Downloads\avira_en_av_5864543412__ws.exe
2015-02-20 05:14 - 2015-02-20 05:14 - 00000000 ____D () C:\Users\N\Miscellaneous
2015-02-20 04:59 - 2015-02-20 05:00 - 02125260 _____ (Foxit Software) C:\Users\NM\Documents\PDFEdit.exe
2015-02-19 14:17 - 2015-02-19 20:40 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Yahoo!
2015-02-19 14:16 - 2015-02-19 14:17 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-02-19 14:16 - 2015-02-19 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2015-02-19 12:43 - 2015-02-19 14:17 - 00000000 ____D () C:\Program Files\Yahoo!
2015-02-17 23:04 - 2015-01-09 08:18 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 23:04 - 2015-01-09 08:18 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 23:04 - 2015-01-09 08:18 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-16 21:27 - 2015-02-16 21:27 - 00000000 ___SD () C:\Program Files\3G - Connect
2015-02-16 21:27 - 2015-02-16 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3G - Connect
2015-02-16 21:27 - 2013-01-15 11:26 - 00105984 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\WCDMA_Datacard_Usb_Ser.sys
2015-02-16 20:46 - 2015-02-27 15:38 - 00000000 ____D () C:\Users\N\ETZ
2015-02-13 18:34 - 2015-01-23 09:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 18:34 - 2015-01-23 08:47 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 22:03 - 2015-01-12 07:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 22:03 - 2015-01-12 07:25 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 22:03 - 2015-01-12 07:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 22:02 - 2015-01-14 10:39 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 22:02 - 2015-01-12 07:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 22:02 - 2015-01-12 07:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 22:02 - 2015-01-12 07:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 22:02 - 2015-01-12 07:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 22:02 - 2015-01-12 07:32 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 22:02 - 2015-01-12 07:30 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 22:02 - 2015-01-12 07:29 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 22:02 - 2015-01-12 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 22:02 - 2015-01-12 07:25 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 22:02 - 2015-01-12 07:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 22:02 - 2015-01-12 07:15 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 22:02 - 2015-01-12 07:06 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 22:02 - 2015-01-12 07:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 22:02 - 2015-01-12 07:03 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 22:02 - 2015-01-12 06:53 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 22:02 - 2015-01-12 06:53 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 22:02 - 2015-01-12 06:53 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 22:02 - 2015-01-12 06:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 22:02 - 2015-01-12 06:44 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 22:02 - 2015-01-12 06:30 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 22:02 - 2015-01-12 06:26 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 22:02 - 2015-01-12 06:25 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 22:01 - 2015-01-12 07:55 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 22:01 - 2015-01-12 07:38 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 21:58 - 2015-01-09 07:15 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 21:57 - 2015-01-15 13:16 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 21:57 - 2015-01-15 13:16 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 21:57 - 2015-01-15 13:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 21:57 - 2015-01-15 13:13 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 21:57 - 2015-01-15 13:12 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 21:57 - 2015-01-15 13:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 21:57 - 2015-01-15 13:12 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 21:57 - 2015-01-15 13:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 21:57 - 2015-01-15 13:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 21:57 - 2015-01-15 13:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 21:57 - 2015-01-15 13:07 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 21:57 - 2015-01-15 09:51 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 21:57 - 2014-12-08 08:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 21:52 - 2015-01-14 11:14 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-11 21:51 - 2015-01-14 11:14 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 21:49 - 2015-02-04 08:24 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 21:49 - 2015-02-04 08:23 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 21:49 - 2014-11-26 09:02 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 21:49 - 2014-10-04 07:12 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 21:49 - 2014-10-04 07:12 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 21:48 - 2015-02-04 08:19 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 21:48 - 2015-01-28 05:06 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 21:48 - 2015-01-10 11:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 21:41 - 2015-01-13 08:19 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 21:41 - 2014-12-12 10:37 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 21:41 - 2014-07-07 07:10 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 21:41 - 2014-07-07 07:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-09 21:05 - 2015-02-25 06:25 - 00000000 ____D () C:\Users\NM\AppData\Roaming\webex
2015-02-09 21:02 - 2015-02-25 06:24 - 00000000 ____D () C:\ProgramData\WebEx
2015-02-05 00:03 - 2015-02-27 22:01 - 00000000 ____D () C:\wifidata
2015-02-05 00:03 - 2015-02-05 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Is On My Wifi
2015-02-05 00:03 - 2015-02-05 00:03 - 00000000 ____D () C:\Program Files\IO3O LLC
2015-02-02 16:40 - 2015-02-02 16:40 - 00000000 ___HD () C:\dvmexp
2015-02-02 06:44 - 2015-02-26 20:08 - 00265838 _____ () C:\Windows\PFRO.log
2015-02-01 23:44 - 2015-02-27 21:49 - 00014750 _____ () C:\Windows\setupact.log
2015-02-01 23:44 - 2015-02-01 23:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-01 20:11 - 2015-02-26 14:31 - 00000000 ____D () C:\Program Files\Avira
2015-02-01 18:14 - 2015-02-01 21:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-28 13:58 - 2015-01-28 13:58 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire 1.0
2015-01-28 13:58 - 2015-01-28 13:58 - 00000000 ____D () C:\Users\NM\AppData\Local\GlassWire
2015-01-28 13:58 - 2014-12-26 14:12 - 00008704 _____ () C:\Windows\system32\Drivers\gwdrv.cat
2015-01-28 13:58 - 2014-12-25 16:58 - 00027616 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys
2015-01-28 13:57 - 2015-01-28 13:58 - 00000000 ____D () C:\Program Files\GlassWire
2015-01-28 13:57 - 2015-01-28 13:57 - 00000000 ____D () C:\ProgramData\GlassWire
2015-01-28 11:30 - 2015-01-28 11:30 - 00000000 _____ () C:\Users\NM\AppData\Local\QSwitch.txt
2015-01-28 11:30 - 2015-01-28 11:30 - 00000000 _____ () C:\Users\NM\AppData\Local\DSwitch.txt
2015-01-28 11:30 - 2015-01-28 11:30 - 00000000 _____ () C:\Users\NM\AppData\Local\AtStart.txt
2015-01-28 11:29 - 2015-02-26 14:24 - 00000000 ____D () C:\temp
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-27 22:04 - 2014-05-12 13:59 - 00000000 ____D () C:\Users\N\SCF - The Cross
2015-02-27 21:48 - 2014-12-15 15:10 - 01307652 _____ () C:\Windows\WindowsUpdate.log
2015-02-27 21:48 - 2009-07-14 10:04 - 00014432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-27 21:48 - 2009-07-14 10:04 - 00014432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-27 21:41 - 2014-12-23 12:26 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-27 21:39 - 2009-07-14 10:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-27 18:37 - 2014-12-23 12:26 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-27 18:17 - 2014-12-18 11:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-27 18:00 - 2014-05-10 21:58 - 00000000 ____D () C:\Users\N\Movies
2015-02-27 16:09 - 2014-05-10 20:55 - 00000000 ____D () C:\Users\N
2015-02-27 15:27 - 2014-12-26 14:51 - 00000000 ____D () C:\Users\N\Old Testament
2015-02-27 15:25 - 2014-06-08 16:05 - 00000000 ____D () C:\Users\N\Christian stuff
2015-02-25 08:21 - 2014-05-10 17:49 - 00000000 ____D () C:\Users\NM\AppData\Local\Microsoft Help
2015-02-24 18:42 - 2014-05-10 21:22 - 00000000 ____D () C:\Users\NM\AppData\Roaming\vlc
2015-02-24 00:01 - 2014-05-12 15:12 - 00000000 ____D () C:\Users\N\Songs
2015-02-23 13:59 - 2009-09-07 04:32 - 00785302 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 08:00 - 2014-05-10 17:22 - 00000000 ____D () C:\Users\NM
2015-02-20 03:40 - 2015-01-11 16:10 - 00000000 ____D () C:\Users\NM\AppData\Local\CrashDumps
2015-02-19 20:07 - 2009-07-14 10:23 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-18 15:56 - 2014-11-17 15:30 - 00000000 ____D () C:\Users\N\Math Books Higher Grades
2015-02-18 10:21 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\tracing
2015-02-17 12:36 - 2015-01-17 20:07 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Skype
2015-02-13 22:52 - 2014-08-24 14:03 - 00000000 ____D () C:\Users\N\Sermons
2015-02-13 22:33 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\rescache
2015-02-12 15:10 - 2009-07-14 10:03 - 00429808 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 15:08 - 2014-12-19 18:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 15:08 - 2014-12-19 18:04 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 14:42 - 2014-12-19 14:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 14:32 - 2014-12-19 14:57 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 00:47 - 2014-06-05 22:38 - 00000000 ____D () C:\Users\NM\AppData\Local\Adobe
2015-02-07 00:46 - 2014-12-18 11:14 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-07 00:46 - 2014-12-18 11:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 00:05 - 2014-05-10 17:22 - 00000000 ____D () C:\Users\NM\AppData\Local\VirtualStore
2015-02-04 23:48 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-01 23:01 - 2009-07-14 10:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-01 22:52 - 2014-05-10 17:26 - 00115168 _____ () C:\Users\NM\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-01 18:57 - 2015-01-20 23:44 - 00000000 ____D () C:\Program Files\SecureAge
 
==================== Files in the root of some directories =======
 
2015-01-28 11:30 - 2015-01-28 11:30 - 0000000 _____ () C:\Users\NM\AppData\Local\AtStart.txt
2015-01-28 11:30 - 2015-01-28 11:30 - 0000000 _____ () C:\Users\NM\AppData\Local\DSwitch.txt
2015-01-28 11:30 - 2015-01-28 11:30 - 0000000 _____ () C:\Users\NM\AppData\Local\QSwitch.txt
2015-01-28 11:30 - 2015-02-27 21:42 - 0000179 _____ () C:\ProgramData\HPWALog.txt
 
Some content of TEMP:
====================
C:\Users\NM\AppData\Local\Temp\avgnt.exe
C:\Users\NM\AppData\Local\Temp\Quarantine.exe
C:\Users\NM\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-23 14:42
 
==================== End Of Log ============================
 
 
I can't see the Attachment button, so I'm pasting the results of Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2015 01
Ran by NM at 2015-02-27 22:05:28
Running from C:\Users\NM\Downloads\Programs
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3G - Connect (HKLM\...\3G - Connect - 3G - Connect_is1) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.18.41 - Broadcom Corporation)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Windows 7 (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
GlassWire 1.0 (remove only) (HKLM\...\GlassWire 1.0) (Version: 1.0.35 - SecureMix LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HP MediaStream (HKLM\...\{4414C431-245A-4AF7-8FE0-3ED2333FD8D2}) (Version: 2.5.1466 - Simplify Media)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP QuickSync (HKLM\...\{EEA95E6C-6847-49BE-83C9-ED92D8E18983}) (Version: 5.1.234.4788 - Hewlett-Packard)
HP QuickWeb (HKLM\...\{21FFAF37-E51A-41AB-8749-ACD1F9CF8E37}) (Version: 1.1.2.2 - DeviceVM, Inc.)
HP Setup (HKLM\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP User Guides 0169 (HKLM\...\{4B7057D5-6D5D-4088-8217-48EA20C44373}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6246.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.1929 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Recovery Manager (Version: 5.5.2214 - CyberLink Corp.) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.13.1 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Who Is On My Wifi version 3.0.2 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.2 - IO3O LLC)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
11-02-2015 21:41:19 Windows Update
12-02-2015 14:24:30 Windows Update
13-02-2015 19:39:08 Windows Update
18-02-2015 00:07:02 Windows Update
21-02-2015 12:49:21 Windows Update
24-02-2015 13:23:03 Windows Update
25-02-2015 10:07:41 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-01-28 11:18 - 2015-01-28 11:18 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1A1AF5AC-8E34-48B6-AFF4-1345E6121D4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {3821D3A0-4FE6-4A07-9908-28C46F21C79A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BB1B3D8C-3844-43DC-902C-B20039E650B3} - System32\Tasks\RecoveryCDWin7 => C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-08] ()
Task: {D241A9A3-F995-4F23-BCB1-0658B759D431} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {F844E988-E3F8-4B93-922E-071641F88C4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-12-26 14:21 - 2014-12-26 14:21 - 00893224 _____ () C:\Program Files\GlassWire\platforms\qwindows.dll
2014-12-26 14:21 - 2014-12-26 14:21 - 00030504 _____ () C:\Program Files\GlassWire\imageformats\qico.dll
2014-12-26 14:21 - 2014-12-26 14:21 - 00248104 _____ () C:\Program Files\GlassWire\imageformats\qjpeg.dll
2015-02-05 00:03 - 2014-01-27 14:31 - 00475136 _____ () C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
2015-02-05 00:03 - 2012-06-27 06:18 - 00839680 _____ () C:\Program Files\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll
2009-07-02 05:14 - 2009-07-02 05:14 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
2015-02-19 14:16 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2015-02-20 23:42 - 2015-02-18 04:14 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll
2014-12-24 22:52 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\NM\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-12-24 22:52 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\NM\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-551812208-478891508-1572922594-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-551812208-478891508-1572922594-500 - Administrator - Disabled)
Guest (S-1-5-21-551812208-478891508-1572922594-501 - Limited - Disabled)
NM (S-1-5-21-551812208-478891508-1572922594-1000 - Administrator - Enabled) => C:\Users\NM
 
==================== Faulty Device Manager Devices =============
 
Name: HP Webcam-50
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/27/2015 08:31:21 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
 
System errors:
=============
Error: (02/27/2015 09:40:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/27/2015 09:32:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/27/2015 03:06:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/27/2015 10:57:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/27/2015 08:39:25 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (02/27/2015 08:36:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/27/2015 08:30:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 08:28:14 on ‎27-‎02-‎2015 was unexpected.
 
Error: (02/27/2015 07:56:59 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (02/27/2015 05:21:57 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (02/26/2015 08:12:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
 
Microsoft Office Sessions:
=========================
Error: (02/27/2015 08:31:21 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Failed to process session change. System.NullReferenceException: Object reference not set to an instance of an object.
   at Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
 
==================== Memory info =========================== 
 
Processor: Intel® Atom™ CPU N450 @ 1.66GHz
Percentage of memory in use: 91%
Total physical RAM: 1012.2 MB
Available physical RAM: 82.64 MB
Total Pagefile: 2036.2 MB
Available Pagefile: 353.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:137.33 GB) (Free:95.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:11.42 GB) (Free:1.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: EBDBBB5D)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=137.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log ============================

Edited by Queen-Evie, 27 February 2015 - 08:43 PM.
moved from Am I Infected to Malware Removal Logs. FRST logs are allowed only in MRL, which is the where the prep guide says to post them.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:26 AM

Posted 04 March 2015 - 11:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/568522 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 04 March 2015 - 01:19 PM

Hi,

 

1) I have Avast now on my system - the free version.  I had earlier uninstalled 2 programs from my programs list - HP QuickWeb and Eset. 

 

These are the current problems I am facing with my computer :

 

My Glasswire application shows a DNS server settings changed Alert sometimes. I had changed the router login IP address. But sometimes, Glasswire gives me 2 alerts of Old and New IP Address. The first alert - Old : My new router login IP which I had changed. New - fec0:0:0:ffff::1 The second alert - Old - fec0:0:0:ffff::1  and New - My new router login IP. Possible malware?

 

Here's the weblink I found :

https://www.glasswire.com/dictionary/

Please check DNS settings. The 

 I thought AVAST takes of Viruses and Malware. Should I get the paid version? Also I need to tell you about what router settings I made to make it more secure which I got from the AVAST portal. I did the MAC filtering, I changed the LAN IP address to login to the router with the LAN Cable, I went into the Admin page and changed the username and password for both Admin and User accounts. Apparently Avast told me that my router login password is not strong. So I changed the usernames and passwords. But when I did the network security scan afterwards on Avast, it still said router password not that secure. Yesterday my computer had slowed down considerably. Probably malware. Today it is fast but I saw the DNS server settings changed alert on Glasswire.

 

I can't save documents in C drive. When I try to save, it says this drive is either full, write protected or damaged. I have to first save in Documents and then copy and paste in C drive.  

 

2). FRST Log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2015
Ran by NM (administrator) on NM-PC on 04-03-2015 23:28:00
Running from C:\Users\NM\Downloads\Programs
Loaded Profiles: NM (Available profiles: NM)
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\AEstSrv.exe
(SecureMix LLC) C:\Program Files\GlassWire\GWCtlSrv.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sun Microsystems, Inc.) C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SecureMix LLC) C:\Program Files\GlassWire\GlassWire.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SecureMix LLC) C:\Program Files\GlassWire\GWIdlMon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Farbar) C:\Users\NM\Downloads\Programs\FRST_2.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-11-04] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2009-10-12] (IDT, Inc.)
HKLM\...\Run: [HP] => C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe [589104 2009-07-14] (Hewlett-Packard)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-21] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-02] (Hewlett-Packard)
HKLM\...\Run: [WTClient] => C:\Windows\SYSTEM32\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Run: [Simplify Media] => C:\Program Files\Hp\HP MediaStream\HPMediaStream.exe [21498376 2009-10-23] (Simplify Media, Inc.)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Run: [GlassWire] => C:\Program Files\GlassWire\glasswire.exe [10571048 2015-02-18] (SecureMix LLC)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3890768 2015-03-02] (Tonec Inc.)
HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\RunOnce: [Adobe Speed Launcher] => 1425484570
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-551812208-478891508-1572922594-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-551812208-478891508-1572922594-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-551812208-478891508-1572922594-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-551812208-478891508-1572922594-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-551812208-478891508-1572922594-1000 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-551812208-478891508-1572922594-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-551812208-478891508-1572922594-1000 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 222.127.9.1
 
FireFox:
========
FF ProfilePath: C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153
FF DefaultSearchEngine: Google (avast)
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-551812208-478891508-1572922594-1000: @hola.org/vlc,version=1.6.812 -> C:\Users\NM\AppData\Local\Hola\firefox\app\vlc ()
FF SearchPlugin: C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\searchplugins\google-avast.xml
FF Extension: Hola Better Internet - C:\Users\NM\AppData\Roaming\Mozilla\Firefox\Profiles\jqpzy8et.default-1421991119153\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-25]
FF Extension: Hotspot Shield Extension - C:\Program Files\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-01-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-28]
FF HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NM\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\NM\AppData\Roaming\IDM\idmmzcc5 [2015-02-25]
FF HKU\S-1-5-21-551812208-478891508-1572922594-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NM\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR Profile: C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-24]
CHR Extension: (Avast Online Security) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-28]
CHR Extension: (Cisco WebEx Extension) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-02-09]
CHR Extension: (Gmail) - C:\Users\NM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-03-02]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-28] (AVAST Software)
R2 GlassWire; C:\Program Files\GlassWire\GWCtlSrv.exe [6309672 2015-02-18] (SecureMix LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe [221266 2009-10-12] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-02-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-02-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2015-02-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-02-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-02-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-02-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2015-02-28] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2015-02-28] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-02-28] ()
R1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [27616 2015-02-18] (SecureMix LLC)
R3 PTSimBus; C:\Windows\System32\DRIVERS\PTSimBus.sys [23208 2009-06-22] (PenTablet Driver)
S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [14504 2009-06-22] (PenTablet Driver)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2014-05-17] (Anchorfree Inc.)
S3 TClass2k; C:\Windows\System32\DRIVERS\TClass2k.sys [23208 2009-06-22] (Tablet Driver)
S3 UCTblHid; C:\Windows\System32\DRIVERS\UCTblHid.sys [19624 2009-06-22] (Tablet Driver)
S3 WCDMA_Datacard_Usb_Ser; system32\DRIVERS\WCDMA_Datacard_Usb_Ser.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-04 23:27 - 2015-03-04 23:28 - 00000000 ____D () C:\FRST
2015-03-04 21:22 - 2015-03-04 21:22 - 00000979 _____ () C:\Users\NM\Desktop\Internet Download Manager.lnk
2015-03-04 21:21 - 2015-03-04 21:22 - 00000000 ____D () C:\Program Files\Internet Download Manager
2015-03-04 21:12 - 2015-03-04 21:13 - 06211232 _____ (Tonec Inc.) C:\Users\NM\Downloads\idman623build3.exe
2015-03-04 15:45 - 2015-03-04 17:28 - 00013989 ____H () C:\Users\NM\Documents\~WRL0005.tmp
2015-03-04 15:18 - 2015-03-04 23:24 - 00000000 ____D () C:\Users\N\CoC
2015-03-02 21:42 - 2015-03-03 06:32 - 00117800 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2015-03-01 18:35 - 2015-03-01 18:35 - 00000000 _____ () C:\Users\NM\AppData\Local\{D6120D2F-8AF2-495B-B601-2F82BE88B33D}
2015-02-28 16:38 - 2015-02-28 16:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-02-28 15:52 - 2015-02-28 15:52 - 00000000 ____D () C:\Users\NM\AppData\Roaming\AVAST Software
2015-02-28 15:51 - 2015-02-28 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-28 15:49 - 2015-02-28 15:51 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-28 15:49 - 2015-02-28 15:51 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-02-28 15:49 - 2015-02-28 15:51 - 00073480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-28 15:49 - 2015-02-28 15:49 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-28 15:49 - 2015-02-28 15:49 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-28 15:49 - 2015-02-28 15:49 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-28 15:49 - 2015-02-28 15:49 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-28 15:49 - 2015-02-28 15:49 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-28 15:49 - 2015-02-28 15:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-28 15:49 - 2015-02-28 15:49 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-28 15:48 - 2015-02-28 15:48 - 00038984 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\aswTap.sys
2015-02-28 15:44 - 2015-02-28 15:44 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-28 00:03 - 2015-02-28 00:03 - 00000000 ____D () C:\Users\NM\AppData\Local\Hola
2015-02-27 23:33 - 2015-02-27 23:33 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire 1.0
2015-02-27 23:33 - 2015-02-27 23:33 - 00000000 ____D () C:\Program Files\GlassWire
2015-02-27 23:33 - 2015-02-18 14:05 - 00008704 _____ () C:\Windows\system32\Drivers\gwdrv.cat
2015-02-27 23:33 - 2015-02-18 13:54 - 00027616 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys
2015-02-26 14:18 - 2015-02-28 15:35 - 00000000 ____D () C:\OETemp
2015-02-25 15:54 - 2015-03-04 21:24 - 00000000 ____D () C:\Users\NM\AppData\Roaming\DMCache
2015-02-25 15:54 - 2015-02-25 16:10 - 00000000 ____D () C:\Users\NM\AppData\Roaming\IDM
2015-02-25 15:54 - 2015-02-25 15:54 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-02-25 15:54 - 2015-02-25 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2015-02-25 15:54 - 2015-02-25 15:54 - 00000000 ____D () C:\ProgramData\IDM
2015-02-25 10:10 - 2015-01-09 05:14 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 11:46 - 2015-02-24 11:47 - 00000000 ____D () C:\Users\N\Workouts
2015-02-20 05:14 - 2015-03-04 22:04 - 00000000 ____D () C:\Users\N\Miscellaneous
2015-02-19 14:17 - 2015-02-19 20:40 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Yahoo!
2015-02-19 12:43 - 2015-03-02 19:42 - 00000000 ____D () C:\Program Files\Yahoo!
2015-02-17 23:04 - 2015-01-09 08:18 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 23:04 - 2015-01-09 08:18 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 23:04 - 2015-01-09 08:18 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-16 20:46 - 2015-03-01 00:28 - 00000000 ____D () C:\Users\N\ETZ
2015-02-13 18:34 - 2015-01-23 09:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 18:34 - 2015-01-23 08:47 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 22:03 - 2015-01-12 07:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 22:03 - 2015-01-12 07:25 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 22:03 - 2015-01-12 07:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 22:02 - 2015-01-14 10:39 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 22:02 - 2015-01-12 07:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 22:02 - 2015-01-12 07:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 22:02 - 2015-01-12 07:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 22:02 - 2015-01-12 07:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 22:02 - 2015-01-12 07:32 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 22:02 - 2015-01-12 07:30 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 22:02 - 2015-01-12 07:29 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 22:02 - 2015-01-12 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 22:02 - 2015-01-12 07:25 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 22:02 - 2015-01-12 07:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 22:02 - 2015-01-12 07:15 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 22:02 - 2015-01-12 07:06 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 22:02 - 2015-01-12 07:05 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 22:02 - 2015-01-12 07:03 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 22:02 - 2015-01-12 06:53 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 22:02 - 2015-01-12 06:53 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 22:02 - 2015-01-12 06:53 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 22:02 - 2015-01-12 06:52 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 22:02 - 2015-01-12 06:44 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 22:02 - 2015-01-12 06:30 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 22:02 - 2015-01-12 06:26 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 22:02 - 2015-01-12 06:25 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 22:01 - 2015-01-12 07:55 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 22:01 - 2015-01-12 07:38 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 21:58 - 2015-01-09 07:15 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 21:57 - 2015-01-15 13:16 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 21:57 - 2015-01-15 13:16 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 21:57 - 2015-01-15 13:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 21:57 - 2015-01-15 13:13 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 21:57 - 2015-01-15 13:12 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 21:57 - 2015-01-15 13:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 21:57 - 2015-01-15 13:12 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 21:57 - 2015-01-15 13:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 21:57 - 2015-01-15 13:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 21:57 - 2015-01-15 13:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 21:57 - 2015-01-15 13:07 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 21:57 - 2015-01-15 09:51 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 21:57 - 2014-12-08 08:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 21:52 - 2015-01-14 11:14 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-11 21:51 - 2015-01-14 11:14 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 21:49 - 2015-02-04 08:24 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 21:49 - 2015-02-04 08:23 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 21:49 - 2014-11-26 09:02 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 21:49 - 2014-10-04 07:12 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 21:49 - 2014-10-04 07:12 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 21:48 - 2015-02-04 08:23 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 21:48 - 2015-02-04 08:19 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 21:48 - 2015-01-28 05:06 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 21:48 - 2015-01-10 11:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 21:48 - 2015-01-10 11:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 21:41 - 2015-01-13 08:19 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 21:41 - 2014-12-12 10:37 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 21:41 - 2014-07-07 07:10 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 21:41 - 2014-07-07 07:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-09 21:05 - 2015-03-04 09:47 - 00000000 ____D () C:\Users\NM\AppData\Roaming\webex
2015-02-09 21:02 - 2015-02-25 06:24 - 00000000 ____D () C:\ProgramData\WebEx
2015-02-05 00:03 - 2015-03-04 23:25 - 00000000 ____D () C:\wifidata
2015-02-05 00:03 - 2015-02-05 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Is On My Wifi
2015-02-05 00:03 - 2015-02-05 00:03 - 00000000 ____D () C:\Program Files\IO3O LLC
2015-02-02 06:44 - 2015-03-01 07:03 - 00271972 _____ () C:\Windows\PFRO.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-04 23:17 - 2014-12-18 11:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-04 22:37 - 2014-12-23 12:26 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-04 22:05 - 2014-06-08 16:05 - 00000000 ____D () C:\Users\N\Christian stuff
2015-03-04 22:05 - 2014-05-10 20:55 - 00000000 ____D () C:\Users\N
2015-03-04 21:14 - 2009-07-14 10:04 - 00014432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 21:14 - 2009-07-14 10:04 - 00014432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 21:06 - 2014-12-23 12:26 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-04 21:05 - 2015-02-01 23:44 - 00016822 _____ () C:\Windows\setupact.log
2015-03-04 21:05 - 2009-07-14 10:23 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-04 19:48 - 2014-12-15 15:10 - 01705042 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 14:13 - 2014-05-10 17:22 - 00000000 ____D () C:\Users\NM
2015-03-04 11:50 - 2014-05-10 21:22 - 00000000 ____D () C:\Users\NM\AppData\Roaming\vlc
2015-03-03 23:02 - 2015-01-11 16:10 - 00000000 ____D () C:\Users\NM\AppData\Local\CrashDumps
2015-03-03 12:51 - 2014-05-10 21:58 - 00000000 ____D () C:\Users\N\Movies
2015-03-01 15:15 - 2014-05-12 15:12 - 00000000 ____D () C:\Users\N\Songs
2015-03-01 07:03 - 2015-01-27 14:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-28 17:56 - 2014-11-17 15:30 - 00000000 ____D () C:\Users\N\Math Books Higher Grades
2015-02-28 17:56 - 2009-09-07 04:32 - 00785302 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-28 16:42 - 2014-05-10 17:22 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Adobe
2015-02-28 16:41 - 2014-06-05 22:38 - 00000000 ____D () C:\Users\NM\AppData\Local\Adobe
2015-02-28 16:41 - 2009-11-24 10:09 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-02-28 16:35 - 2014-10-31 17:34 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-02-28 16:34 - 2009-11-24 11:17 - 00000000 ____D () C:\Program Files\Java
2015-02-28 15:44 - 2015-02-01 18:14 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-28 13:18 - 2014-05-12 13:59 - 00000000 ____D () C:\Users\N\SCF - The Cross
2015-02-27 15:27 - 2014-12-26 14:51 - 00000000 ____D () C:\Users\N\Old Testament
2015-02-25 08:21 - 2014-05-10 17:49 - 00000000 ____D () C:\Users\NM\AppData\Local\Microsoft Help
2015-02-19 20:07 - 2009-07-14 10:23 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-18 10:21 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\tracing
2015-02-17 12:36 - 2015-01-17 20:07 - 00000000 ____D () C:\Users\NM\AppData\Roaming\Skype
2015-02-13 22:52 - 2014-08-24 14:03 - 00000000 ____D () C:\Users\N\Sermons
2015-02-13 22:33 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\rescache
2015-02-12 15:10 - 2009-07-14 10:03 - 00429808 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 15:08 - 2014-12-19 18:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 15:08 - 2014-12-19 18:04 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 14:42 - 2014-12-19 14:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 14:32 - 2014-12-19 14:57 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 00:46 - 2014-12-18 11:14 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-07 00:46 - 2014-12-18 11:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 00:05 - 2014-05-10 17:22 - 00000000 ____D () C:\Users\NM\AppData\Local\VirtualStore
2015-02-04 23:48 - 2009-07-14 08:07 - 00000000 ____D () C:\Windows\system32\NDF
 
==================== Files in the root of some directories =======
 
2015-01-28 11:30 - 2015-01-28 11:30 - 0000000 _____ () C:\Users\NM\AppData\Local\AtStart.txt
2015-01-28 11:30 - 2015-01-28 11:30 - 0000000 _____ () C:\Users\NM\AppData\Local\DSwitch.txt
2015-01-28 11:30 - 2015-01-28 11:30 - 0000000 _____ () C:\Users\NM\AppData\Local\QSwitch.txt
2015-03-01 18:35 - 2015-03-01 18:35 - 0000000 _____ () C:\Users\NM\AppData\Local\{D6120D2F-8AF2-495B-B601-2F82BE88B33D}
2015-01-28 11:30 - 2015-03-04 21:33 - 0000360 _____ () C:\ProgramData\HPWALog.txt
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-23 14:42
 
 
 
 
 
 
 
 
==================== End Of Log ============================

 

 

3) I do not have the original windows CD available.

 

 

Attached Files



#4 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 08 March 2015 - 12:22 PM

Hi, 

 

Please could I get help soon!

 

Thanks



#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,248 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:26 AM

Posted 11 March 2015 - 08:51 AM

Hello,

My apologies for the delay.

 

My Glasswire application shows a DNS server settings changed Alert sometimes. I had changed the router login IP address. But sometimes, Glasswire gives me 2 alerts of Old and New IP Address. The first alert - Old : My new router login IP which I had changed. New - fec0:0:0:ffff::1 The second alert - Old - fec0:0:0:ffff::1  and New - My new router login IP. Possible malware?

 

This is normal, if your computer has no other problems I wouldn't worry about it. If you change this yourself it is okay, but Glasswire can't know you did this yourself and the router wasn't hacked. :)


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 12 March 2015 - 12:58 AM

Hi,

 

Thanks for your response.

 

You said - If you change this yourself it is okay, but Glasswire can't know you did this yourself and the router wasn't hacked

 

1.I had changed my Router login IP. Glasswire showed that there was a  DNS setting change to another one I have mentioned -  fec0:0:0:ffff::1. You mentioned that this is normal. However, just want to understand why this has happened.

 

2. Should I be getting a paid version of my AV?

 

3. What do I do about the C drive issue?


Edited by comp_help2014, 12 March 2015 - 01:22 AM.


#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,248 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:26 AM

Posted 12 March 2015 - 03:38 AM

It is just showing an IPV6 address, thats why you don't see a "normal" number.

 

As for a paid AV, if you are happy with Avast free, there is no reason, security-wise, to get the paid version.

 

Which C drive issue are you referring to?


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 12 March 2015 - 01:00 PM

When I open a file in C drive and make changes to it and then try to save it back into C drive, it says its either write protected, or corrupted or full and it says it can't save here and would I like to save in the My Documents folder. I then have to save it in My Documents and then copy and paste it back into C drive. 

 

Thank you for your help!


Edited by comp_help2014, 12 March 2015 - 01:00 PM.


#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,248 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:26 AM

Posted 12 March 2015 - 03:51 PM

If you have UAC set to a higher level this is normal. You can just create the file on your desktop, then copy it to C instaed and give administrator permission to do this.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 13 March 2015 - 02:00 AM

There are already files in my C drive. When I try to modify and save them, then I have to save it in My Documents or Desktop and then save it in C drive. Should I just set my UAC to a lower level? What is the administrator permission option? How do I give the administrator permission option? Why do I need to give this permission when I copy into C drive? 



#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,248 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:26 AM

Posted 13 March 2015 - 02:50 AM

It means that Windows wants to make sure only someone with Administrator permissions can move a file there. When you copy a file normally, without administrator elevation you work as normal User. A user and an Administrator can have different permissions on an object (file or folder), depending on UAC settings as well as other security settings.

 

I think that if you right click on Winword.exe, select Run as Administrator, then try to save a file it might work.

However why would you want to save word documents in C:\? Again, with high UAC settings this is perfectly normal so there is nothing to worry about.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 13 March 2015 - 11:33 PM

Thanks for your help.



#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,248 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:26 AM

Posted 14 March 2015 - 05:15 AM

Do you have any other question or problem? If not, this topic will be closed.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 comp_help2014

comp_help2014
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Local time:11:56 AM

Posted 14 March 2015 - 06:09 AM

None right now. Thank you.



#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,248 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:26 AM

Posted 15 March 2015 - 03:05 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users