Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange behaviour in IE11 and flickering desktop icons - virus?


  • Please log in to reply
22 replies to this topic

#1 acra24

acra24

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 30 June 2015 - 03:18 AM

Hello,

 

Firstly, thanks for reading this. 

 

My PC is as follows;

 

Intel Core i7 3770 3.4GHz

16GB Corsair RAM

400GB Samsung SSD

Windows 7 HP 64bit 

IE11

All the latest updates

AV - Avast Free

 

For some weeks now I have noticed that most of the time whenever I start IE, my homepage is Google, if I start typing in the browser it appears to freeze momentarily and then reset so that the first few characters are missing.  Sometimes it will do this after I have been using the browser for a while, sometimes immediately. When this happens IE begins to behave erratically, pages not loading, or loading and then disappearing again, but if I then click anywhere on the desktop the icons begin to flicker. If that happens and I try to open folders sometimes they open on a double click and sometimes they don't, and sometimes the contents are missing.  I can resolve the situation by restarting explorer through the Task Manager but I sometimes have to restart the PC.

 

I have scanned with Avast and Malwarebytes Antimalware but neither have found anything insidious.  I am concerned that there is a virus or Trojan on the PC but that it's well hidden.

 

Other programs, Prepar3D, Word, Outlook seem to run ok.

 

Any ideas?

 

Thanks in advance.

 

Andrew


Edited by acra24, 30 June 2015 - 12:24 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:29 AM

Posted 01 July 2015 - 02:37 AM

Hello,

 

I don't think that you are infected, but we can check. 

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices

§  List Users, Partitions and Memory size.

§  List Minidump Files

§  List Restore Points

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

------

 

ESET Online Scanner

§  Click here to download the installer for ESET Online Scanner and save it to your Desktop.

§  Disable all your antivirus and antimalware software - see how to do that here.

§  Right click on esetsmartinstaller_enu.exe and select Run as Administrator.

§  Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.

§  Select Enable detection of potentially unwanted applications.

§  Click Advanced Settings, then place a checkmark in the following:

o    Remove found threats

o    Scan archives

o    Scan for potentially unsafe applications

o    Enable Anti-Stealth technology

§  Click Start to begin scanning.

§  ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.

§  When the scan is done, click List threats (only available if ESET Online Scanner found something).

§  Click Export, then save the file to your desktop.

§  Click Back, then Finish to exit ESET Online Scanner.

 

----

 

Please download AdwCleaner by Xplode onto your desktop.

§  Close all open programs and internet browsers.

§  Double click on adwcleaner.exe to run the tool.

§  Click on Scan button.

§  When the scan has finished click on Clean button.

§  Your computer will be rebooted automatically. A text file will open after the restart.

§  Please post the contents of that logfile with your next reply.

§  You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

-------

 

Please download Junkware Removal Tool to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 acra24

acra24
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 01 July 2015 - 04:39 AM

Hi, Thanks for the help.  Scans done as requested.  Here are the results

 

MiniToolBox

 

MiniToolBox by Farbar  Version: 22-06-2015
Ran by Crawley Familey (administrator) on 01-07-2015 at 08:47:50
Running from "C:\Users\Crawley Familey\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : CrawleyFamily
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 30-85-A9-90-16-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::914c:2d20:5567:d84c%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 01 July 2015 08:44:37
   Lease Expires . . . . . . . . . . : 02 July 2015 08:44:37
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 238060969
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-5A-C0-F2-30-85-A9-90-16-B6
   DNS Servers . . . . . . . . . . . : 194.168.4.100
                                       194.168.8.100
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{249CD3A4-186C-49B4-808C-481BC439AEDE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:51c8:4032:28df:30fd:3f57:fffc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::28df:30fd:3f57:fffc%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Name:    google.com
Addresses:  2a00:1450:4009:80d::200e
   216.58.208.46

Pinging google.com [216.58.208.46] with 32 bytes of data:
Reply from 216.58.208.46: bytes=32 time=7ms TTL=56
Reply from 216.58.208.46: bytes=32 time=8ms TTL=56

Ping statistics for 216.58.208.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 7ms, Maximum = 8ms, Average = 7ms
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
   2001:4998:c:a06::2:4008
   2001:4998:58:c02::a9
   98.138.253.109
   98.139.183.24
   206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=112ms TTL=50
Reply from 98.139.183.24: bytes=32 time=112ms TTL=50

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 112ms, Maximum = 112ms, Average = 112ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...30 85 a9 90 16 b6 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.3     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.3    266
      192.168.0.3  255.255.255.255         On-link       192.168.0.3    266
    192.168.0.255  255.255.255.255         On-link       192.168.0.3    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.3    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.3    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:51c8:4032:28df:30fd:3f57:fffc/128
                                    On-link
 11    266 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::28df:30fd:3f57:fffc/128
                                    On-link
 11    266 fe80::914c:2d20:5567:d84c/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/01/2015 08:44:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Faulting module name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Exception code: 0x40000015
Fault offset: 0x000ace66
Faulting process id: 0x778
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/30/2015 10:09:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Faulting module name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Exception code: 0x40000015
Fault offset: 0x000ace66
Faulting process id: 0x760
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/30/2015 09:42:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17840, time stamp: 0x555fe1bb
Faulting module name: OnlineScanner.ocx_unloaded, version: 0.0.0.0, time stamp: 0x55546935
Exception code: 0xc0000005
Fault offset: 0x694608e0
Faulting process id: 0x5b4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (06/30/2015 09:24:31 PM) (Source: Adobe Reader) (User: )
Description:

Error: (06/30/2015 09:15:28 PM) (Source: Adobe Reader) (User: )
Description:

Error: (06/30/2015 04:59:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Faulting module name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Exception code: 0x40000015
Fault offset: 0x000ace66
Faulting process id: 0x590
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/30/2015 10:20:08 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f74

Start Time: 01d0b315f19a3420

Termination Time: 3

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (06/30/2015 08:41:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.0, time stamp: 0x552d3c4a
Faulting module name: mbamservice.exe, version: 3.1.0.0, time stamp: 0x552d3c4a
Exception code: 0x40000015
Fault offset: 0x000a6db6
Faulting process id: 0x770
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/29/2015 08:45:20 PM) (Source: Adobe Reader) (User: )
Description:

Error: (06/29/2015 11:53:12 AM) (Source: Adobe Reader) (User: )
Description:

System errors:
=============
Error: (07/01/2015 08:44:57 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/01/2015 08:44:57 AM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (06/30/2015 10:09:25 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/30/2015 10:09:25 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (06/30/2015 09:34:16 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/30/2015 09:34:16 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CRAWLE~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/30/2015 09:34:15 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/30/2015 09:34:15 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CRAWLE~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/30/2015 09:34:15 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/30/2015 09:34:15 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CRAWLE~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-04-15 13:16:01.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:16:01.774
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:11:02.762
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:11:02.742
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:42.620
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:42.573
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:04.616
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:04.601
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:04:07.651
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:04:07.604
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

Accu-Feel (HKLM-x32\...\Accu-Feel) (Version:  - )
Accu-Feel Air, Land, and Sea (HKLM-x32\...\Accu-Feel Air, Land, and Sea) (Version:  - )
Active Sky Next for P3D SP3 (HKLM-x32\...\{67230DFC-F135-4F7F-B489-5860FD0EE162}_is1) (Version: 1.0.5655.17391 - HiFi Technologies, Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
Aerosoft's - Airbus A318-A319 - PREPAR3D V2.x (HKLM-x32\...\Airbus A318-A319 - PREPAR3D V2.x) (Version: 1.30 - Aerosoft)
Aerosoft's - Airbus A320-A321 - PREPAR3D V2.x (HKLM-x32\...\Airbus A320-A321 - PREPAR3D V2.x) (Version: 1.30 - Aerosoft)
Aerosoft's - Anchorage X - PrePar3D (HKLM-x32\...\Anchorage X - PrePar3D) (Version:  - )
Aerosoft's - Bari X - PrePar3D (HKLM-x32\...\Bari X - PrePar3D) (Version:  - )
Aerosoft's - Corfu X (HKLM-x32\...\{8A073262-FB25-4224-AE36-C2725A616E05}) (Version: 1.11 - Aerosoft)
aerosoft's - Faro X (HKLM-x32\...\{FA9455D9-4ABC-48CF-8FC6-4FDA30F6AACD}) (Version: 1.01 - aerosoft)
aerosoft's - German Airports 3 - 2012 (Berlin-Tegel FSX) (HKLM-x32\...\{3DAD565E-1275-4EE8-9568-932CB7B75FB8}) (Version: 1.02 - aerosoft)
Aerosoft's - Heraklion X (HKLM-x32\...\{0CA7BE0D-3DC3-4F04-B64D-9AA2041B76AB}) (Version: 1.00 - Aerosoft)
aerosoft's - Kos X (HKLM-x32\...\{F4B5B937-603F-41DA-AE24-2D188DAD98BE}) (Version: 1.00 - aerosoft)
aerosoft's - Madeira X (HKLM-x32\...\{17440258-DB48-49DE-8391-79900477490C}) (Version: 1.01 - aerosoft)
aerosoft's - Mallorca X for FSX (HKLM-x32\...\{07CC448E-4FFC-444F-999D-10F11AE559FB}) (Version: 1.01 - aerosoft)
Aerosoft's - Mega Airport London Heathrow Xtended - PREPAR3D V2.x (HKLM-x32\...\Mega Airport London Heathrow Xtended - PREPAR3D V2.x) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport London Heathrow Xtended Jetway patch - P3D (HKLM-x32\...\{B8F009E7-20FC-403F-9048-37EC1D7D3A20}) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport Oslo 2.0 - PREPAR3D V2.x (HKLM-x32\...\Mega Airport Oslo 2.0 - PREPAR3D V2.x) (Version: 1.06 - Aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1a5d2729-4a3b-4cd5-85c8-4896fd44b78d}) (Version: 1.21 - aerosoft)
Android Sync Manager WiFi (HKLM-x32\...\{13D946AF-DAD9-0200-0000-000000000000}) (Version: 11.10.2763 - Mobile Action)
ASConnect for P3D (HKLM-x32\...\{70C18CD2-D9F3-478D-994C-DCE39C84E19E}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - PopCap Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cloud9 Bergen FSX 1.0.2 (HKLM-x32\...\Cloud9 Bergen FSX_is1) (Version:  - )
CLOUD9 Orlando FSX 1.01 (HKLM-x32\...\{FED35768-B947-44EB-92CC-A17D24B8439A}) (Version: 1.01 - )
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EditVoicepack XL (HKLM-x32\...\{85e32286-236f-46b0-84f9-c8defd2d7595}) (Version: 5.0.80.0 - Bevelstone Production)
EditVoicepack XL (HKLM-x32\...\{D6250454-3B50-4036-B427-694EE47907BF}) (Version: 5.0.80.0 - Bevelstone Production) Hidden
Eiresim Shannon Ultimate FsX (HKLM-x32\...\Eiresim Shannon Ultimate FsXV1.0) (Version: V1.0 - Eiresim)
EKCH Copenhagen Airport, Kastrup X (HKLM-x32\...\{64863BEF-152F-4874-9195-0E608822F7B4}) (Version: 2.1 - Scansim)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FlightBeam Denver P3D v2.x (HKLM-x32\...\FlightBeam Denver P3D v2.x_is1) (Version: 1.1.2 - FlightBeam.)
FlightBeam Phoenix Sky Harbor FSX/P3D 1.1 (HKLM-x32\...\FlightBeam Phoenix Sky Harbor FSX/P3D_is1) (Version:  - )
FlightBeam San Francisco International FSX 2.0.1 (HKLM-x32\...\FlightBeam San Francisco International FSX 2.0.1_is1) (Version:  - )
FS2Crew: Aerosoft Airbus X Voice Control P3D V2 (HKLM-x32\...\FS2Crew: Aerosoft Airbus X Voice Control P3D V2) (Version:  - )
FS2Crew: PMDG 737 NGX Edition (HKLM-x32\...\FS2Crew: PMDG 737 NGX Edition) (Version:  - )
FS2Crew: PMDG 777 (HKLM-x32\...\FS2Crew: PMDG 777) (Version:  - )
FSDreamTeam Dallas/Fort Worth International P3D v2.x (HKLM-x32\...\FSDreamTeam Dallas/Fort Worth International P3D v2.x_is1) (Version: 2.1.7 - VIRTUALI Sagl)
FSDreamTeam Fort Lauderdale-Hollywood P3D v2.x (HKLM-x32\...\FSDreamTeam Fort Lauderdale-Hollywood P3D v2.x_is1) (Version: 1.5.4 - VIRTUALI Sagl)
FSDreamTeam Geneva P3D v2.x (HKLM-x32\...\FSDreamTeam Geneva P3D v2.x_is1) (Version: 1.6.5 - VIRTUALI Sagl)
FSDreamTeam GSX P3D v2.x (HKLM-x32\...\FSDreamTeam GSX P3D v2.x_is1) (Version: 1.9.0.9 - VIRTUALI Sagl)
FSDreamTeam Honolulu International P3D v2.x (HKLM-x32\...\FSDreamTeam Honolulu International P3D v2.x_is1) (Version: 1.4.4 - VIRTUALI Sagl)
FSDreamTeam KJFK V2 P3D v2.x (HKLM-x32\...\FSDreamTeam KJFK V2 P3D v2.x_is1) (Version: 2.3.4 - VIRTUALI Sagl)
FSDreamTeam Las Vegas McCarran P3D v2.x (HKLM-x32\...\FSDreamTeam Las Vegas McCarran P3D v2.x_is1) (Version: 1.3.4 - VIRTUALI Sagl)
FSDreamTeam Los Angeles International P3D v2.x (HKLM-x32\...\FSDreamTeam Los Angeles International P3D v2.x_is1) (Version: 1.5.4 - VIRTUALI Sagl)
FSDreamTeam OHareX P3D v2.x (HKLM-x32\...\FSDreamTeam OHareX P3D v2.x_is1) (Version: 2.3.7 - VIRTUALI Sagl)
FSDreamTeam Vancouver International P3D v2.x (HKLM-x32\...\FSDreamTeam Vancouver International P3D v2.x_is1) (Version: 1.4.1 - VIRTUALI Sagl)
FSDreamTeam ZurichX P3D v2.x (HKLM-x32\...\FSDreamTeam ZurichX P3D v2.x_is1) (Version: 2.6.0 - VIRTUALI Sagl)
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Intel Extreme Tuning Utility (HKLM-x32\...\{2E27A606-77E7-41B0-8C2A-11703585288D}) (Version: 5.1.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KATL Atlanta (HKLM-x32\...\IMAGINESIM_KATL_ATLANTA_is1) (Version: 1.0.0.0 - SimMarket)
Latin VFR MKJP FSX (HKLM-x32\...\LatinVFRMKJPFSX_is1) (Version:  - SimMarket)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Memory Cleaner 2.00 (HKLM-x32\...\MemClean) (Version: 2.00 - KoshyJohn.com)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microangelo On Display (x64) (HKLM\...\{344A17D9-DE25-4E77-B089-E7F0A0AF2AE7}) (Version: 7.0.3 - Impact Software)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: 1.0.20.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91E30409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Tool Web Package : EXCTRLST.EXE (HKLM-x32\...\{B0650E3D-FDCA-4908-B74B-0CC1731BDB93}) (Version: 1.00.0.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Migration Tool (HKLM-x32\...\{64cd40e2-6e5e-4732-8ed4-b4a5be475825}) (Version: 2.5.3.873 - Flightsim Estonia)
MK-Studios's - Bologna X - PREPAR3D V2.x (HKLM-x32\...\Bologna X - PREPAR3D V2.x) (Version: 1.01 - MK-Studios)
MRAI Install Wizard v1.23 (HKLM-x32\...\ST5UNST #1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Namaste Nepal - Tribhuvan International FSX (HKLM-x32\...\FSX_THAICREATION_TRIBHUVAN_INTL_FSX_is1) (Version: 1.0.0.0 - SimMarket)
Narita International Airport RJAA P3D (HKLM-x32\...\P3D_WCI_Narita_X_is1) (Version: 1.3.0.0 - SimMarket)
NaturalPoint USB Drivers x64 (HKLM\...\{B408139D-04D6-4464-A979-D335E48F7063}) (Version: 2.50.0000 - NaturalPoint)
Navigraph FMS Data Manager 1.1.2.0609 (HKLM-x32\...\{7E4D5716-374A-4DB6-90CF-D2AEB67362CE}_is1) (Version: 1.1.2.0609 - Navigraph)
Ninoy Aquino Intl. and Metro Manila (HKLM-x32\...\ISLANDSIM_NINOYAQUINOINTL_is1) (Version: 1.0.0.0 - PacSim)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overland - Incheon International Airport (RKSI) for FSX (HKLM-x32\...\{3B795D0B-3374-4612-BD4C-91EAF42FE6C3}) (Version: 1.00.0000 - Overland)
Phuket International Airport for FSX (HKLM-x32\...\PhuketIntFSX_is1) (Version: 1.0.0.0 - SimMarket)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.3 - Nikon)
PMDG 737 6700 NGX Expansion P3D (HKLM-x32\...\{51CE3C56-7069-4055-AC02-FDCA5A0C0D0C}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package P3D (HKLM-x32\...\{0EA92925-36E7-40CB-A714-118AB046099B}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LRF Base Package P3D (HKLM-x32\...\{C1CB0E26-CE1A-4789-8EEA-919C4CD491C1}) (Version: 1.10.6492 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion P3D (HKLM-x32\...\{BD6E3AEC-7746-494A-B055-75D6D56A82BB}) (Version: 1.10.6492 - PMDG Simulations, LLC.)
PrecipitFX (HKCU\...\17624893d0b25543) (Version: 1.3.0.14 - OldProp Solutions Inc)
Prepar3D v2 Academic (HKLM-x32\...\{92B3FF8A-3C33-4EFC-850D-CF29E54292D9}) (Version: 2.5.12945.0 - Lockheed Martin)
Prepar3D v2 Academic Bundle (HKLM-x32\...\{1363c778-75c0-4d35-b16f-88771f30c8f3}) (Version: 2.5.12945.0 - Lockheed Martin) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RAAS Professional by FS2Crew (UNLOCKED) P3D V2 (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED) P3D V2) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
REX 4 - Texture Direct - SP 1 - Hotfix 1 (HKLM-x32\...\{37032EB5-976B-49E4-BC50-262866A89BD3}) (Version: 4.1.2014.0128 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP 1 (HKLM-x32\...\{7610620C-AB71-4082-BE6D-B179779548A8}) (Version: 4.1.2014.0122 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP 2 (HKLM-x32\...\{E7A178A4-7F04-4BDE-90AD-C97AED984854}) (Version: 4.2.2014.0520 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP 3 (HKLM-x32\...\{DB0D6CE6-4F66-45DA-9F8F-9086AFB4A91A}) (Version: 4.3.2014.0812 - REX Game Studios, LLC.)
REX 4 - Texture Direct - Texture Update 1 (HKLM-x32\...\{B4DDC9F8-FB6C-4EBF-9CF7-68DD8B75D5F5}) (Version: 4.3.2014.0814 - REX Game Studios, LLC.)
REX 4 - Texture Direct - Texture Update 2 (HKLM-x32\...\{63C010AD-9B2A-4909-A31D-69AFF03F94D2}) (Version: 4.3.2014.1210 - REX Game Studios, LLC.)
REX 4 - Texture Direct (HKLM-x32\...\{CACCC25C-70B5-4FD1-AF01-10D11B87DED8}) (Version: 4.0.2013.1215 - REX Game Studios, LLC.)
REX Auto Update (HKLM-x32\...\{B87DCE07-E7DC-4148-B1C8-8B4FAF4BD72E}) (Version: 1.0.2014.0603 - REX Game Studios, LLC.) Hidden
REX Auto Update (HKLM-x32\...\REX Auto Update 1.0.2014.0603) (Version: 1.0.2014.0603 - REX Game Studios, LLC.)
REX Soft Clouds (HKLM-x32\...\{6C960DDC-7B1C-4E42-8139-A346E75597B1}) (Version: 4.0.2014.1223 - REX Game Studios, LLC.)
REX Soft Clouds SP1 (HKLM-x32\...\{86DDAD4F-C4C8-4B7E-A20B-517A8F1375BC}) (Version: 4.1.2015.0109 - REX Game Studios, LLC.)
Samsung New PC Studio (HKLM-x32\...\{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SceneryConfigEditor v1.1.2 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version:  - )
Shade (HKLM-x32\...\Shade_is1) (Version:  - SimMarket)
SKBO - Bogota for FSX/P3D (HKCU\...\SKBO - Bogota for FSX/P3D) (Version:  - )
SKBO - Bogota update CVX for FSX (HKCU\...\SKBO - Bogota update CVX for FSX) (Version:  - )
SkyHighSim Belgrade X v2 (HKLM-x32\...\{DB73E16C-D2DE-4B73-A775-0511A1C63632}) (Version: 2.02.0000 - SkyHighSim)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SSD Tweaker version 3.5.2 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.5.2 - Elpamsoft.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.11.1 (HKLM-x32\...\Stellarium_is1) (Version:  - )
T2G - Seattle Tacoma Intl Airport (HKLM-x32\...\KSEA_T2G_FSX_is1) (Version: 1.0.0.0 - SimMarket)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2009 - Thrustmaster)
TrackIR 5 (HKLM-x32\...\{2f2e6053-043c-4d69-94d0-4d42304ea4ee}) (Version: 5.2.0200 - NaturalPoint)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.1.3 - Tweaking.com)
UK2000 Gatwick Xtreme FSX  (HKLM-x32\...\UK2000 Gatwick Xtreme FSX) (Version: 3.00 - UK2000 Scenery)
UK2000 Luton Xtreme FSX  (HKLM-x32\...\UK2000 Luton Xtreme FSX) (Version: 1.05 - UK2000 Scenery)
UK2000 Manchester Xtreme FSX  (HKLM-x32\...\UK2000 Manchester Xtreme FSX) (Version: 1.51 - UK2000 Scenery)
UK2000 Stansted Xtreme FSX  (HKLM-x32\...\UK2000 Stansted Xtreme FSX) (Version: 3.31 - UK2000 Scenery)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VIRTUALI Addon ManagerX P3D v2.x (HKLM-x32\...\VIRTUALI Addon ManagerX P3D v2.x_is1) (Version: 3.0.0.3 - VIRTUALI Sagl)
VTBS FSX (HKLM-x32\...\FSX_ARMI_VTBS_FSX_is1) (Version: 2.0.0.0 - SimMarket)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
WSSS Singapore 2010 P3DV2 (HKLM-x32\...\{3775EDF8-ABBB-4F5E-8565-AFFF342B31F4}) (Version: 1.0.0 - Imagine Simulation)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 10%
Total physical RAM: 16338.94 MB
Available physical RAM: 14574.43 MB
Total Pagefile: 32676.08 MB
Available Pagefile: 30811.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:292.63 GB) (Free:82.74 GB) NTFS
2 Drive d: () (Fixed) (Total:154.16 GB) (Free:54.95 GB) NTFS

========================= Users: ========================================

User accounts for \\CRAWLEYFAMILY

Administrator            Crawley Familey          Guest                   

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

14-06-2015 20:01:36 Windows Update
18-06-2015 15:38:37 Windows Update
19-06-2015 10:18:30 Uninstall
19-06-2015 10:52:53 avast! antivirus system restore point
19-06-2015 16:53:58 avast! antivirus system restore point
20-06-2015 22:58:54 Empty Folders
21-06-2015 21:25:04 Restore Point before Corrupt Patch Registry keys
21-06-2015 21:25:19 Restore Point before Samsung New PC Studio was removed using Program Install and Uninstall troubleshooter
21-06-2015 21:25:31  Samsung New PC Studio
26-06-2015 20:07:27 Installed Windows 7 Upgrade Advisor
26-06-2015 20:09:59 Removed Windows 7 Upgrade Advisor

**** End of log ****

 

Eset Scanner

 

MiniToolBox by Farbar  Version: 22-06-2015
Ran by Crawley Familey (administrator) on 01-07-2015 at 08:47:50
Running from "C:\Users\Crawley Familey\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : CrawleyFamily
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 30-85-A9-90-16-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::914c:2d20:5567:d84c%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 01 July 2015 08:44:37
   Lease Expires . . . . . . . . . . : 02 July 2015 08:44:37
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 238060969
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-5A-C0-F2-30-85-A9-90-16-B6
   DNS Servers . . . . . . . . . . . : 194.168.4.100
                                       194.168.8.100
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{249CD3A4-186C-49B4-808C-481BC439AEDE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:51c8:4032:28df:30fd:3f57:fffc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::28df:30fd:3f57:fffc%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Name:    google.com
Addresses:  2a00:1450:4009:80d::200e
   216.58.208.46

Pinging google.com [216.58.208.46] with 32 bytes of data:
Reply from 216.58.208.46: bytes=32 time=7ms TTL=56
Reply from 216.58.208.46: bytes=32 time=8ms TTL=56

Ping statistics for 216.58.208.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 7ms, Maximum = 8ms, Average = 7ms
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
   2001:4998:c:a06::2:4008
   2001:4998:58:c02::a9
   98.138.253.109
   98.139.183.24
   206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=112ms TTL=50
Reply from 98.139.183.24: bytes=32 time=112ms TTL=50

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 112ms, Maximum = 112ms, Average = 112ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...30 85 a9 90 16 b6 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.3     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.3    266
      192.168.0.3  255.255.255.255         On-link       192.168.0.3    266
    192.168.0.255  255.255.255.255         On-link       192.168.0.3    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.3    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.3    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:51c8:4032:28df:30fd:3f57:fffc/128
                                    On-link
 11    266 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::28df:30fd:3f57:fffc/128
                                    On-link
 11    266 fe80::914c:2d20:5567:d84c/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/01/2015 08:44:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Faulting module name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Exception code: 0x40000015
Fault offset: 0x000ace66
Faulting process id: 0x778
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/30/2015 10:09:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Faulting module name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Exception code: 0x40000015
Fault offset: 0x000ace66
Faulting process id: 0x760
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/30/2015 09:42:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17840, time stamp: 0x555fe1bb
Faulting module name: OnlineScanner.ocx_unloaded, version: 0.0.0.0, time stamp: 0x55546935
Exception code: 0xc0000005
Fault offset: 0x694608e0
Faulting process id: 0x5b4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (06/30/2015 09:24:31 PM) (Source: Adobe Reader) (User: )
Description:

Error: (06/30/2015 09:15:28 PM) (Source: Adobe Reader) (User: )
Description:

Error: (06/30/2015 04:59:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Faulting module name: mbamservice.exe, version: 3.2.13.0, time stamp: 0x558200e9
Exception code: 0x40000015
Fault offset: 0x000ace66
Faulting process id: 0x590
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/30/2015 10:20:08 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f74

Start Time: 01d0b315f19a3420

Termination Time: 3

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (06/30/2015 08:41:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.0, time stamp: 0x552d3c4a
Faulting module name: mbamservice.exe, version: 3.1.0.0, time stamp: 0x552d3c4a
Exception code: 0x40000015
Fault offset: 0x000a6db6
Faulting process id: 0x770
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (06/29/2015 08:45:20 PM) (Source: Adobe Reader) (User: )
Description:

Error: (06/29/2015 11:53:12 AM) (Source: Adobe Reader) (User: )
Description:

System errors:
=============
Error: (07/01/2015 08:44:57 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/01/2015 08:44:57 AM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (06/30/2015 10:09:25 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/30/2015 10:09:25 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (06/30/2015 09:34:16 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/30/2015 09:34:16 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CRAWLE~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/30/2015 09:34:15 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/30/2015 09:34:15 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CRAWLE~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/30/2015 09:34:15 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/30/2015 09:34:15 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\CRAWLE~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-04-15 13:16:01.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:16:01.774
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:11:02.762
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:11:02.742
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:42.620
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:42.573
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:04.616
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:08:04.601
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:04:07.651
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-15 13:04:07.604
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cmudaxp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

Accu-Feel (HKLM-x32\...\Accu-Feel) (Version:  - )
Accu-Feel Air, Land, and Sea (HKLM-x32\...\Accu-Feel Air, Land, and Sea) (Version:  - )
Active Sky Next for P3D SP3 (HKLM-x32\...\{67230DFC-F135-4F7F-B489-5860FD0EE162}_is1) (Version: 1.0.5655.17391 - HiFi Technologies, Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
Aerosoft's - Airbus A318-A319 - PREPAR3D V2.x (HKLM-x32\...\Airbus A318-A319 - PREPAR3D V2.x) (Version: 1.30 - Aerosoft)
Aerosoft's - Airbus A320-A321 - PREPAR3D V2.x (HKLM-x32\...\Airbus A320-A321 - PREPAR3D V2.x) (Version: 1.30 - Aerosoft)
Aerosoft's - Anchorage X - PrePar3D (HKLM-x32\...\Anchorage X - PrePar3D) (Version:  - )
Aerosoft's - Bari X - PrePar3D (HKLM-x32\...\Bari X - PrePar3D) (Version:  - )
Aerosoft's - Corfu X (HKLM-x32\...\{8A073262-FB25-4224-AE36-C2725A616E05}) (Version: 1.11 - Aerosoft)
aerosoft's - Faro X (HKLM-x32\...\{FA9455D9-4ABC-48CF-8FC6-4FDA30F6AACD}) (Version: 1.01 - aerosoft)
aerosoft's - German Airports 3 - 2012 (Berlin-Tegel FSX) (HKLM-x32\...\{3DAD565E-1275-4EE8-9568-932CB7B75FB8}) (Version: 1.02 - aerosoft)
Aerosoft's - Heraklion X (HKLM-x32\...\{0CA7BE0D-3DC3-4F04-B64D-9AA2041B76AB}) (Version: 1.00 - Aerosoft)
aerosoft's - Kos X (HKLM-x32\...\{F4B5B937-603F-41DA-AE24-2D188DAD98BE}) (Version: 1.00 - aerosoft)
aerosoft's - Madeira X (HKLM-x32\...\{17440258-DB48-49DE-8391-79900477490C}) (Version: 1.01 - aerosoft)
aerosoft's - Mallorca X for FSX (HKLM-x32\...\{07CC448E-4FFC-444F-999D-10F11AE559FB}) (Version: 1.01 - aerosoft)
Aerosoft's - Mega Airport London Heathrow Xtended - PREPAR3D V2.x (HKLM-x32\...\Mega Airport London Heathrow Xtended - PREPAR3D V2.x) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport London Heathrow Xtended Jetway patch - P3D (HKLM-x32\...\{B8F009E7-20FC-403F-9048-37EC1D7D3A20}) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport Oslo 2.0 - PREPAR3D V2.x (HKLM-x32\...\Mega Airport Oslo 2.0 - PREPAR3D V2.x) (Version: 1.06 - Aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1a5d2729-4a3b-4cd5-85c8-4896fd44b78d}) (Version: 1.21 - aerosoft)
Android Sync Manager WiFi (HKLM-x32\...\{13D946AF-DAD9-0200-0000-000000000000}) (Version: 11.10.2763 - Mobile Action)
ASConnect for P3D (HKLM-x32\...\{70C18CD2-D9F3-478D-994C-DCE39C84E19E}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - PopCap Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cloud9 Bergen FSX 1.0.2 (HKLM-x32\...\Cloud9 Bergen FSX_is1) (Version:  - )
CLOUD9 Orlando FSX 1.01 (HKLM-x32\...\{FED35768-B947-44EB-92CC-A17D24B8439A}) (Version: 1.01 - )
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EditVoicepack XL (HKLM-x32\...\{85e32286-236f-46b0-84f9-c8defd2d7595}) (Version: 5.0.80.0 - Bevelstone Production)
EditVoicepack XL (HKLM-x32\...\{D6250454-3B50-4036-B427-694EE47907BF}) (Version: 5.0.80.0 - Bevelstone Production) Hidden
Eiresim Shannon Ultimate FsX (HKLM-x32\...\Eiresim Shannon Ultimate FsXV1.0) (Version: V1.0 - Eiresim)
EKCH Copenhagen Airport, Kastrup X (HKLM-x32\...\{64863BEF-152F-4874-9195-0E608822F7B4}) (Version: 2.1 - Scansim)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FlightBeam Denver P3D v2.x (HKLM-x32\...\FlightBeam Denver P3D v2.x_is1) (Version: 1.1.2 - FlightBeam.)
FlightBeam Phoenix Sky Harbor FSX/P3D 1.1 (HKLM-x32\...\FlightBeam Phoenix Sky Harbor FSX/P3D_is1) (Version:  - )
FlightBeam San Francisco International FSX 2.0.1 (HKLM-x32\...\FlightBeam San Francisco International FSX 2.0.1_is1) (Version:  - )
FS2Crew: Aerosoft Airbus X Voice Control P3D V2 (HKLM-x32\...\FS2Crew: Aerosoft Airbus X Voice Control P3D V2) (Version:  - )
FS2Crew: PMDG 737 NGX Edition (HKLM-x32\...\FS2Crew: PMDG 737 NGX Edition) (Version:  - )
FS2Crew: PMDG 777 (HKLM-x32\...\FS2Crew: PMDG 777) (Version:  - )
FSDreamTeam Dallas/Fort Worth International P3D v2.x (HKLM-x32\...\FSDreamTeam Dallas/Fort Worth International P3D v2.x_is1) (Version: 2.1.7 - VIRTUALI Sagl)
FSDreamTeam Fort Lauderdale-Hollywood P3D v2.x (HKLM-x32\...\FSDreamTeam Fort Lauderdale-Hollywood P3D v2.x_is1) (Version: 1.5.4 - VIRTUALI Sagl)
FSDreamTeam Geneva P3D v2.x (HKLM-x32\...\FSDreamTeam Geneva P3D v2.x_is1) (Version: 1.6.5 - VIRTUALI Sagl)
FSDreamTeam GSX P3D v2.x (HKLM-x32\...\FSDreamTeam GSX P3D v2.x_is1) (Version: 1.9.0.9 - VIRTUALI Sagl)
FSDreamTeam Honolulu International P3D v2.x (HKLM-x32\...\FSDreamTeam Honolulu International P3D v2.x_is1) (Version: 1.4.4 - VIRTUALI Sagl)
FSDreamTeam KJFK V2 P3D v2.x (HKLM-x32\...\FSDreamTeam KJFK V2 P3D v2.x_is1) (Version: 2.3.4 - VIRTUALI Sagl)
FSDreamTeam Las Vegas McCarran P3D v2.x (HKLM-x32\...\FSDreamTeam Las Vegas McCarran P3D v2.x_is1) (Version: 1.3.4 - VIRTUALI Sagl)
FSDreamTeam Los Angeles International P3D v2.x (HKLM-x32\...\FSDreamTeam Los Angeles International P3D v2.x_is1) (Version: 1.5.4 - VIRTUALI Sagl)
FSDreamTeam OHareX P3D v2.x (HKLM-x32\...\FSDreamTeam OHareX P3D v2.x_is1) (Version: 2.3.7 - VIRTUALI Sagl)
FSDreamTeam Vancouver International P3D v2.x (HKLM-x32\...\FSDreamTeam Vancouver International P3D v2.x_is1) (Version: 1.4.1 - VIRTUALI Sagl)
FSDreamTeam ZurichX P3D v2.x (HKLM-x32\...\FSDreamTeam ZurichX P3D v2.x_is1) (Version: 2.6.0 - VIRTUALI Sagl)
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Intel Extreme Tuning Utility (HKLM-x32\...\{2E27A606-77E7-41B0-8C2A-11703585288D}) (Version: 5.1.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KATL Atlanta (HKLM-x32\...\IMAGINESIM_KATL_ATLANTA_is1) (Version: 1.0.0.0 - SimMarket)
Latin VFR MKJP FSX (HKLM-x32\...\LatinVFRMKJPFSX_is1) (Version:  - SimMarket)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Memory Cleaner 2.00 (HKLM-x32\...\MemClean) (Version: 2.00 - KoshyJohn.com)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microangelo On Display (x64) (HKLM\...\{344A17D9-DE25-4E77-B089-E7F0A0AF2AE7}) (Version: 7.0.3 - Impact Software)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: 1.0.20.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91E30409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Tool Web Package : EXCTRLST.EXE (HKLM-x32\...\{B0650E3D-FDCA-4908-B74B-0CC1731BDB93}) (Version: 1.00.0.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Migration Tool (HKLM-x32\...\{64cd40e2-6e5e-4732-8ed4-b4a5be475825}) (Version: 2.5.3.873 - Flightsim Estonia)
MK-Studios's - Bologna X - PREPAR3D V2.x (HKLM-x32\...\Bologna X - PREPAR3D V2.x) (Version: 1.01 - MK-Studios)
MRAI Install Wizard v1.23 (HKLM-x32\...\ST5UNST #1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Namaste Nepal - Tribhuvan International FSX (HKLM-x32\...\FSX_THAICREATION_TRIBHUVAN_INTL_FSX_is1) (Version: 1.0.0.0 - SimMarket)
Narita International Airport RJAA P3D (HKLM-x32\...\P3D_WCI_Narita_X_is1) (Version: 1.3.0.0 - SimMarket)
NaturalPoint USB Drivers x64 (HKLM\...\{B408139D-04D6-4464-A979-D335E48F7063}) (Version: 2.50.0000 - NaturalPoint)
Navigraph FMS Data Manager 1.1.2.0609 (HKLM-x32\...\{7E4D5716-374A-4DB6-90CF-D2AEB67362CE}_is1) (Version: 1.1.2.0609 - Navigraph)
Ninoy Aquino Intl. and Metro Manila (HKLM-x32\...\ISLANDSIM_NINOYAQUINOINTL_is1) (Version: 1.0.0.0 - PacSim)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overland - Incheon International Airport (RKSI) for FSX (HKLM-x32\...\{3B795D0B-3374-4612-BD4C-91EAF42FE6C3}) (Version: 1.00.0000 - Overland)
Phuket International Airport for FSX (HKLM-x32\...\PhuketIntFSX_is1) (Version: 1.0.0.0 - SimMarket)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.3 - Nikon)
PMDG 737 6700 NGX Expansion P3D (HKLM-x32\...\{51CE3C56-7069-4055-AC02-FDCA5A0C0D0C}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package P3D (HKLM-x32\...\{0EA92925-36E7-40CB-A714-118AB046099B}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 777-200LRF Base Package P3D (HKLM-x32\...\{C1CB0E26-CE1A-4789-8EEA-919C4CD491C1}) (Version: 1.10.6492 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion P3D (HKLM-x32\...\{BD6E3AEC-7746-494A-B055-75D6D56A82BB}) (Version: 1.10.6492 - PMDG Simulations, LLC.)
PrecipitFX (HKCU\...\17624893d0b25543) (Version: 1.3.0.14 - OldProp Solutions Inc)
Prepar3D v2 Academic (HKLM-x32\...\{92B3FF8A-3C33-4EFC-850D-CF29E54292D9}) (Version: 2.5.12945.0 - Lockheed Martin)
Prepar3D v2 Academic Bundle (HKLM-x32\...\{1363c778-75c0-4d35-b16f-88771f30c8f3}) (Version: 2.5.12945.0 - Lockheed Martin) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RAAS Professional by FS2Crew (UNLOCKED) P3D V2 (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED) P3D V2) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
REX 4 - Texture Direct - SP 1 - Hotfix 1 (HKLM-x32\...\{37032EB5-976B-49E4-BC50-262866A89BD3}) (Version: 4.1.2014.0128 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP 1 (HKLM-x32\...\{7610620C-AB71-4082-BE6D-B179779548A8}) (Version: 4.1.2014.0122 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP 2 (HKLM-x32\...\{E7A178A4-7F04-4BDE-90AD-C97AED984854}) (Version: 4.2.2014.0520 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP 3 (HKLM-x32\...\{DB0D6CE6-4F66-45DA-9F8F-9086AFB4A91A}) (Version: 4.3.2014.0812 - REX Game Studios, LLC.)
REX 4 - Texture Direct - Texture Update 1 (HKLM-x32\...\{B4DDC9F8-FB6C-4EBF-9CF7-68DD8B75D5F5}) (Version: 4.3.2014.0814 - REX Game Studios, LLC.)
REX 4 - Texture Direct - Texture Update 2 (HKLM-x32\...\{63C010AD-9B2A-4909-A31D-69AFF03F94D2}) (Version: 4.3.2014.1210 - REX Game Studios, LLC.)
REX 4 - Texture Direct (HKLM-x32\...\{CACCC25C-70B5-4FD1-AF01-10D11B87DED8}) (Version: 4.0.2013.1215 - REX Game Studios, LLC.)
REX Auto Update (HKLM-x32\...\{B87DCE07-E7DC-4148-B1C8-8B4FAF4BD72E}) (Version: 1.0.2014.0603 - REX Game Studios, LLC.) Hidden
REX Auto Update (HKLM-x32\...\REX Auto Update 1.0.2014.0603) (Version: 1.0.2014.0603 - REX Game Studios, LLC.)
REX Soft Clouds (HKLM-x32\...\{6C960DDC-7B1C-4E42-8139-A346E75597B1}) (Version: 4.0.2014.1223 - REX Game Studios, LLC.)
REX Soft Clouds SP1 (HKLM-x32\...\{86DDAD4F-C4C8-4B7E-A20B-517A8F1375BC}) (Version: 4.1.2015.0109 - REX Game Studios, LLC.)
Samsung New PC Studio (HKLM-x32\...\{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SceneryConfigEditor v1.1.2 (remove only) (HKLM-x32\...\SceneryConfigEditor) (Version:  - )
Shade (HKLM-x32\...\Shade_is1) (Version:  - SimMarket)
SKBO - Bogota for FSX/P3D (HKCU\...\SKBO - Bogota for FSX/P3D) (Version:  - )
SKBO - Bogota update CVX for FSX (HKCU\...\SKBO - Bogota update CVX for FSX) (Version:  - )
SkyHighSim Belgrade X v2 (HKLM-x32\...\{DB73E16C-D2DE-4B73-A775-0511A1C63632}) (Version: 2.02.0000 - SkyHighSim)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SSD Tweaker version 3.5.2 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.5.2 - Elpamsoft.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.11.1 (HKLM-x32\...\Stellarium_is1) (Version:  - )
T2G - Seattle Tacoma Intl Airport (HKLM-x32\...\KSEA_T2G_FSX_is1) (Version: 1.0.0.0 - SimMarket)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2009 - Thrustmaster)
TrackIR 5 (HKLM-x32\...\{2f2e6053-043c-4d69-94d0-4d42304ea4ee}) (Version: 5.2.0200 - NaturalPoint)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.1.3 - Tweaking.com)
UK2000 Gatwick Xtreme FSX  (HKLM-x32\...\UK2000 Gatwick Xtreme FSX) (Version: 3.00 - UK2000 Scenery)
UK2000 Luton Xtreme FSX  (HKLM-x32\...\UK2000 Luton Xtreme FSX) (Version: 1.05 - UK2000 Scenery)
UK2000 Manchester Xtreme FSX  (HKLM-x32\...\UK2000 Manchester Xtreme FSX) (Version: 1.51 - UK2000 Scenery)
UK2000 Stansted Xtreme FSX  (HKLM-x32\...\UK2000 Stansted Xtreme FSX) (Version: 3.31 - UK2000 Scenery)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VIRTUALI Addon ManagerX P3D v2.x (HKLM-x32\...\VIRTUALI Addon ManagerX P3D v2.x_is1) (Version: 3.0.0.3 - VIRTUALI Sagl)
VTBS FSX (HKLM-x32\...\FSX_ARMI_VTBS_FSX_is1) (Version: 2.0.0.0 - SimMarket)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
WSSS Singapore 2010 P3DV2 (HKLM-x32\...\{3775EDF8-ABBB-4F5E-8565-AFFF342B31F4}) (Version: 1.0.0 - Imagine Simulation)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 10%
Total physical RAM: 16338.94 MB
Available physical RAM: 14574.43 MB
Total Pagefile: 32676.08 MB
Available Pagefile: 30811.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:292.63 GB) (Free:82.74 GB) NTFS
2 Drive d: () (Fixed) (Total:154.16 GB) (Free:54.95 GB) NTFS

========================= Users: ========================================

User accounts for \\CRAWLEYFAMILY

Administrator            Crawley Familey          Guest                   

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

14-06-2015 20:01:36 Windows Update
18-06-2015 15:38:37 Windows Update
19-06-2015 10:18:30 Uninstall
19-06-2015 10:52:53 avast! antivirus system restore point
19-06-2015 16:53:58 avast! antivirus system restore point
20-06-2015 22:58:54 Empty Folders
21-06-2015 21:25:04 Restore Point before Corrupt Patch Registry keys
21-06-2015 21:25:19 Restore Point before Samsung New PC Studio was removed using Program Install and Uninstall troubleshooter
21-06-2015 21:25:31  Samsung New PC Studio
26-06-2015 20:07:27 Installed Windows 7 Upgrade Advisor
26-06-2015 20:09:59 Removed Windows 7 Upgrade Advisor

**** End of log ****

 

Eset Scanner

 

 

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-05 10:32:52
# local_time=2015-06-05 11:32:52 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24185
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-05 10:33:20
# local_time=2015-06-05 11:33:20 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# engine=24185
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-06-05 11:25:23
# local_time=2015-06-05 12:25:23 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1984767 56480317 0 0
# scanned=454530
# found=0
# cleaned=0
# scan_time=3121
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-07 09:25:25
# local_time=2015-06-07 10:25:25 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24209
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-07 09:25:50
# local_time=2015-06-07 10:25:50 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=restart
# utc_time=2015-06-07 09:27:13
# local_time=2015-06-07 10:27:13 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2150477 56646027 0 0
# scanned=2827
# found=0
# cleaned=0
# scan_time=83
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-07 09:27:28
# local_time=2015-06-07 10:27:28 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24209
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-07 09:27:38
# local_time=2015-06-07 10:27:38 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# engine=24209
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-06-07 10:16:28
# local_time=2015-06-07 11:16:28 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2153432 56648982 0 0
# scanned=440618
# found=0
# cleaned=0
# scan_time=2929
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-27 10:31:26
# local_time=2015-06-27 11:31:26 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24530
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-27 10:32:27
# local_time=2015-06-27 11:32:27 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# engine=24530
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-06-27 11:05:34
# local_time=2015-06-27 12:05:34 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 669904 670311 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1904449 187868184 0 0
# scanned=442404
# found=7
# cleaned=7
# scan_time=1987
sh=EE2D8A0C16CB4F60E07AD30BC8F4AF2D25E4FF62 ft=1 fh=c2a60ef126908cf5 vn="a variant of Win32/Systweak.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe"
sh=24A108C48173FDD9962F7CC3D4DB4B852D864838 ft=1 fh=0501d0dc4c9a869f vn="a variant of Win32/Systweak.N potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll"
sh=915239C2678EFCE5C2E45012595BEA0C050864B4 ft=1 fh=9ca6c4d86ffea4d8 vn="a variant of Win32/Systweak.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe"
sh=67A75BAA7A5BBB2EEEBB99D490F00F82D0BB1E09 ft=1 fh=5d5a0ac2ab2c0a85 vn="a variant of Win32/Systweak potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe"
sh=2C09414F7BCF16F3C9A358B5CCD4492EF7EEF08E ft=1 fh=5545a1a02bc092d6 vn="a variant of Win32/Systweak.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe"
sh=322DCE4CCA5EB266FFEDD900C6D628769AD18300 ft=1 fh=b3d66e50f9e4f6b1 vn="a variant of Win32/Systweak.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe"
sh=AD29E22A7805075030F9CD182B623B43A13D1B83 ft=1 fh=18ac8270d747e1a9 vn="a variant of Win32/InstallCore.ZH potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Crawley Familey\Downloads\winzip19-cnet.exe"
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 08:19:49
# local_time=2015-06-30 09:19:49 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24566
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-30 08:20:23
# local_time=2015-06-30 09:20:23 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# engine=24566
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-06-30 09:13:50
# local_time=2015-06-30 10:13:50 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 922400 922807 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2156945 188120680 0 0
# scanned=133259
# found=5
# cleaned=0
# scan_time=3206
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application" ac=I fn="C:\Users\Crawley Familey\AppData\Roaming\CFBEDSDX"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application" ac=I fn="C:\Users\Crawley Familey\AppData\Roaming\SM"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application" ac=I fn="C:\Users\Crawley Familey\Application Data\CFBEDSDX"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application" ac=I fn="C:\Users\Crawley Familey\Application Data\SM"
sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Crawley Familey\Downloads\ccsetup507.exe"
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 05:10:05
# local_time=2015-06-30 06:10:05 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24575
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-30 05:10:34
# local_time=2015-06-30 06:10:34 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=restart
# utc_time=2015-06-30 05:17:20
# local_time=2015-06-30 06:17:20 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 951410 951817 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2185955 188149690 0 0
# scanned=83403
# found=1
# cleaned=0
# scan_time=405
sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Crawley Familey\Downloads\ccsetup507.exe"
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 05:17:26
# local_time=2015-06-30 06:17:26 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 05:18:04
# local_time=2015-06-30 06:18:04 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24575
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-30 05:18:14
# local_time=2015-06-30 06:18:14 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=restart
# utc_time=2015-06-30 05:18:54
# local_time=2015-06-30 06:18:54 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 951504 951911 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2186049 188149784 0 0
# scanned=2929
# found=0
# cleaned=0
# scan_time=39
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 05:18:57
# local_time=2015-06-30 06:18:57 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 05:19:03
# local_time=2015-06-30 06:19:03 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24575
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-30 05:19:36
# local_time=2015-06-30 06:19:36 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=restart
# utc_time=2015-06-30 05:20:11
# local_time=2015-06-30 06:20:11 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 951581 951988 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2186126 188149861 0 0
# scanned=2857
# found=0
# cleaned=0
# scan_time=34
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 05:22:18
# local_time=2015-06-30 06:22:18 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24575
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-30 05:25:23
# local_time=2015-06-30 06:25:23 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# engine=24575
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-06-30 06:12:10
# local_time=2015-06-30 07:12:10 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 954700 955107 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2189245 188152980 0 0
# scanned=440945
# found=1
# cleaned=1
# scan_time=2806
sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Crawley Familey\Downloads\ccsetup507.exe"
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=init
# utc_time=2015-06-30 06:17:06
# local_time=2015-06-30 07:17:06 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24575
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# end=updated
# utc_time=2015-06-30 06:17:21
# local_time=2015-06-30 07:17:21 (+0000, GMT Daylight Time)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ae2c56ebfe8dc446a7e0582b6cffffb2
# engine=24575
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-06-30 08:34:14
# local_time=2015-06-30 09:34:14 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 963224 963631 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2197769 188161504 0 0
# scanned=446523
# found=4
# cleaned=2
# scan_time=8212
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application" ac=I fn="C:\Users\Crawley Familey\Application Data\CFBEDSDX"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application" ac=I fn="C:\Users\Crawley Familey\Application Data\SM"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Crawley Familey\AppData\Roaming\CFBEDSDX"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Crawley Familey\AppData\Roaming\SM"

 

AdwCleaner

 

 

# AdwCleaner v4.207 - Logfile created 01/07/2015 at 08:51:00
# Updated 21/06/2015 by Xplode
# Database : 2015-06-29.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Crawley Familey - CRAWLEYFAMILY
# Running from : C:\Users\Crawley Familey\Downloads\adwcleaner_4.207.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\simplitec
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\Program Files (x86)\eSupport.com
Folder Deleted : C:\Program Files (x86)\Fighters
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters
Folder Deleted : C:\Users\Crawley Familey\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Crawley Familey\AppData\Roaming\DesktopIconForAmazon
Folder Deleted : C:\Users\Crawley Familey\AppData\Roaming\simplitec
Folder Deleted : C:\Users\Crawley Familey\AppData\Roaming\Fighters

***** [ Scheduled tasks ] *****

Task Deleted : QtraxPlayer

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\qtrax
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840

*************************

AdwCleaner[R0].txt - [2129 bytes] - [01/07/2015 08:49:27]
AdwCleaner[R1].txt - [2188 bytes] - [01/07/2015 08:50:08]
AdwCleaner[S0].txt - [1936 bytes] - [01/07/2015 08:51:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1995  bytes] ##########

 

JRT

 

 

 

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.5 (07.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Crawley Familey on 01/07/2015 at  8:54:08.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\esellerate
Successfully deleted: [Folder] C:\Users\Crawley Familey\appdata\local\slimware utilities inc
Successfully deleted: [Folder] C:\Users\Crawley Familey\AppData\Roaming\getrighttogo
Successfully deleted: [Folder] C:\Users\Crawley Familey\documents\add-in express
Successfully deleted: [Folder] C:\users\public\documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/07/2015 at  8:55:30.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

I hope that I have posted this correctly. I took out all the date/times from JRT since the post was too long.

 

Thanks

 

Andrew



#4 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:29 AM

Posted 01 July 2015 - 05:53 AM

Hello,

 

Can you try some other browser, to see if problem persists.

Do you have BSOD problems? Some problems with MBAM?

 

----

 

Run MBAM again:

 

§  On the Dashboard, click the 'Update Now >>' link.

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the Scan Now >> button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.

 

§  After the restart once you are back at your desktop, open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log which shows the Date and time of the scan just performed.

§  Click 'Export'.

§  Click 'Copy to Clipboard'

§  Paste the contents of the clipboard into your reply.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#5 acra24

acra24
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 01 July 2015 - 10:47 AM

Hi,

 

Mbam used as instructed and here is the log file. It didn't seem to find anything.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 01/07/2015
Scan Time: 15:32
Logfile: Mbam.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.07.01.03
Rootkit Database: v2015.06.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Crawley Familey

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 432142
Time Elapsed: 4 min, 50 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

I downloaded and installed Chrome and made it my default browser.  Initially it worked fine but after a restart it seems worse than IE11.  If I start to type anything into a text box it momentarily seems to go off and on again and the text is missing.  If I hit enter or go to another webpage after that the tab flashes on and off but doesn't go anywhere, the page is empty. If I then reduce the size of the browser and click on the desktop the icons begin to flash on and off too. Oddly the browser then goes back to the original page I was on but if I click on the browser it starts flashing again and the page is empty. :smash:

 

I have noticed that on some websites that I visit a slide bar appears somewhere on the page that was not there before, in the oddest of places, and obviously shouldn't be there. I have taken a screen shot of one example. How can I upload that here?

 

I'm beginning to think I've messed something crucial up. Some months ago I used the tool Take Ownership to take control of my folders, could that have caused this? 

 

Thanks

 

Andrew



#6 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:29 AM

Posted 01 July 2015 - 11:04 AM

Please, upload photo over this link: https://www.sendspace.com/


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#7 acra24

acra24
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 01 July 2015 - 12:42 PM

Hi.

 

If I've done it right, here is the link.

 

Andrew

https://www.sendspace.com/file/e0g6o6


Edited by acra24, 01 July 2015 - 12:44 PM.


#8 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:29 AM

Posted 01 July 2015 - 12:47 PM

Ok. I opened. I will post you soon. 


Edited by severac, 01 July 2015 - 12:48 PM.

I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#9 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:29 AM

Posted 01 July 2015 - 12:55 PM

That is strange, when I open that site at the same page, instead of sidebar is Facebook like page. 

 

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Edited by severac, 01 July 2015 - 12:55 PM.

I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#10 acra24

acra24
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 01 July 2015 - 01:08 PM

Hi again.

 

Here is that text file; For your info I tried booting up into Safe Mode and running IE11 from there.  It was just as bad in safe mode.

 

Andrew

 

Farbar Service Scanner Version: 17-01-2015
Ran by Crawley Familey (administrator) on 01-07-2015 at 19:06:24
Running from "C:\Users\Crawley Familey\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****



#11 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:29 AM

Posted 01 July 2015 - 02:30 PM

:smash:  I don't know what to say to you. According to logs there is no malware here, services are OK. 

 

I can't tell what can cause the problem with starting apps with single click and double click. 

 

I would like to hear third opinion. I don't know what to do next.

It seems that the IE is the main problem, but not the only.

 

Until somebody join here, you can use the System File Checker tool to repair missing or corrupted system files if any.

 

Let me know the results. 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#12 acra24

acra24
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 01 July 2015 - 05:20 PM

Hi

 

I ran the scan and it reported some corrupt files but could not fix them all.  I have attached the log here.

 

https://www.sendspace.com/file/p03bsa

 

Thanks again.  Now I'm worried I'm looking at a complete Format C: and reinstall. Which is difficult since I don't have a W7 disc because I bought it preinstalled.

 

Andrew  



#13 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:12:29 AM

Posted 01 July 2015 - 05:40 PM

Do not reinstall until somebody else try to help you. 

 

Maybe you should post in Windows 7 part of this forum.

 

Also, I see some Tweaking.com tool, but I haven't use it, so I can't tell you if is it safe for you to use it! 

 

You can look at this post: http://www.bleepingcomputer.com/forums/t/580138/computer-runs-slow-1-3-second-lag-spikes-typinggaminganything/?p=3747624

 

But I don't recommend you to use it, until somebody else give you a green light, since it do a registry fix and many other things. 


Edited by severac, 01 July 2015 - 05:41 PM.

I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#14 acra24

acra24
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 02 July 2015 - 02:53 AM

Well, thanks for your help.  You have certainly moved me along a considerable distance. I will repost in the W7 forum to see if anyone has any further help.

 

Best regards

 

Andrew


Edited by acra24, 02 July 2015 - 03:56 AM.


#15 acra24

acra24
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 02 July 2015 - 03:34 AM

Hi again,

 

I have noticed another symptom of the problem that may shed light on it.  Whenever this occurs and the desktop icons are flickering plus IE11 is misbehaving, in Task Manager the CPU use is going up and down between 2-20% very rapidly, in time with the flickering icons. Sometimes restarting explorer helps other times a restart is required.  Does this help at all?  I have also noticed that there are about 14 instances of  svchost running in Processes.  Is that normal?

 

Andrew


Edited by acra24, 02 July 2015 - 03:57 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users