Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Remove Malware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Remove Malware

Unread postby weeel » December 4th, 2015, 4:00 am

Hello

I beleive my computer is infected with malware I need help remving it

I hope i have posted this correct

AND THIS THE OTHER TEXT FILE

ÿþR#k#i#l#l# #2#.#8#.#2# #b#y# #L#a#w#r#e#n#c#e# #A#b#r#a#m#s# #(#G#r#i#n#l#e#r#)#

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-11-2015
Ran by weeel (2015-11-21 17:21:28)
Running from C:\Users\weeel\Desktop
Windows 10 Home (X64) (2015-08-01 02:54:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3622977173-2670285063-1210919453-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3622977173-2670285063-1210919453-503 - Limited - Disabled)
Guest (S-1-5-21-3622977173-2670285063-1210919453-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3622977173-2670285063-1210919453-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3622977173-2670285063-1210919453-1005 - Limited - Enabled)
weeel (S-1-5-21-3622977173-2670285063-1210919453-1002 - Administrator - Enabled) => C:\Users\weeel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.0.0.1058 - 360 Security Center)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Chromodo (HKLM-x32\...\Chromodo) (Version: 45.7.11.387 - Comodo)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
Coherence Coach (HKLM-x32\...\Coherence Coach1.2) (Version: 1.2 - HeartMath Inc.)
ConverterLite 1.6.7.0 (HKLM-x32\...\ConverterLite) (Version: 1.6.7.0 - ConverterLite)
Coupon Server (HKLM-x32\...\35852_Coupon Server) (Version: 1.1 - Smart Apps) <==== ATTENTION
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3603 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
f.lux (HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\...\Flux) (Version: - )
GoToMeeting 7.5.1.3911 (HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\...\GoToMeeting) (Version: 7.5.1.3911 - CitrixOnline)
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{0FEE0C28-850D-4AC0-92E7-57D214134102}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mediatek Bluetooth (HKLM\...\{66D292E3-6228-3AF1-EDED-6D53C63DBCB7}) (Version: 11.0.748.2 - Mediatek)
Metatron Technology Product Manager (HKLM-x32\...\MetatronTechnologyProductManager.317ED9C8436CBF519F687E899338C0D9D0D34851.1) (Version: 2010.08.05 - Global Coherence Technologies, LLC)
Metatron Technology Product Manager (x32 Version: 255.08.05 - Global Coherence Technologies, LLC) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Nero12EssTSST (HKLM-x32\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Seagate Media Software (HKLM-x32\...\InstallShield_{56EC58EF-F243-4313-9F4E-E00A054A321E}) (Version: 2.01.0412 - Seagate)
Seagate Media Software (x32 Version: 2.01.0412 - Seagate) Hidden
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C2500}) (Version: 12.37.0.349 - APN, LLC) <==== ATTENTION
Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.13898 - Aztec Media Inc) <==== ATTENTION
Shopping App by Ask (HKLM-x32\...\{4F524A2D-5354-2D53-5045-A758B70C2300}) (Version: 12.35.0.285 - APN, LLC)
Skypeâ„¢ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
The Sea App (Firefox) (HKLM-x32\...\The Sea App FF) (Version: - Growth Systems, LLC) <==== ATTENTION
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebSparkle 1.0.0 (HKLM\...\WebSparkle) (Version: 1.0.0 - WebSparkle) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3622977173-2670285063-1210919453-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\weeel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3622977173-2670285063-1210919453-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3622977173-2670285063-1210919453-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\weeel\AppData\Local\Citrix\GoToMeeting\3499\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points =========================

09-11-2015 21:20:36 Installed OpenOffice 4.1.2
14-11-2015 19:30:36 Windows Update
14-11-2015 19:34:04 Windows Update
17-11-2015 20:19:05 Windows Update
20-11-2015 21:33:50 Removed COMODO Antivirus

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-23 02:25 - 2013-08-23 02:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05758BBC-E94A-4C0B-A42B-28A8799EC3B6} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {0BB0973A-432E-4A65-B5BE-7166928D62A6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0D64619D-5930-4ED8-8990-5E22311BE3CA} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {1BC95E31-806D-4627-B8A2-F0AF03AEE0FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1C92933E-9B9D-407E-A474-2AB20C6B994F} - System32\Tasks\{89F3D189-2125-429C-A626-D4B0C9F06393} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {39318EB3-D9EE-47C1-A4F8-970BA3D59063} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {428D4BD3-4161-4C94-AA6A-B1E2BFEE8BBE} - System32\Tasks\G2MUploadTask-S-1-5-21-3622977173-2670285063-1210919453-1002 => C:\Users\weeel\AppData\Local\Citrix\GoToMeeting\3911\g2mupload.exe [2015-11-20] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {43816D69-4AB6-42F0-B156-81B00D2DC8FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4B057E9F-A709-4FD0-B180-F27E0C269247} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4B266224-FCC3-4BC8-AB1E-DE81A98423AF} - System32\Tasks\{2B2D672E-CFF8-4E5E-9096-B4F2F38509E8} => pcalua.exe -a C:\Users\weeel\Downloads\Setup.Exe -d C:\Users\weeel\Downloads
Task: {59170A6D-D40E-4592-97B3-6A8A3139ED9C} - System32\Tasks\HPCeeScheduleForweeel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {5D0194E8-EB3C-403E-9997-6093DE9A4E25} - System32\Tasks\G2MUpdateTask-S-1-5-21-3622977173-2670285063-1210919453-1002 => C:\Users\weeel\AppData\Local\Citrix\GoToMeeting\3911\g2mupdate.exe [2015-11-20] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {68A7BB5A-FD50-44F7-A92E-18FF5A226C68} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {77358C31-43F4-4183-A0A9-2FB0BBCA2AAD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-09-05] (Synaptics Incorporated)
Task: {79478B9B-8BA1-4649-82E6-0F2482AD35A7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7DD0330B-8521-4A63-B784-D01A4491BA5D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8CA43EFB-8051-4B24-ADED-F99A16BF738D} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-06] (Hewlett-Packard Development Company, L.P.)
Task: {966BC5FB-B16E-44BE-9F1E-1240A53C564E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-18] (Microsoft Corporation)
Task: {9744FBED-C12E-403B-9397-40DC0D663BF0} - System32\Tasks\{80A730D1-5DFE-4152-B5BF-08ACCF6B4552} => Firefox.exe hxxp://www.skype.com/go/downloading?sou ... astError=2
Task: {AA362543-BB14-47EE-A07B-510A21BA65C5} - System32\Tasks\{2B4E485A-F7C1-48E2-8DD2-0DF44A717715} => Firefox.exe hxxp://www.skype.com/go/downloading?sou ... astError=2
Task: {AC552A8C-939E-4980-A710-9D78BBE39DB8} - System32\Tasks\{E33410C1-572E-4BBD-9B37-F8802D19D3CC} => Firefox.exe hxxp://www.skype.com/go/downloading?sou ... astError=2
Task: {C295905E-0242-4735-BB19-B0C491C7AB72} - System32\Tasks\{B533C221-71A6-4388-8B32-5A39403A06C7} => Firefox.exe hxxp://www.skype.com/go/downloading?sou ... astError=2
Task: {CAB4698B-985B-44B5-A69F-A5FE10C55DC6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CFCC6E5E-8397-433C-B780-0BBF9A5E40F6} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2013-12-03] (CyberLink Corp.)
Task: {D2CB0712-778B-4FCF-B480-E4526CA2979C} - System32\Tasks\{90FFA3E8-08ED-4F62-AAFA-26BDAC6DB55F} => pcalua.exe -a "C:\Users\weeel\Desktop\kaiser baas\Driver\X86\SetDrvXP.exe" -d "C:\Users\weeel\Desktop\kaiser baas\Driver\X86"
Task: {DEAE463F-3000-410C-8428-6278EE2CB286} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E411785B-F7C0-4FD1-8221-254DCD76A7F3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F44F7540-083E-4236-8A43-9C77331CC5AF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FDFC9D2A-D3A6-4EC3-B54B-84780736B16B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3622977173-2670285063-1210919453-1002.job => C:\Users\weeel\AppData\Local\Citrix\GoToMeeting\3911\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3622977173-2670285063-1210919453-1002.job => C:\Users\weeel\AppData\Local\Citrix\GoToMeeting\3911\g2mupload.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForweeel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-02 11:00 - 2015-08-02 11:00 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-01 15:13 - 2015-07-23 14:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 21:41 - 2015-08-11 22:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-02-14 06:35 - 2013-02-14 06:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-14 06:35 - 2013-02-14 06:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-03-20 10:21 - 2013-03-20 10:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2015-10-01 18:10 - 2015-09-17 19:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:10 - 2015-09-17 19:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-02-08 05:19 - 2013-02-08 05:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2015-10-01 18:09 - 2015-09-17 18:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Users\weeel\Desktop\DrRitamarie-HappyBellyRecipes.pdf:$CmdZnID
AlternateDataStreams: C:\Users\weeel\Downloads\360TS_Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\weeel\Downloads\360TS_Setup_Mini_OG_DS_SPDA.exe:$CmdTcID
AlternateDataStreams: C:\Users\weeel\Downloads\360TS_Setup_Mini_OG_DS_SPDA.exe:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\...\hola.org -> hxxp://hola.org

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\weeel\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\...\StartupApproved\Run: => "NukeMetro"
HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\...\StartupApproved\Run: => "ViStart"
HKU\S-1-5-21-3622977173-2670285063-1210919453-1002\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B3FBCAD2-C2A7-4C3B-B3CA-5FB1857D6B9B}] => (Allow) LPort=8888
FirewallRules: [UDP Query User{E656864C-0C64-4EBF-8960-4B98DBBFBC2E}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [TCP Query User{3C04C645-FB71-4F83-8E0A-FDDDA87F2DF8}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{2DF58558-30AD-43D7-85DB-A9B373A1E4B0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F84D8FB6-8DBA-414F-87A0-ACDFA7AC7CE7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{EBD076E8-943F-4A79-B90A-6E6E661EC0C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E603A5A7-D703-4D22-8274-D2108AE4AB96}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD4D7E62-0DF5-417D-A55B-EF7C72765910}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{AFE62668-AF51-4465-B8FA-766FE1377BA7}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [UDP Query User{B3F4EDC3-997A-49E9-BBDF-30101710A7FD}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
FirewallRules: [TCP Query User{99B39997-A3AE-49AD-BCF3-D4CD4EB30D53}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
FirewallRules: [UDP Query User{B22F15E0-7C10-410D-A74D-DA8EA6BC51C4}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
FirewallRules: [TCP Query User{DD3B0D49-3C30-4DDA-BDDB-682049C3BDA7}C:\program files (x86)\virtualdj\virtualdj_pro.exe] => (Allow) C:\program files (x86)\virtualdj\virtualdj_pro.exe
FirewallRules: [{185CA154-1F50-4660-B180-7B4159C29C2A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A49EF439-8723-46B4-8074-2B43A436714A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{6316CD20-3CB4-4C6B-8B7C-88EFE7F595A3}C:\users\weeel\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\weeel\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{0CC167FE-9929-42E8-B66E-9D371815F773}C:\users\weeel\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\weeel\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{13C833BC-F1C1-4576-A98A-50A5B28BB8B7}C:\users\weeel\appdata\roaming\mozilla\firefox\profiles\l7cg8hvw.default-1382944321897\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\weeel\appdata\roaming\mozilla\firefox\profiles\l7cg8hvw.default-1382944321897\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [TCP Query User{2B38F5FE-3314-4F19-A004-7EA873FD4DEE}C:\users\weeel\appdata\roaming\mozilla\firefox\profiles\l7cg8hvw.default-1382944321897\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\weeel\appdata\roaming\mozilla\firefox\profiles\l7cg8hvw.default-1382944321897\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [UDP Query User{CDE5C162-D04F-4DEE-A8E9-801FDC3AC164}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{CDA380CD-6E99-4ADC-A81B-F22C038B65E8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5CC5D547-29FE-44C3-A946-5B6DD13FB862}C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [TCP Query User{7A2F2887-55E9-4C93-8B73-6EAF3AE4EBF0}C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{02BAB6A2-515C-4994-84F9-B418CAB3E936}C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [TCP Query User{2AF0C636-ACAA-4B6D-AD8B-319103CA1821}C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe] => (Block) C:\users\weeel\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{7054655E-AF0D-4E36-8777-EDB67FE53085}] => (Allow) LPort=1900
FirewallRules: [{A5925BA4-8A28-4082-A56D-2FCFACEF6BA6}] => (Allow) LPort=2869
FirewallRules: [{6CEA50B2-5861-4037-A736-53548E1D4791}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{8146BEF4-E7A3-4E30-B8B3-305DE684917C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{0B5EB0D7-0387-4329-B605-8FDDD2B34F3E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FD9B748C-C171-4A75-B316-58992FFAD6FA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{38E52649-9A2B-4D27-A846-6E10998BC05E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{42488893-D2B0-44FF-98EF-6159CA555B77}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0D73FFB3-7A08-4AEA-B8C1-5AD9573B4F5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A3FE1970-65FE-4126-900C-6BED4AE7116B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D6D028C0-22B3-4946-95CC-3E14D444B030}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E26A523-9EFE-4B00-A5A9-520644CFEF53}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{12A09A05-1AAF-45AB-9549-3B90BEBF5037}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D509CE27-B568-44DE-9D76-9CCC7B883911}] => (Allow) C:\Users\weeel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AC9361BF-5560-4533-AE75-B9D0402048E5}] => (Allow) C:\Users\weeel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3FB2C226-904E-4DD5-B604-D143E850E257}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{12AA5D5A-BE2F-4005-B636-750542580D90}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2D62440A-233C-4C0C-8555-B58C24768415}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{300401E2-FD6A-41DC-85E7-2BFD21F716BE}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{C84BC851-3BC1-4A23-96C5-2983DBB5A13A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F97E422F-F6E5-4A17-8F88-B3489D774B1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E521EB4D-7143-4689-BD23-B5B12BB790BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7700628-F0F0-496D-931F-9C681F66DDF2}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{2FEA1AC8-397C-42CA-9C5B-5FB6A864999A}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{CD0F8951-4AF4-49C9-8700-F457589EB2E4}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{2004AF79-C6D2-4404-A3E5-863649492613}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/21/2015 05:21:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:20:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:20:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:19:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:19:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:18:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:17:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:16:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:15:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2015 05:15:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lampo)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (11/21/2015 05:21:20 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:20:48 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:20:17 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:19:37 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:19:03 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:18:29 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:17:04 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:16:25 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:15:46 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable

Error: (11/21/2015 05:15:08 PM) (Source: DCOM) (EventID: 10001) (User: Lampo)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca2CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaUnavailableUnavailable


CodeIntegrity:
===================================
Date: 2015-11-21 07:46:41.164
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-20 21:38:20.319
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-20 21:33:46.033
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 21:10:38.940
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 20:11:32.573
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-19 19:42:30.267
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-18 20:52:17.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-18 20:15:28.583
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-18 18:46:53.247
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-18 17:46:46.018
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 24%
Total physical RAM: 8081.27 MB
Available physical RAM: 6117.68 MB
Total Virtual: 9361.27 MB
Available Virtual: 7148.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:696.67 GB) (Free:533.74 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt ============================
weeel
Active Member
 
Posts: 4
Joined: November 20th, 2015, 9:57 pm
Advertisement
Register to Remove

Re: Remove Malware

Unread postby Cypher » December 5th, 2015, 12:05 pm

Incomplete Log

By posting an incomplete set of FRST logs it is likely that your topic will be passed by and you will not receive the help you're looking for.
We need to know what's running on your computer so that we can provide the appropriate instructions

May I draw your attention to THIS topic, which you should have read, that states what we need you to post, so we can help you.
If you still need help, please start a new thread an include your full FRST logs:
  • FRST.txt.
  • Addition.txt.
  • Details of the problems you're experiencing.
If for any reason you can't run FRST, please let us know in your post, and see this section here that explains what you should do when you can not run FRST..


This topic will now be closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 67 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware