We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

A virus and trojan?

Options
17810121333

Comments

  • tavernman
    tavernman Posts: 575 Forumite
    aaroncaz wrote: »
    says my request has been blocked.
    Lets try changing the txt file first then
    open FRST.txt with notepad and press edit
    > replace and then replace all http to xttp , and then change all system32 to mystem32, then select all and select all then ctrl(key) and C then ctrl key and p on your post here let's hope that works, failing that we will need another option
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    says cannot find http,
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015 01
    Ran by Aaroncaz at 2015-01-18 20:01:26
    Running from C:\Users\Aaroncaz\AppData\Local\Microsoft\Windows\INetCache\IE\PQ1Q4ZJC
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    ==================== Installed Programs ======================
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C5D8EEB2-EDBC-4375-829D-BE50547C8890}) (Version: 1.3 - Eyeo GmbH)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
    ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
    ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.6.112 - ASUS Cloud Corporation)
    ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
    ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
    Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
    Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 35.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-GB)) (Version: 35.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
    NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
    PlayMemories Home (HKLM-x32\...\{6F26A633-ACC2-4850-82C5-60A06D606175}) (Version: 3.1.20.06241 - Sony Corporation)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27024 - Realtek Semiconductor Corp.)
    RoboForm 7-9-11-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-11-5 - Siber Systems)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
    Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
    Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
    ==================== Custom CLSID (selected items): ==========================
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    ==================== Restore Points =========================
    28-12-2014 18:21:02 Scheduled Checkpoint
    06-01-2015 09:09:59 Scheduled Checkpoint
    13-01-2015 11:20:45 Installed Rapport
    16-01-2015 19:52:57 Restore Operation
    17-01-2015 20:18:44 avast! antivirus system restore point
    ==================== Hosts content: ==========================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    ==================== Scheduled Tasks (whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
    Task: {008EA6D8-4374-44DA-9EA9-ECCA2583344F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-04] (ASUS)
    Task: {30D29F37-7CB1-4EAE-8F81-90747235D748} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
    Task: {321F19E7-E90D-45CB-A2DA-17EC3EBCE16B} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
    Task: {3989DC86-86FF-4EF4-889F-6E30E4AEE8BB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-17] (Adobe Systems Incorporated)
    Task: {3E6FE65E-F56B-48D5-9686-65B5F1796B3B} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
    Task: {48F29A85-FDFC-46D9-803C-3B3DD0FB6563} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
    Task: {49BCA89C-BD35-4678-8916-852DA5EA2817} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
    Task: {674DCD56-DA47-40EF-B698-4792B47F2BD0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-25] (AVAST Software)
    Task: {7BA51709-6748-496B-AAE3-F26BB0840209} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.)
    Task: {9193A2C7-6C72-486F-8F12-AECFF373C9EC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
    Task: {96C7B463-29E6-4168-935D-E41EE2F83EB5} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
    Task: {977B31A4-2508-4008-BFD8-830E088A4C91} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMJMGMJJOMOJLJPMOJCNOMOJIMNJCNLMMMNMJJCNHMNJJMKMCNKJNMMJOMOJGMGMMJKMLJKJKMJNJICMIMCNGMCNOMOMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMIMJMOMJNHICMOMNMKJPMOMJNBJCMOLOJNIAJBJMJOJFIJNKJCMJNNICMJNDJCMKJBJJNMJCMNMFMOMMMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
    Task: {A055856C-1724-4E8E-A548-D1C2DE723C99} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-01-18] (Siber Systems)
    Task: {D1B9034C-3430-4842-9180-5E03457106D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.)
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    ==================== Loaded Modules (whitelisted) =============
    2013-12-10 07:13 - 2013-12-10 07:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-06-03 15:51 - 2013-10-23 08:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2012-08-04 09:34 - 2012-08-04 09:34 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2014-11-25 08:10 - 2014-11-25 08:10 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2014-01-29 22:02 - 2014-01-29 22:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-02-04 14:12 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    2015-01-18 14:07 - 2015-01-18 14:07 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011800\algo.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2015-01-18 19:26 - 2015-01-18 19:26 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011801\algo.dll
    2013-12-10 07:13 - 2013-12-10 07:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2012-06-07 13:12 - 2012-06-07 13:12 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2014-02-04 14:12 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
    2014-02-04 14:12 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2012-09-06 03:08 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    ==================== Alternate Data Streams (whitelisted) =========
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    ==================== Safe Mode (whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    ==================== EXE Association (whitelisted) =============
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========
    (Currently there is no automatic fix for this section.)
    HKLM\...\StartupApproved\StartupFolder: => "AsusVibeLauncher.lnk"
    HKLM\...\StartupApproved\Run32: => "RemoteControl10"
    ========================= Accounts: ==========================
    Aaroncaz (S-1-5-21-3283957363-4085636639-3448929423-1002 - Administrator - Enabled) => C:\Users\Aaroncaz
    Administrator (S-1-5-21-3283957363-4085636639-3448929423-500 - Administrator - Disabled) => C:\Users\Administrator
    Guest (S-1-5-21-3283957363-4085636639-3448929423-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3283957363-4085636639-3448929423-1035 - Limited - Enabled)
    UpdatusUser (S-1-5-21-3283957363-4085636639-3448929423-1001 - Limited - Enabled) => C:\Users\UpdatusUser
    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    Application errors:
    ==================
    System errors:
    =============
    Microsoft Office Sessions:
    =========================
    CodeIntegrity Errors:
    ===================================
    Date: 2014-06-03 19:08:48.011
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Definition Updates\{1BA81892-B889-4C74-9ECD-76DE662680B3}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
    Date: 2014-06-03 19:08:46.287
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Definition Updates\{575173C4-EF17-4951-AAC9-377C5841F8F8}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    ==================== Memory info ===========================
    Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
    Percentage of memory in use: 41%
    Total physical RAM: 3979.64 MB
    Available physical RAM: 2335.03 MB
    Total Pagefile: 5451.64 MB
    Available Pagefile: 3754.02 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.8 MB
    ==================== Drives ================================
    Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:126.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (DATA) (Fixed) (Total:258.45 GB) (Free:258.33 GB) NTFS
    Drive e: (WNR1000v2) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 4F41109B)
    Partition: GPT Partition Type.
    ==================== End Of Log ============================
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    shall I try the additional text as well?
  • tavernman
    tavernman Posts: 575 Forumite
    aaroncaz wrote: »
    shall I try the additional text as well?
    Please,but beware I will need time to look at the above since I am only a novice , where is waddler8 when you need him or alienrik or any one who knows about these things :o
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    Ok thank you for your help.
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015 01
    Ran by Aaroncaz at 2015-01-18 20:10:29
    Running from C:\Users\Aaroncaz\AppData\Local\Microsoft\Windows\INetCache\IE\8NSHASWI
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    ==================== Installed Programs ======================
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C5D8EEB2-EDBC-4375-829D-BE50547C8890}) (Version: 1.3 - Eyeo GmbH)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
    ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
    ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.6.112 - ASUS Cloud Corporation)
    ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
    ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
    Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
    Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 35.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-GB)) (Version: 35.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
    NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
    PlayMemories Home (HKLM-x32\...\{6F26A633-ACC2-4850-82C5-60A06D606175}) (Version: 3.1.20.06241 - Sony Corporation)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6685 - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27024 - Realtek Semiconductor Corp.)
    RoboForm 7-9-11-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-11-5 - Siber Systems)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
    Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
    Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
    ==================== Custom CLSID (selected items): ==========================
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    ==================== Restore Points =========================
    28-12-2014 18:21:02 Scheduled Checkpoint
    06-01-2015 09:09:59 Scheduled Checkpoint
    13-01-2015 11:20:45 Installed Rapport
    16-01-2015 19:52:57 Restore Operation
    17-01-2015 20:18:44 avast! antivirus system restore point
    ==================== Hosts content: ==========================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\mysystem32\Drivers\etc\hosts
    ==================== Scheduled Tasks (whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
    Task: {008EA6D8-4374-44DA-9EA9-ECCA2583344F} - mysystem32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-04] (ASUS)
    Task: {30D29F37-7CB1-4EAE-8F81-90747235D748} - mysystem32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
    Task: {321F19E7-E90D-45CB-A2DA-17EC3EBCE16B} - mysystem32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
    Task: {3989DC86-86FF-4EF4-889F-6E30E4AEE8BB} - mysystem32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-17] (Adobe Systems Incorporated)
    Task: {3E6FE65E-F56B-48D5-9686-65B5F1796B3B} - mysystem32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
    Task: {48F29A85-FDFC-46D9-803C-3B3DD0FB6563} - mysystem32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
    Task: {49BCA89C-BD35-4678-8916-852DA5EA2817} - mysystem32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
    Task: {674DCD56-DA47-40EF-B698-4792B47F2BD0} - mysystem32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-25] (AVAST Software)
    Task: {7BA51709-6748-496B-AAE3-F26BB0840209} - mysystem32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.)
    Task: {9193A2C7-6C72-486F-8F12-AECFF373C9EC} - mysystem32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\mysystem32\MRT.exe [2014-12-11] (Microsoft Corporation)
    Task: {96C7B463-29E6-4168-935D-E41EE2F83EB5} - mysystem32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
    Task: {977B31A4-2508-4008-BFD8-830E088A4C91} - mysystem32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "xttp://www.roboform.com/test-pass.html?aaa=KICMJMGMJJOMOJLJPMOJCNOMOJIMNJCNLMMMNMJJCNHMNJJMKMCNKJNMMJOMOJGMGMMJKMLJKJKMJNJICMIMCNGMCNOMOMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMIMJMOMJNHICMOMNMKJPMOMJNBJCMOLOJNIAJBJMJOJFIJNKJCMJNNICMJNDJCMKJBJJNMJCMNMFMOMMMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
    Task: {A055856C-1724-4E8E-A548-D1C2DE723C99} - mysystem32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-01-18] (Siber Systems)
    Task: {D1B9034C-3430-4842-9180-5E03457106D3} - mysystem32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.)
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    ==================== Loaded Modules (whitelisted) =============
    2013-12-10 07:13 - 2013-12-10 07:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-06-03 15:51 - 2013-10-23 08:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2012-08-04 09:34 - 2012-08-04 09:34 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2014-11-25 08:10 - 2014-11-25 08:10 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2014-01-29 22:02 - 2014-01-29 22:02 - 00094208 _____ () C:\Windows\mysystem32\IccLibDll_x64.dll
    2014-02-04 14:12 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    2015-01-18 14:07 - 2015-01-18 14:07 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011800\algo.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2015-01-18 19:26 - 2015-01-18 19:26 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011801\algo.dll
    2013-12-10 07:13 - 2013-12-10 07:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2012-06-07 13:12 - 2012-06-07 13:12 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2014-02-04 14:12 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
    2014-02-04 14:12 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
    2014-11-25 20:40 - 2014-11-25 20:40 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2012-09-06 03:08 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2015-01-18 19:15 - 2015-01-18 19:15 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    ==================== Alternate Data Streams (whitelisted) =========
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    ==================== Safe Mode (whitelisted) ===================
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    ==================== EXE Association (whitelisted) =============
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========
    (Currently there is no automatic fix for this section.)
    HKLM\...\StartupApproved\StartupFolder: => "AsusVibeLauncher.lnk"
    HKLM\...\StartupApproved\Run32: => "RemoteControl10"
    ========================= Accounts: ==========================
    Aaroncaz (S-1-5-21-3283957363-4085636639-3448929423-1002 - Administrator - Enabled) => C:\Users\Aaroncaz
    Administrator (S-1-5-21-3283957363-4085636639-3448929423-500 - Administrator - Disabled) => C:\Users\Administrator
    Guest (S-1-5-21-3283957363-4085636639-3448929423-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3283957363-4085636639-3448929423-1035 - Limited - Enabled)
    UpdatusUser (S-1-5-21-3283957363-4085636639-3448929423-1001 - Limited - Enabled) => C:\Users\UpdatusUser
    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    Application errors:
    ==================
    System errors:
    =============
    Microsoft Office Sessions:
    =========================
    CodeIntegrity Errors:
    ===================================
    Date: 2014-06-03 19:08:48.011
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Definition Updates\{1BA81892-B889-4C74-9ECD-76DE662680B3}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
    Date: 2014-06-03 19:08:46.287
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Definition Updates\{575173C4-EF17-4951-AAC9-377C5841F8F8}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    ==================== Memory info ===========================
    Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
    Percentage of memory in use: 46%
    Total physical RAM: 3979.64 MB
    Available physical RAM: 2124.07 MB
    Total Pagefile: 5451.64 MB
    Available Pagefile: 3522.66 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.83 MB
    ==================== Drives ================================
    Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:126.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (DATA) (Fixed) (Total:258.45 GB) (Free:258.33 GB) NTFS
    Drive e: (WNR1000v2) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 4F41109B)
    Partition: GPT Partition Type.
    ==================== End Of Log ============================
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    Have I posted both of them now? Should I turn them off or save them?
  • oops no you have posted the additions twice , not the FRST.txt
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    Tried to do the same with FRST but it won't work.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.9K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.9K Work, Benefits & Business
  • 598.8K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.2K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.