Author Topic: Computer clock keeps changing and slow page loading  (Read 2324 times)

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Computer clock keeps changing and slow page loading
« on: April 24, 2016, 12:37:52 PM »
I downloaded DDS to my desktop and tried to run it and I got this : "DDS is not meant to run in compatibility mode. The program shall now exit".  My clock on my computer keeps changing. I set it and the next day it is an hour behind. When I go to reset it  the "APPLY" button is never lit up. I have to unclick something to get it to light up and then I click apply but the clock will still be an hour behind the next day.  Also my internet is very slow and laggy. Pages load really slow. Not even sure what the cause of this is so I thought I should get help.



Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27043
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: Computer clock keeps changing and slow page loading
« Reply #1 on: April 24, 2016, 03:03:57 PM »
Platypuss will be helping you, please wait for his first post.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #2 on: April 24, 2016, 07:11:01 PM »
Okay. Thank You Hoov. Hope all is well with you. Its been a long time since we last talked. :)

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 443
Re: Computer clock keeps changing and slow page loading
« Reply #3 on: April 25, 2016, 12:47:35 PM »


 


 Hello gamegoddess,

 I am Platypuss, I will be helping you with your problem.
   
Before we begin, please follow my simple rules:-
  • If you do not understand any instructions, Stop & Ask do not risk creating
          further problems.
  • Please do not run any tools unless instructed to do so because it may well
          cause unforseen damage to your machine.
  • I  suggest that you  print out my instructions, so that mistakes are not made.
  • I am a trainee here but my instructions are checked by my mentor, there may be some delay but you will get a high quality of service.
  • Malware removal is frequently complex, it takes time to analyse logs, please be patient.   
  • I will advise you as soon as your computer is clean, until then it may still be infected !
         
Change Downloads  to Desktop  http://www.thewindowsclub.com/change-download-location-ie-chrome

How to change your download location to Desktop HERE

Google Chrome -
  • Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.
  • Choose Settings. at the bottom of the screen click the "Show advanced settings..." link.
  • Scroll down to find the Downloads section and click the Change... button.
  • Select your desktop and click OK.
Mozilla Firefox -
  • Click the "Open Menu" button in the upper right-corner of the browser.
  • Choose Options. In the downloads section, click the Browse button,
  • click on the Desktop folder and the click the "Select Folder" button.
  • Click OK to get out of the Options menu.
Internet Explorer -
  • Click the Tools menu in the upper right-corner of the browser. Select View downloads.
  • Select the Options link in the lower left of the window. Click Browse and select the Desktop.
  • Then choose the Select Folder button. Click OK to get out of the download options screen .
  • Now click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
Change default download folder location in Edge -Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....
>>>>>>>>>>>>>>>>

NEXT
Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/
>>>>>>>>>>>>>>>>

NEXT
Please open your copy of Malwarebytes Anti-Malware.(MBAM) See below if you do not hava a copy

• On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".

• Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware

• Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.

• A Threat Scan will begin.
• With some infections, you may or may not see this message box.
'Could not load DDA driver'

• Click 'Yes' to this message, to allow the driver to load after a restart.
• Allow the computer to restart. Continue with the rest of these instructions.
• When the scan is complete, click Apply Actions.

• Wait for the prompt to restart the computer to appear, then click on Yes.

• After the restart once you are back at your desktop, open MBAM once more.

To get the log from Malwarebytes do the following:

• Click on the History tab > Application Logs.

• Double click on the scan log which shows the Date and time of the scan just performed.
• Click Export  > From export you have three options:

[1] Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
[2] Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
[3]  XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

• I Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
>>>>>>>>>>>>>

I need The MBAM log & the two FRST logs please.

Platypuss


 


Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #4 on: April 25, 2016, 06:15:41 PM »
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/25/2016
Scan Time: 4:38 PM
Logfile:
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.04.25.05
Rootkit Database: v2016.04.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: gamegodessss

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 328436
Time Elapsed: 10 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #5 on: April 25, 2016, 06:21:40 PM »
How do I turn off windows smart screen. It will not let me run farber recovery scan tool?

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #6 on: April 25, 2016, 06:54:24 PM »
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-04-2016
Ran by gamegodessss (2016-04-25 17:52:03)
Running from C:\Users\gamegodessss\Desktop
Windows 8.1 (X64) (2015-12-16 21:41:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2414226335-1504749314-3964486275-500 - Administrator - Disabled)
gamegodessss (S-1-5-21-2414226335-1504749314-3964486275-1001 - Administrator - Enabled) => C:\Users\gamegodessss
Guest (S-1-5-21-2414226335-1504749314-3964486275-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{B5550B26-CD14-054D-FF0A-83405AE096B9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.15 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.06 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.05 - ASUSTeK Computer Inc.)
ASUS Manager - SyncUp (HKLM-x32\...\{C2294792-457D-4DF7-9486-B630754C73D0}) (Version: 2.00.07 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.08 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.09.05 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.51.2.3593 - AVG Technologies)
AVG (Version: 16.61.7539 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4563 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.61.7539 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.6.552 - AVG Technologies)
AVG Zen (Version: 1.51.58 - AVG Technologies) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden
Galerνa de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon App Store (HKLM-x32\...\Maxthon App Store 1.1.0.10848) (Version: 1.1.0.10848 - Maxthon, Inc.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.8.1000 - Maxthon International Limited)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30179 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0247 - REALTEK Semiconductor Corp.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01DB8389-545E-43B5-8BB4-F7F0341DD078} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-09-12] (ASUSTeK)
Task: {06152DE1-A276-45B9-8B70-E3D610825984} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
Task: {082CB1F2-4FA2-4B32-9E68-D50041F2B9B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28] (Google Inc.)
Task: {23BDA590-11C9-4DFC-BEBC-738DCC4643F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28] (Google Inc.)
Task: {3E37279B-4F15-439E-912D-63A62DF2729C} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2016-02-24] (Maxthon International ltd.)
Task: {84C04EEC-11D3-4A9E-8487-436E2ECDF417} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {8556026B-18EB-43FA-8C40-2DA64C41B1A6} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2014-03-18] ()
Task: {B32E88A5-96F3-43B6-A480-D8354CBE2943} - System32\Tasks\{BE346619-9FFD-440F-9C9F-7D9A409F0530} => pcalua.exe -a C:\Roadrash\RoadRash\ROADRASH\RASHME.EXE -d C:\Roadrash\RoadRash\ROADRASH
Task: {CF5A8C22-C96B-4D1B-B7FA-D05E2DC1BA58} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-06-03] ()
Task: {DB922BE1-5291-46A7-B4FC-4C3A1D28D273} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2014-03-20] ()
Task: {FEE26D0B-57B7-4BDE-A85D-B96683114983} - System32\Tasks\ASUS\SyncUp => C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe [2014-11-03] (ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-26 15:37 - 2016-02-01 17:10 - 01205832 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-04-20 03:53 - 2013-09-26 10:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-02-22 18:17 - 2016-02-22 18:16 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
2015-04-20 03:57 - 2014-03-12 14:51 - 00907776 _____ () C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll
2016-01-26 15:37 - 2016-02-22 18:16 - 02874440 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2013-06-05 15:51 - 2013-06-05 15:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-06-05 15:51 - 2013-06-05 15:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2015-04-20 03:56 - 2013-11-06 02:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-08-18 23:13 - 2015-08-18 23:13 - 00952232 _____ () C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\Plugins\Plugin.ServShellEx\ServShellEx.dll
2016-02-22 18:17 - 2016-02-22 18:16 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\log4cplusU.dll
2015-04-20 03:57 - 2014-01-22 10:36 - 00753664 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\WiMoveHelp.dll
2015-04-20 03:57 - 2014-01-22 10:35 - 00684032 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\PhoneCtrlAPI.dll
2015-12-16 14:07 - 2016-04-07 05:15 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-12-22 04:12 - 2009-05-26 21:06 - 00913408 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2015-04-20 03:56 - 2016-04-23 21:31 - 00036352 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-04-20 03:56 - 2010-06-28 18:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 03530752 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00352256 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.CdnModule\fd4d33d525955eddce5c6b0653c56fca\Arkadium.CdnModule.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 02122752 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Dae4911807#\8a38c96b934253fd8c9153f98510198e\Arkadium.DailyChallengeModule.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00971776 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi3ea2618e#\00b2805238e91672c834eb4c93396019\Arkadium.Win8.PuzzleMode.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00351744 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\UpsellModule\6df1c8dcdd641d1f7385516b690249f4\UpsellModule.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00228864 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 01131008 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00960000 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00038400 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi82189356#\d62a5250f0d53b33fa82b6d1774f145a\Arkadium.Win8.MediaPlayer.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00122880 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ap4e5cc921#\61b84faef5b1585aa53216fc7c1bbfdd\Arkadium.ApplicationFramework.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00175104 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Acc213f109#\947bc177d7d32ce0b9bd31941112aead\Arkadium.AchievementsModule.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00264704 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Awd4f12c8f#\e2247bc1da20fe9074cbc771ffb2f1e4\Arkadium.AwardsModule.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00375808 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Le816657bc#\60adf427c9b46e9c4d54ada040726e6b\Arkadium.LeaderboardModule.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00302592 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi4bbc307d#\89fef857528745db6b8973a6a01cb2d0\Arkadium.WindowsStoreModule.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00459776 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ad1735b4ba#\0752b7be78a46a7da3727766c67c927d\Arkadium.Advertisement.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00167936 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.NewsModule\56bd528344373df069bb3d7387c7feb6\Arkadium.NewsModule.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00213504 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.A51f62115#\e871f66ad7d1f8ed8040b44dd39d0e21\Microsoft.Advertising.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00128512 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Xaba8eb3bf#\8b992ab2a468f57a2b5d74a24488d4cc\Arkadium.Xaml.Toolkit.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00215040 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CustomProgr3d91ab4c#\02da9ad5255580a5f6e1b93d7395dc8c\CustomProgressControl.ni.dll
2016-01-01 23:47 - 2016-01-01 23:50 - 03725488 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.7.1508.1402_x86__8wekyb3d8bbwe\UniversalXamlAdControl.Windows.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00483840 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\f0522b4201b915706b80d7aef964816b\Microsoft.Xbox.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00808448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00799232 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\86865ced79f3180ebdfa736d895e5edb\Windows.Networking.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00196608 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MicroStudioe45cbf8f#\95ace85663a7cb2781b36e6205a67847\MicroStudios.HouseAdController.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00337408 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\FlurryWin8SDK\74634abd006f51a336eb1919199c85e4\FlurryWin8SDK.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00133120 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00402432 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 01282048 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00304128 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00041984 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.G42d2c636#\fd81db4e0278d977a5d92f8ad39d6fb0\Microsoft.Games.Sentient.ni.dll
2016-01-02 05:34 - 2016-01-02 05:34 - 00337920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2016-01-02 05:35 - 2016-01-02 05:35 - 00012800 _____ () C:\Users\gamegodessss\AppData\Local\Packages\microsoft.microsoftsolitairecollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Sh130cfbe4#\74f2e0752cef7470353124986dfc617e\Arkadium.SharpDXEngine.AudioLoader.ni.dll
2016-01-01 23:47 - 2016-01-01 23:47 - 00038912 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.7.1508.1402_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gamegodessss\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6EA12058-4395-4ADF-8D51-EE86497ECE86}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CAC918E6-BEA5-4E12-A1BE-C25B2043025B}] => (Allow) LPort=2869
FirewallRules: [{C4F65DE1-E416-4C7E-BACF-699A8159C467}] => (Allow) LPort=1900
FirewallRules: [{A12093EF-7902-4E17-9171-3E43AC416275}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{57C2EFF5-4647-4386-91CB-0D322CA5E901}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{A1CA7977-C383-4092-B6FD-FE9299A1FFF9}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{7A768A18-45BC-496D-A8DB-E5E321DB8305}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{D6814A72-7FEA-4B85-9850-6806A0E1846F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{A84E2F38-4DA7-46C8-9E3A-D205B550B9B4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{FC8C481A-0294-4C02-8E37-5A4016EA69E1}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C1526945-4168-4BDB-9402-A4A318C48C58}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{2E71931E-44DA-4289-B6A9-4754F67C9C5C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5804CC82-B488-4F0B-A3B5-6F3C50F2F071}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{7DA8A855-A694-4D6B-91CD-61BDA11DF512}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A0E613D4-0F74-42EA-84C8-E67362E7B305}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{15D9CE8D-3856-45E2-8199-FBA066E96018}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{268DC740-BFD1-4842-A4C3-15640A12C95C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{B768C7F5-B7D8-450F-9A85-2643F75E7299}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
FirewallRules: [{8BAE3006-A62D-44AF-A0E3-2F38A87D23C7}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
FirewallRules: [{B466633A-31A3-44BF-93CD-F054EE1AE1DE}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe
FirewallRules: [{EE71626E-FE4C-4F0C-9A5A-CD8BD4FF1CFE}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe

==================== Restore Points =========================

07-04-2016 04:08:26 Scheduled Checkpoint
14-04-2016 05:09:20 Scheduled Checkpoint
22-04-2016 04:47:43 Scheduled Checkpoint
24-04-2016 12:32:47 Configured eManual

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2016 05:35:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ScriptHelper.exe, version: 4.2.6.552, time stamp: 0x56bb401a
Faulting module name: ScriptHelper.exe, version: 4.2.6.552, time stamp: 0x56bb401a
Exception code: 0xc0000005
Fault offset: 0x0000155e
Faulting process id: 0x18cc
Faulting application start time: 0xScriptHelper.exe0
Faulting application path: ScriptHelper.exe1
Faulting module path: ScriptHelper.exe2
Report Id: ScriptHelper.exe3
Faulting package full name: ScriptHelper.exe4
Faulting package-relative application ID: ScriptHelper.exe5

Error: (04/23/2016 09:39:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Maxthon.exe, version: 4.4.8.2000, time stamp: 0x56cd5fe8
Faulting module name: Maxthon.dll, version: 4.4.8.1000, time stamp: 0x56cd6047
Exception code: 0xc0000409
Fault offset: 0x000a1670
Faulting process id: 0x1098
Faulting application start time: 0xMaxthon.exe0
Faulting application path: Maxthon.exe1
Faulting module path: Maxthon.exe2
Report Id: Maxthon.exe3
Faulting package full name: Maxthon.exe4
Faulting package-relative application ID: Maxthon.exe5

Error: (04/23/2016 09:30:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/23/2016 05:40:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Bingo.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 72ac

Start Time: 01d19d57fd9d931f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.MicrosoftBingo_1.6.3.0_x86__8wekyb3d8bbwe\Bingo.exe

Report Id: ec9e0d46-0958-11e6-827d-40e23062ff5e

Faulting package full name: Microsoft.MicrosoftBingo_1.6.3.0_x86__8wekyb3d8bbwe

Faulting package-relative application ID: frima.MicrosoftBingo

Error: (04/23/2016 05:40:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: VIRGINIA)
Description: Package Microsoft.MicrosoftBingo_1.6.3.0_x86__8wekyb3d8bbwe+frima.MicrosoftBingo was terminated because it took too long to suspend.

Error: (04/15/2016 06:37:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/15/2016 06:14:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/15/2016 02:02:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Bingo.exe, version: 1.0.0.0, time stamp: 0x55c8a749
Faulting module name: IcewaveView.Win8.dll, version: 0.0.0.0, time stamp: 0x55cddc21
Exception code: 0xc0000005
Fault offset: 0x00013e05
Faulting process id: 0x4450
Faulting application start time: 0xBingo.exe0
Faulting application path: Bingo.exe1
Faulting module path: Bingo.exe2
Report Id: Bingo.exe3
Faulting package full name: Bingo.exe4
Faulting package-relative application ID: Bingo.exe5

Error: (04/15/2016 02:02:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Bingo.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at FrimaStudio.IcewaveState.IceWavePageStateBridge.KillAllFx()
   at Service.Win8.IceWave.IceWaveService.KillAllFx()
   at ViewModel.Page.RoomViewModel.WaitForNavigationPopupConfirmation(Service.Navigation.Action.NavigationAction)
   at Service.Win8.WorkFlowStepExecuter`1+<CanExecute>d__0[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext()
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start[[Service.Win8.WorkFlowStepExecuter`1+<CanExecute>d__0[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]], Service.Win8, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<CanExecute>d__0<System.__Canon> ByRef)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1[[System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Start[[Service.Win8.WorkFlowStepExecuter`1+<CanExecute>d__0[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]], Service.Win8, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<CanExecute>d__0<System.__Canon> ByRef)
   at Service.Win8.WorkFlowStepExecuter`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CanExecute(System.__Canon)
   at Service.Win8.WorkFlowStepExecuter`1+<ExecuteInternal>d__7[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext()
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start[[Service.Win8.WorkFlowStepExecuter`1+<ExecuteInternal>d__7[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]], Service.Win8, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<ExecuteInternal>d__7<System.__Canon> ByRef)
   at System.Runtime.CompilerServices.AsyncVoidMethodBuilder.Start[[Service.Win8.WorkFlowStepExecuter`1+<ExecuteInternal>d__7[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]], Service.Win8, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<ExecuteInternal>d__7<System.__Canon> ByRef)
   at Service.Win8.WorkFlowStepExecuter`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].ExecuteInternal(System.__Canon)
   at Service.Win8.WorkFlowStepExecuter`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Execute(Service.WorkFlow.Action.WorkFlowAction)
   at Service.Win8.WorkFlowService`2+<>c__DisplayClassb`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].<ExecuteAsync>b__7()
   at System.Threading.Tasks.Task.InnerInvoke()
   at System.Threading.Tasks.Task.Execute()
   at System.Threading.Tasks.Task.ExecutionContextCallback(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef)
   at System.Threading.Tasks.Task.ExecuteEntry(Boolean)
   at System.Threading.Tasks.Task.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/10/2016 02:37:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Solitaire.exe, version: 1.0.0.0, time stamp: 0x55cdd44d
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bcfc
Exception code: 0xe06d7363
Fault offset: 0x00015b68
Faulting process id: 0x3918
Faulting application start time: 0xSolitaire.exe0
Faulting application path: Solitaire.exe1
Faulting module path: Solitaire.exe2
Report Id: Solitaire.exe3
Faulting package full name: Solitaire.exe4
Faulting package-relative application ID: Solitaire.exe5


System errors:
=============
Error: (04/24/2016 08:39:26 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

Error: (04/24/2016 03:36:06 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.

Error: (04/23/2016 11:43:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.

Error: (04/23/2016 11:43:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.

Error: (04/23/2016 04:53:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error:
%%3758213661

Error: (04/23/2016 08:03:34 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.

Error: (04/23/2016 04:52:12 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error:
%%3758213661

Error: (04/22/2016 05:21:32 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.

Error: (04/22/2016 05:21:32 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.

Error: (04/22/2016 05:21:32 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.


CodeIntegrity:
===================================
  Date: 2016-04-25 16:57:34.469
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 16:57:17.124
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 16:57:16.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 16:57:16.740
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 16:57:16.544
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 16:57:16.356
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 16:57:16.132
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 04:56:21.018
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 04:56:18.018
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-25 04:56:04.143
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-8310 Eight-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 8107.42 MB
Available physical RAM: 5930.76 MB
Total Virtual: 9387.42 MB
Available Virtual: 6342.54 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1847.81 GB) (Free:1810.47 GB) NTFS
Drive e: (RoadRash) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: D9C68D95)

Partition: GPT.

==================== End of Addition.txt ============================

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #7 on: April 25, 2016, 06:55:15 PM »
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-04-2016
Ran by gamegodessss (administrator) on VIRGINIA (25-04-2016 17:51:30)
Running from C:\Users\gamegodessss\Desktop
Loaded Profiles: gamegodessss (Available Profiles: gamegodessss)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Maxthon Inc.) C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MasSvc.exe
(Maxthon) C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MaxthonAppstoreSvc.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.7.1508.1402_x86__8wekyb3d8bbwe\Solitaire.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-12] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-25] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2015-01-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-19] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3930384 2016-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2874440 2016-02-22] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [4351216 2009-05-26] (Yahoo! Inc.)
HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\MountPoints2: {88ac5ae1-e752-11e4-8257-806e6f6e6963} - "E:\Gateway\gateway.exe"
HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DF04DCAC-3397-4A87-B912-4E8C9C29B9A7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> DefaultScope {DFED6624-258C-498C-9757-6F07A33A797D} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {DFED6624-258C-498C-9757-6F07A33A797D} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2009-05-26] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [638456 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3993088 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-04-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [593880 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
R2 MasSvc_{MaxthonAppStore_1.1.0.10848}; C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MasSvc.exe [563112 2015-08-18] (Maxthon Inc.)
R2 MaxthonAppStoreSvc; C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MaxthonAppstoreSvc.exe [1867544 2015-08-10] (Maxthon)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2385832 2016-01-12] (Maxthon)
R2 vToolbarUpdater40.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [1949768 2016-02-22] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-01] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [306976 2016-03-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [246560 2016-03-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71456 2016-03-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3759320 2014-12-01] (Realtek Semiconductor Corporation                           )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-25 17:51 - 2016-04-25 17:51 - 00015051 _____ C:\Users\gamegodessss\Desktop\FRST.txt
2016-04-25 17:51 - 2016-04-25 17:51 - 00000000 ____D C:\FRST
2016-04-25 17:17 - 2016-04-25 17:18 - 02376192 _____ (Farbar) C:\Users\gamegodessss\Desktop\FRST64.exe
2016-04-24 11:20 - 2016-04-24 11:20 - 00688992 _____ (Swearware) C:\Users\gamegodessss\Desktop\dds.com
2016-04-24 05:29 - 2016-04-24 05:29 - 00000000 ____D C:\ProgramData\Avg_Update_0516tb
2016-04-23 08:10 - 2016-04-23 08:10 - 01283514 _____ C:\Users\gamegodessss\Documents\prizes.pdf
2016-04-12 15:25 - 2016-04-12 15:25 - 03290270 _____ C:\Users\gamegodessss\Documents\TraxxasNitroSport.pdf
2016-04-12 15:20 - 2016-04-12 15:20 - 00914028 _____ C:\Users\gamegodessss\Documents\xrs_sport_reversible.pdf
2016-04-12 15:16 - 2016-04-12 15:16 - 00911793 _____ C:\Users\gamegodessss\Documents\TQ3remote.pdf
2016-04-12 13:28 - 2016-04-12 13:28 - 00601374 _____ C:\Users\gamegodessss\Downloads\2203-2204INST TRNSMTR.pdf
2016-04-10 10:04 - 2016-04-10 10:04 - 00229397 _____ C:\Users\gamegodessss\Documents\146032.pdf
2016-04-10 01:48 - 2016-04-10 01:48 - 00213607 _____ C:\Users\gamegodessss\Documents\146028.pdf
2016-04-09 15:01 - 2016-04-09 15:01 - 02130581 _____ C:\Users\gamegodessss\Documents\xtm-x-factor-2-manual.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-25 17:35 - 2015-12-28 17:24 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-25 17:35 - 2015-12-28 17:24 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-25 16:57 - 2015-12-16 14:10 - 00000000 ____D C:\ProgramData\MFAData
2016-04-25 16:34 - 2015-12-31 06:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-24 12:51 - 2015-12-16 13:47 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2414226335-1504749314-3964486275-1001
2016-04-24 11:21 - 2014-03-18 02:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-24 11:21 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\Inf
2016-04-23 21:30 - 2016-01-01 23:46 - 00000000 ____D C:\Users\gamegodessss\OneDrive
2016-04-23 21:29 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-23 21:28 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-23 09:11 - 2015-12-31 06:21 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-23 09:11 - 2015-12-31 06:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-23 09:11 - 2015-12-31 06:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-23 04:52 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-04-16 07:00 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-14 01:18 - 2013-08-22 07:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-11 09:00 - 2015-12-16 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-04-08 19:45 - 2015-12-16 13:41 - 00000000 ____D C:\Users\gamegodessss\AppData\Local\Packages
2016-04-07 05:17 - 2015-12-16 14:09 - 00000882 _____ C:\Users\Public\Desktop\AVG.lnk
2016-04-07 05:17 - 2015-12-16 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-03-26 19:36 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-12-16 13:41 - 2016-04-23 21:30 - 0204984 _____ () C:\Users\gamegodessss\AppData\Local\BTServer.log
2015-01-15 00:37 - 2015-01-15 00:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\gamegodessss\AppData\Local\Temp\avguirn_081053209000.exe
C:\Users\gamegodessss\AppData\Local\Temp\avguirn_081540314899.exe
C:\Users\gamegodessss\AppData\Local\Temp\avguirn_08225036938.exe
C:\Users\gamegodessss\AppData\Local\Temp\avguirn_08310547834.exe
C:\Users\gamegodessss\AppData\Local\Temp\avguirn_08791986272.exe
C:\Users\gamegodessss\AppData\Local\Temp\CasinoSlots.exe
C:\Users\gamegodessss\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\gamegodessss\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\gamegodessss\AppData\Local\Temp\jre-8u91-windows-au.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-20 03:33

==================== End of FRST.txt ============================

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 443
Re: Computer clock keeps changing and slow page loading
« Reply #8 on: April 26, 2016, 01:27:09 PM »

Hello gamegodess,

 
  Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

AVG Web TuneUp
AVG Secure Search,

Take extra care in answering questions posed by any Uninstaller.

>>>>>>>>>>>>>>>>

Open notepad. Please copy the contents of the code box below.
To do this highlight the contents of the box and right click on it.
Then paste it into the open notepad.
Save it on the Desktop as fixlist.txt

Code: [Select]
start
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2874440 2016-02-22] (
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {DFED6624-258C-498C-9757-6F07A33A797D} URL =
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google
2016-02-22 18:17 - 2016-02-22 18:16 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-01] ()
2016-01-26 15:37 - 2016-02-22 18:16 - 02874440 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
015-01-15 00:37 - 2015-01-15 00:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

Emptytemp:
CMD: ipconfig /flushdns
Reboot:
end

>>>>>>>>>>>>>>>>>>>>>>>>>>>

Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions HERE
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:

    Accept the Terms of Use and click Start.
    Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

    Download esetsmartinstaller_enu.exe that you'll be given link to.
    Double click esetsmartinstaller_enu.exe.
    Allow the Terms of Use and click Start.

To perform the scan:
   
  • Make sure that Remove found threats is unchecked.
       
  • Scan archives is checked.
       
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
       
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
       
  • When the scan is done, click Finish.
       
  • A logfile will be created at C:\Program Files\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!

>>>>>>>>>>>>>>>>>>>

If you still have a problem with your clock try advice HERE

How is your computer running now?

I need the fixlist.exe & the ESET log please.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
platypuss
























Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #9 on: April 26, 2016, 06:15:56 PM »
avg web tuneup will not uninstall and there is no avg web search in prograMS AND FEATURES

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #10 on: April 26, 2016, 06:27:16 PM »
cannot temp disable avg. I cant find out where to go to do that/. there is no options for thios

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #11 on: April 26, 2016, 06:42:27 PM »
Just tried to uninstall avg and it wont even let me do that. Is there any chance You can be online between 4 and 6pm?
« Last Edit: April 26, 2016, 06:48:10 PM by gamegodessss »

Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #12 on: April 26, 2016, 08:12:03 PM »
below is all that was in the eset folder and where do I get the fixlist.exe from? The only thing I have is the fixlist.txt you told me to save on my desktop?

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Update Init
Update Download
Update Finalize
Updated modules version: 29256

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 443
Re: Computer clock keeps changing and slow page loading
« Reply #13 on: April 27, 2016, 02:09:30 PM »

   


Thanks for the updates, some new instructions for you:-

Apropos your copy of AVG Web Tuneup Unfortunately it is regarded as a "Rogue " & should be removed.
Once installed on a machine it becomes resistant to removal & it requires a special tool to remove it cleanly, it may even be part of your problem.

Please download and install Revo Uninstaller Free
Since it is a more powerful tool, please be sure to follow the instructions carefully.
There is a very useful videoHERE
 I strongly recommend you watch it BEFORE following my instructions.

  • Double click Revo Uninstaller to run it.
       
  • From the list/Icons of programs double click on AVG Web Tuneup to remove it.
       
  • When prompted if you want to uninstall this program, clickYes.
       
  • Be sure the Moderate option is selected then click
             Next
       
  • The program will run, If prompted again clickYes
       
  • When the built-in uninstaller is finished click on Next.
       
  • Once the program has searched for leftovers....(be patient here ! ) click Next.
       
  • Check /tick the Web Tuneup Only, then click DELETE
       
  • When prompted click on Yes and then on Next.
       
  • Put a check on any folders that are found and select delete
       
  • When prompted select yes then on Next
       
  • Once done click Finish
       
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

You have AVG Web Tuneup toolbar which is undesirable & needs to be removed.
AVG Web TuneUp was recently in the news as it was found that it exposed Chrome users data. The company has said that it has patched the vulnerability, but nevertheless, many people are now looking for a way to uninstall this browser addon.
Please go HERE & follow instructions carefully (Including video) to remove it please.

>>>>>>>>>>>>>>>>>>>
Quote
below is all that was in the eset folder and where do I get the fixlist.exe from?

Follow these instructions carefully please:-
  • Please open Notepad (How to video) HERE. Please leave it opened.
  • Next highlight all the contents of the codebox then right click on it & select copy
  • Go back to your open copy of Notepad,right click on it (with your mouse) & select paste
  • When this finishes ,close Notepad & select save
  • In the next window, go to file name & type in fixlist.txt
  • Now save this to your Desktop.
  • It will now be located on your Desktop as fixlist.txt
>>>>>>>>>>>>>>



1. Open Notepad and copy/paste the text present inside the code box below.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Code: [Select]
start
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2874440 2016-02-22] (
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {DFED6624-258C-498C-9757-6F07A33A797D} URL =
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google
2016-02-22 18:17 - 2016-02-22 18:16 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-01] ()
2016-01-26 15:37 - 2016-02-22 18:16 - 02874440 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
015-01-15 00:37 - 2015-01-15 00:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

Emptytemp:
CMD: ipconfig /flushdns
Reboot:
end
NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Revised FRST Scan
Please locate the program FRST64 we downloaded earlier.
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • If needed, FRST will update itself with newer definitions.
  • When the tool opens click Yes to the disclaimer.
  • Now please place a check mark in the lower right hand box labeled “Addition.txt”
  • Next press the FIX button just once & wait
  • DO NOT PRESS THE SCAN BUTTON.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally.
  • The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
  • When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Please delete your copy of ESET & download/run a new copy

Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions HERE
Please visit ESET Online Scanner website.
Click their Run ESET Online Scanner.

If using Internet Explorer:
  • Accept the Terms of Use and click Start.
       
  • Allow the running of add-on.



If using Mozilla Firefox or Google Chrome:
   
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
       
  • Double click esetsmartinstaller_enu.exe.
       
  • Allow the Terms of Use and click Start.


    To perform the scan:
       
  • Make sure that
  • Remove found threats is unchecked.
       
  • Scan archives is checked.
       
  • In Advanced Settings:-
Scan for potentially unwanted applications,
Scan for potentially unsafe applications
and Enable Anti-Stealth technology are checked.
   
  • Then click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
       
  • When the scan is done, click Finish.
       
  • A logfile will be created at C:\Program Files\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!

>>>>>>>>>>>>>>>>>>>

How is your computer running now?

I need the fixlist.exe & the ESET log please.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
platypuss
























Offline gamegodessss

  • Bronze Member
  • Posts: 97
Re: Computer clock keeps changing and slow page loading
« Reply #14 on: April 27, 2016, 06:44:56 PM »
Fix result of Farbar Recovery Scan Tool (x64) Version:25-04-2016
Ran by gamegodessss (2016-04-27 17:39:28) Run:1
Running from C:\Users\gamegodessss\Desktop
Loaded Profiles: gamegodessss (Available Profiles: gamegodessss)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2874440 2016-02-22] (
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> {DFED6624-258C-498C-9757-6F07A33A797D} URL =
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-22] (AVG
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google
2016-02-22 18:17 - 2016-02-22 18:16 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-01] ()
2016-01-26 15:37 - 2016-02-22 18:16 - 02874440 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
015-01-15 00:37 - 2015-01-15 00:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

Emptytemp:
CMD: ipconfig /flushdns
Reboot:
end
*****************

Processes closed successfully.
Restore point was successfully created.
C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe => moved successfully
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => value not found.
"HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DFED6624-258C-498C-9757-6F07A33A797D}" => key removed successfully
HKCR\CLSID\{DFED6624-258C-498C-9757-6F07A33A797D} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Program Files (x86)\Google => moved successfully
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => key not found.
WtuSystemSupport => service not found.
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" => not found.
015-01-15 00:37 - 2015-01-15 00:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl => Error: No automatic fix found for this entry.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => key removed successfully

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 883.4 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 17:40:01 ====

 

Click Here