Author Topic: Computer clock keeps changing and slow page loading  (Read 2641 times)

Offline gamegodessss

  • Bronze Member
  • Posts: 99
Re: Computer clock keeps changing and slow page loading
« Reply #15 on: April 27, 2016, 08:15:35 PM »
I ran eset again and it did not create a file in c:/programfiles/eset/eset online scanner

Offline gamegodessss

  • Bronze Member
  • Posts: 99
Re: Computer clock keeps changing and slow page loading
« Reply #16 on: April 27, 2016, 09:34:41 PM »
Tried getting eset to run again and it said cannot get update. is proxy configured?

Offline Foxfire

  • Malware Removal Staff
  • Bronze Member
  • Posts: 443
Re: Computer clock keeps changing and slow page loading
« Reply #17 on: April 28, 2016, 01:42:34 PM »


 

 
 Hello gamegodesss,

 
Quote
I ran eset again and it did not create a file in c:/programfiles/eset/eset online scanner
There is a possibility it may be elsewhere on your computer..
Try using the computer search facility.
Just type ESET into the search box & await results.
If that fails, please download & run MiniToolBox by FARBAR HERE
When it is open checkmark the following boxes:
   

       
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List devices


    Click Go and post the result (Result.txt) that pops up.
    A copy of result.txt will be save in the same directory the tool is saved.

    >>>>>>>>>>>>>>>>>>>>

    Now try running ESET scanner again please. & advise result.

    I need ESET log & MiniToolBox (Result.txt) logs please.

    >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

    platypuss

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #18 on: April 28, 2016, 05:51:10 PM »
    MiniToolBox by Farbar  Version: 07-02-2016 01
    Ran by gamegodessss (administrator) on 28-04-2016 at 16:49:34
    Running from "C:\Users\gamegodessss\Desktop"
    Microsoft Windows 8.1  (X64)
    Model: M52BC_M32BC Manufacturer: ASUSTeK COMPUTER INC.
    Boot Mode: Normal
    ***************************************************************************

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.
    ========================= Hosts content: =================================
    ========================= IP Configuration: ================================

    Realtek PCIe GBE Family Controller = Ethernet (Connected)
    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
    Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC = Wi-Fi (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled
    set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

       Host Name . . . . . . . . . . . . : Virginia
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Local Area Connection* 3:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physical Address. . . . . . . . . : 40-E2-30-62-FF-5F
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wi-Fi:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC
       Physical Address. . . . . . . . . : 40-E2-30-62-FF-5F
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Bluetooth Network Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
       Physical Address. . . . . . . . . : 40-E2-30-62-FF-5E
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Ethernet:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . . . : 1C-87-2C-CB-2D-03
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::f598:2f75:b5f:59f2%3(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Wednesday, April 27, 2016 5:41:25 PM
       Lease Expires . . . . . . . . . . : Friday, April 29, 2016 5:41:26 AM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 55877712
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-03-82-18-1C-87-2C-CB-2D-03
       DNS Servers . . . . . . . . . . . : 192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.{DF04DCAC-3397-4A87-B912-4E8C9C29B9A7}:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:30bd:2fe7:3f57:fefd(Preferred)
       Link-local IPv6 Address . . . . . : fe80::30bd:2fe7:3f57:fefd%9(Preferred)
       Default Gateway . . . . . . . . . : ::
       DHCPv6 IAID . . . . . . . . . . . : 352321536
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-03-82-18-1C-87-2C-CB-2D-03
       NetBIOS over Tcpip. . . . . . . . : Disabled
    DNS request timed out.
        timeout was 2 seconds.
    Server:  UnKnown
    Address:  192.168.1.1

    Name:    google.com
    Addresses:  2607:f8b0:4007:804::200e
         172.217.2.238


    Pinging google.com [172.217.2.238] with 32 bytes of data:
    Reply from 172.217.2.238: bytes=32 time=1337ms TTL=53
    Reply from 172.217.2.238: bytes=32 time=687ms TTL=53

    Ping statistics for 172.217.2.238:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 687ms, Maximum = 1337ms, Average = 1012ms
    DNS request timed out.
        timeout was 2 seconds.
    Server:  UnKnown
    Address:  192.168.1.1

    Name:    yahoo.com
    Addresses:  2001:4998:c:a06::2:4008
         2001:4998:58:c02::a9
         2001:4998:44:204::a7
         98.139.183.24
         206.190.36.45
         98.138.253.109


    Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
    Reply from 98.139.183.24: bytes=32 time=1397ms TTL=42
    Reply from 98.139.183.24: bytes=32 time=1058ms TTL=42

    Ping statistics for 98.139.183.24:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 1058ms, Maximum = 1397ms, Average = 1227ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
      7...40 e2 30 62 ff 5f ......Microsoft Wi-Fi Direct Virtual Adapter
      6...40 e2 30 62 ff 5f ......Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC
      4...40 e2 30 62 ff 5e ......Bluetooth Device (Personal Area Network)
      3...1c 87 2c cb 2d 03 ......Realtek PCIe GBE Family Controller
      1...........................Software Loopback Interface 1
      8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
      9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     10
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
          192.168.1.0    255.255.255.0         On-link       192.168.1.2    266
          192.168.1.2  255.255.255.255         On-link       192.168.1.2    266
        192.168.1.255  255.255.255.255         On-link       192.168.1.2    266
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link       192.168.1.2    266
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link       192.168.1.2    266
    ===========================================================================
    Persistent Routes:
      None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
      9    306 ::/0                     On-link
      1    306 ::1/128                  On-link
      9    306 2001::/32                On-link
      9    306 2001:0:9d38:90d7:30bd:2fe7:3f57:fefd/128
                                        On-link
      3    266 fe80::/64                On-link
      9    306 fe80::/64                On-link
      9    306 fe80::30bd:2fe7:3f57:fefd/128
                                        On-link
      3    266 fe80::f598:2f75:b5f:59f2/128
                                        On-link
      1    306 ff00::/8                 On-link
      3    266 ff00::/8                 On-link
      9    306 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
    Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (04/27/2016 07:09:39 PM) (Source: Application Error) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
    Faulting module name: ONLINE~1.OCX_unloaded, version: 1.0.0.7777, time stamp: 0x55546935
    Exception code: 0xc0000005
    Fault offset: 0x000a08e0
    Faulting process id: 0x14ec
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/27/2016 05:42:04 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (04/27/2016 05:39:31 PM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


    Details:
    AddWin32ServiceFiles: Unable to back up image of service WtuSystemSupport since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.
    .

    Error: (04/27/2016 05:39:30 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {6bbe7f7a-a016-46cd-8fb5-4e295d29ce5b}

    Error: (04/26/2016 07:05:12 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

    Error: (04/26/2016 07:03:43 PM) (Source: Application Error) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
    Faulting module name: ONLINE~1.OCX_unloaded, version: 1.0.0.7777, time stamp: 0x55546935
    Exception code: 0xc0000005
    Fault offset: 0x000a08e0
    Faulting process id: 0xda4
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/26/2016 05:57:26 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (04/26/2016 05:25:18 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

    Error: (04/24/2016 05:35:56 AM) (Source: Application Error) (User: )
    Description: Faulting application name: ScriptHelper.exe, version: 4.2.6.552, time stamp: 0x56bb401a
    Faulting module name: ScriptHelper.exe, version: 4.2.6.552, time stamp: 0x56bb401a
    Exception code: 0xc0000005
    Fault offset: 0x0000155e
    Faulting process id: 0x18cc
    Faulting application start time: 0xScriptHelper.exe0
    Faulting application path: ScriptHelper.exe1
    Faulting module path: ScriptHelper.exe2
    Report Id: ScriptHelper.exe3
    Faulting package full name: ScriptHelper.exe4
    Faulting package-relative application ID: ScriptHelper.exe5

    Error: (04/23/2016 09:39:51 PM) (Source: Application Error) (User: )
    Description: Faulting application name: Maxthon.exe, version: 4.4.8.2000, time stamp: 0x56cd5fe8
    Faulting module name: Maxthon.dll, version: 4.4.8.1000, time stamp: 0x56cd6047
    Exception code: 0xc0000409
    Fault offset: 0x000a1670
    Faulting process id: 0x1098
    Faulting application start time: 0xMaxthon.exe0
    Faulting application path: Maxthon.exe1
    Faulting module path: Maxthon.exe2
    Report Id: Maxthon.exe3
    Faulting package full name: Maxthon.exe4
    Faulting package-relative application ID: Maxthon.exe5


    System errors:
    =============
    Error: (04/28/2016 02:38:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80073cf1: GAMELOFTSA.Asphalt8Airborne.

    Error: (04/28/2016 02:04:27 AM) (Source: DCOM) (User: VIRGINIA)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VirginiagamegodessssS-1-5-21-2414226335-1504749314-3964486275-1001LocalHost (Using LRPC)40588MidwayStudios.PAC-MANOriginal_1.1.0.0_neutral__svrvwanpjnagmS-1-15-2-78110329-4293305703-3491148040-1048490581-3132400345-2559280165-1260876735

    Error: (04/27/2016 05:52:49 PM) (Source: Service Control Manager) (User: )
    Description: The eapihdrv service failed to start due to the following error:
    %%1275

    Error: (04/27/2016 05:52:49 PM) (Source: Application Popup) (User: )
    Description: \??\C:\Users\GAMEGO~1\AppData\Local\Temp\ehdrv.sys

    Error: (04/27/2016 05:52:48 PM) (Source: Service Control Manager) (User: )
    Description: The eapihdrv service failed to start due to the following error:
    %%1275

    Error: (04/27/2016 05:52:48 PM) (Source: Application Popup) (User: )
    Description: \??\C:\Users\GAMEGO~1\AppData\Local\Temp\ehdrv.sys

    Error: (04/27/2016 05:52:48 PM) (Source: Service Control Manager) (User: )
    Description: The eapihdrv service failed to start due to the following error:
    %%1275

    Error: (04/27/2016 05:52:48 PM) (Source: Application Popup) (User: )
    Description: \??\C:\Users\GAMEGO~1\AppData\Local\Temp\ehdrv.sys

    Error: (04/27/2016 05:43:47 PM) (Source: Service Control Manager) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%2

    Error: (04/27/2016 05:40:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\system32\Rtlihvs.dll


    Microsoft Office Sessions:
    =========================
    Error: (04/27/2016 07:09:39 PM) (Source: Application Error)(User: )
    Description: IEXPLORE.EXE11.0.9600.181245641278dONLINE~1.OCX_unloaded1.0.0.777755546935c0000005000a08e014ec01d1a0efcd37a76aC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEONLINE~1.OCXa49f0153-0cee-11e6-8280-40e23062ff5e

    Error: (04/27/2016 05:42:04 PM) (Source: SideBySide)(User: )
    Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL

    Error: (04/27/2016 05:39:31 PM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description:
    Details:
    AddWin32ServiceFiles: Unable to back up image of service WtuSystemSupport since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.

    Error: (04/27/2016 05:39:30 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {6bbe7f7a-a016-46cd-8fb5-4e295d29ce5b}

    Error: (04/26/2016 07:05:12 PM) (Source: SideBySide)(User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

    Error: (04/26/2016 07:03:43 PM) (Source: Application Error)(User: )
    Description: IEXPLORE.EXE11.0.9600.181245641278dONLINE~1.OCX_unloaded1.0.0.777755546935c0000005000a08e0da401d1a02b5d28d817C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEONLINE~1.OCXa5c86ae5-0c24-11e6-827f-40e23062ff5e

    Error: (04/26/2016 05:57:26 PM) (Source: SideBySide)(User: )
    Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL

    Error: (04/26/2016 05:25:18 PM) (Source: SideBySide)(User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifestC:\Users\gamegodessss\AppData\Local\Temp\IDC2.tmp\ESETSmartInstaller.exe

    Error: (04/24/2016 05:35:56 AM) (Source: Application Error)(User: )
    Description: ScriptHelper.exe4.2.6.55256bb401aScriptHelper.exe4.2.6.55256bb401ac00000050000155e18cc01d19e2e3aba3139C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.2.6\ScriptHelper.exeC:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.2.6\ScriptHelper.exe7891a762-0a21-11e6-827e-40e23062ff5e

    Error: (04/23/2016 09:39:51 PM) (Source: Application Error)(User: )
    Description: Maxthon.exe4.4.8.200056cd5fe8Maxthon.dll4.4.8.100056cd6047c0000409000a1670109801d19dea8bc1ee7fC:\Program Files (x86)\Maxthon\Bin\Maxthon.exeC:\Program Files (x86)\Maxthon\Bin\Maxthon.dllf665bc74-09de-11e6-827e-40e23062ff5e


    CodeIntegrity Errors:
    ===================================
      Date: 2016-04-28 06:16:23.996
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-28 06:16:21.902
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-28 06:16:03.886
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-28 06:16:03.699
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-28 06:16:03.511
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-28 06:16:03.308
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-28 06:16:03.121
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-27 20:36:31.233
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-27 20:36:30.967
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-27 20:36:30.686
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    =========================== Installed Programs ============================

    AMD Catalyst Install Manager (HKLM\...\{B5550B26-CD14-054D-FF0A-83405AE096B9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.15 - ASUSTeK Computer Inc.)
    ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
    ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.06 - ASUSTeK Computer Inc.)
    ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
    ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.05 - ASUSTeK Computer Inc.)
    ASUS Manager - SyncUp (HKLM-x32\...\{C2294792-457D-4DF7-9486-B630754C73D0}) (Version: 2.00.07 - ASUSTeK Computer Inc.)
    ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.08 - ASUSTeK Computer Inc.)
    ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.09.05 - ASUSTeK Computer Inc.)
    ASUS Music Maker (HKLM\...\{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG) Hidden
    ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
    AVG (HKLM\...\{8719FCC9-FE23-4CFC-B2D7-9929B799B4B5}) (Version: 16.61.7539 - AVG Technologies) Hidden
    AVG 2016 (HKLM\...\{6CD32B6F-4807-4C26-B274-4EE75DC335A4}) (Version: 16.0.4563 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.61.7539 - AVG Technologies)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
    FMW 1 (HKLM\...\{FAA6526A-BDA0-4D97-B79F-718937AAFACB}) (Version: 1.73.2 - AVG Technologies) Hidden
    Galerķa de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
    HydraVision (HKLM-x32\...\{1DE5ADB1-B1B2-D858-F19F-6FB2E28C608D}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
    Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Maxthon App Store (HKLM-x32\...\Maxthon App Store 1.1.0.10848) (Version: 1.1.0.10848 - Maxthon, Inc.)
    Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.8.1000 - Maxthon International Limited)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30179 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0247 - REALTEK Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

    ========================= Devices: ================================


    **** End of log ****

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #19 on: April 28, 2016, 05:59:51 PM »
    eset is running now

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #20 on: April 28, 2016, 07:56:13 PM »
    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner64.ocx - registred OK
    OnlineScanner.ocx - registred OK
    Update Init
    Update Download
    Update Finalize
    Updated modules version: 29292

    Offline Foxfire

    • Malware Removal Staff
    • Bronze Member
    • Posts: 443
    Re: Computer clock keeps changing and slow page loading
    « Reply #21 on: April 30, 2016, 02:10:11 AM »


    Hello gamegodesss,

    One of the drivers on your ESET scanner is causing problems & it requires manual deletion.
    Please go HERE & follow the instructions carefully.

    Next run your existing copy of  ESET scanner (As detailed in my reply No:13 ) & run it from
    one of your alternative browsers.

    Should that still fails, please run DDS :-

    Please perform the following scan:
    • Download DDS by sUBs from one of the following links.  Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool.   
    • When done, DDS will open two (2) logs

             1. DDS.txt
             2. Attach.txt
    • Save both logs to your desktop.
    • The instructions here ask you to attach the Attach.txt.

     
    • Instead of attaching, please copy/paste both logs into your next reply.

    • Close the program window, and delete the program from your desktop.
    Please note:  You may have to disable any script protection running if the scan fails to run.
    After downloading the tool, disconnect from the internet and disable all antivirus protection.
    Run the scan, enable your A/V and reconnect to the internet. 
    Information on A/V control HERE

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #22 on: April 30, 2016, 04:43:34 AM »
    I tried to manually delete but I went to the location c:/windows/system32/drivers and there was no such driver listed there. Then I went to device manager and followed those instructions only to find there was nothing there to delete either. So Now what do I do? Do I still do the DDS?

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #23 on: April 30, 2016, 08:12:07 AM »
    My clock was an hour behind again this morning. :(

    Offline Foxfire

    • Malware Removal Staff
    • Bronze Member
    • Posts: 443
    Re: Computer clock keeps changing and slow page loading
    « Reply #24 on: April 30, 2016, 10:49:00 AM »
       
    Quote
    So Now what do I do? Do I still do the DDS?

    Use this method:-

     Run A Scan With SystemLook  http://downloads.malwareremoval.com/SystemLook/SystemLook_x64.exe
    Please download SystemLook from the download mirror and save it to your Desktop.
    Download Mirror #1 (64-bit)
    http://jpshortstuff.247fixes.com/SystemLook.exe
    http://images.malwareremoval.com/jpshortstuff/SystemLook.exe

        Double-click SystemLook_x64.exe to run it. OK the User Account Control.
        Copy the content of the following codebox into the main textfield:
       
    Code: [Select]
        :filefind
        *ehdrv.sys*
        :regfind
         ehdrv
       
        Click the Look button to start the scan.
        Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
        When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

    Note: The results log can also be found on your Desktop entitled SystemLook.txt

    >>>>>>>>>>>>>>>>>>>>>

    Run a New Scan With the Farbar Scan Tool

        Double click FRST64.exe on your desktop to launch it.
        When the tool opens click Yes to disclaimer.
        Press the Scan button.
        When finished scanning, a new version of the log FRST.txt will be saved on your Desktop and opened in Notepad.
        Please post the contents in your next reply.

    I need the SystemLook plus both FRST logs please.
    platypuss


     

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #25 on: April 30, 2016, 01:21:25 PM »
    SystemLook 30.07.11 by jpshortstuff
    Log created at 12:15 on 30/04/2016 by gamegodessss
    Administrator - Elevation successful
    WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

    ========== filefind ==========

    Searching for "    *ehdrv.sys*"
    No files found.

    Searching for "    :regfind"
    No files found.

    Searching for "     ehdrv"
    No files found.

    -= EOF =-

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #26 on: April 30, 2016, 01:22:27 PM »
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-04-2016
    Ran by gamegodessss (administrator) on VIRGINIA (30-04-2016 12:19:12)
    Running from C:\Users\gamegodessss\Desktop
    Loaded Profiles: gamegodessss (Available Profiles: gamegodessss)
    Platform: Windows 8.1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
    (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
    () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
    (Maxthon Inc.) C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MasSvc.exe
    (Maxthon) C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MaxthonAppstoreSvc.exe
    (Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
    (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
    (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
    () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
    () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    () C:\Users\gamegodessss\Desktop\SystemLook.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-13] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-12] (Realtek Semiconductor)
    HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-25] (Realtek Semiconductor Corporation)
    HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2015-01-15] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-19] ()
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3930384 2016-04-06] (AVG Technologies CZ, s.r.o.)
    HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
    HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [4351216 2009-05-26] (Yahoo! Inc.)
    HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\MountPoints2: {88ac5ae1-e752-11e4-8257-806e6f6e6963} - "E:\Gateway\gateway.exe"
    HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{DF04DCAC-3397-4A87-B912-4E8C9C29B9A7}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
    SearchScopes: HKU\S-1-5-21-2414226335-1504749314-3964486275-1001 -> DefaultScope {DFED6624-258C-498C-9757-6F07A33A797D} URL =
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle Corporation)
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

    FireFox:
    ========
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [No File]
    FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle Corporation)
    FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2009-05-26] (Yahoo! Inc.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] ()
    R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]
    S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [638456 2016-04-06] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3993088 2016-04-06] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-04-14] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [593880 2016-04-06] (AVG Technologies CZ, s.r.o.)
    R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
    R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
    R2 MasSvc_{MaxthonAppStore_1.1.0.10848}; C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MasSvc.exe [563112 2015-08-18] (Maxthon Inc.)
    R2 MaxthonAppStoreSvc; C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\MaxthonAppstoreSvc.exe [1867544 2015-08-10] (Maxthon)
    R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2385832 2016-01-12] (Maxthon)
    R2 vToolbarUpdater40.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [1949768 2016-02-22] (AVG Secure Search)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
    R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
    R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
    R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
    S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [306976 2016-03-08] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [246560 2016-03-07] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
    R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71456 2016-03-08] (AVG Technologies CZ, s.r.o.)
    R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3759320 2014-12-01] (Realtek Semiconductor Corporation                           )
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-04-30 12:19 - 2016-04-30 12:19 - 00013809 _____ C:\Users\gamegodessss\Desktop\FRST.txt
    2016-04-30 12:15 - 2016-04-30 12:16 - 00000806 _____ C:\Users\gamegodessss\Desktop\SystemLook.txt
    2016-04-30 12:14 - 2016-04-30 12:14 - 00139264 _____ C:\Users\gamegodessss\Desktop\SystemLook.exe
    2016-04-28 16:53 - 2016-04-28 16:53 - 00000000 ____D C:\Program Files (x86)\ESET
    2016-04-28 16:48 - 2016-04-28 16:48 - 00891392 _____ (Farbar) C:\Users\gamegodessss\Desktop\MiniToolBox.exe
    2016-04-27 17:50 - 2016-04-27 17:50 - 00001460 _____ C:\Users\gamegodessss\Desktop\avgui.exe - Shortcut.lnk
    2016-04-27 17:20 - 2016-04-27 17:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\gamegodessss\Desktop\revosetup.exe
    2016-04-27 17:20 - 2016-04-27 17:20 - 00001291 _____ C:\Users\gamegodessss\Desktop\Revo Uninstaller.lnk
    2016-04-27 17:20 - 2016-04-27 17:20 - 00000000 ____D C:\Users\gamegodessss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
    2016-04-27 17:20 - 2016-04-27 17:20 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
    2016-04-26 18:12 - 2016-04-26 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2016-04-26 18:12 - 2016-04-26 18:12 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-04-26 18:11 - 2016-04-26 18:11 - 00000000 ___HD C:\$AVG
    2016-04-26 18:11 - 2016-04-26 18:11 - 00000000 ____D C:\Program Files (x86)\AVG
    2016-04-25 17:51 - 2016-04-30 12:19 - 00000000 ____D C:\FRST
    2016-04-25 17:17 - 2016-04-25 17:18 - 02376192 _____ (Farbar) C:\Users\gamegodessss\Desktop\FRST64.exe
    2016-04-23 08:10 - 2016-04-23 08:10 - 01283514 _____ C:\Users\gamegodessss\Documents\prizes.pdf
    2016-04-12 15:25 - 2016-04-12 15:25 - 03290270 _____ C:\Users\gamegodessss\Documents\TraxxasNitroSport.pdf
    2016-04-12 15:20 - 2016-04-12 15:20 - 00914028 _____ C:\Users\gamegodessss\Documents\xrs_sport_reversible.pdf
    2016-04-12 15:16 - 2016-04-12 15:16 - 00911793 _____ C:\Users\gamegodessss\Documents\TQ3remote.pdf
    2016-04-12 13:28 - 2016-04-12 13:28 - 00601374 _____ C:\Users\gamegodessss\Downloads\2203-2204INST TRNSMTR.pdf
    2016-04-10 10:04 - 2016-04-10 10:04 - 00229397 _____ C:\Users\gamegodessss\Documents\146032.pdf
    2016-04-10 01:48 - 2016-04-10 01:48 - 00213607 _____ C:\Users\gamegodessss\Documents\146028.pdf
    2016-04-09 15:01 - 2016-04-09 15:01 - 02130581 _____ C:\Users\gamegodessss\Documents\xtm-x-factor-2-manual.pdf

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-04-29 18:18 - 2015-12-16 14:10 - 00000000 ____D C:\ProgramData\MFAData
    2016-04-29 04:32 - 2015-12-16 13:47 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2414226335-1504749314-3964486275-1001
    2016-04-28 16:53 - 2013-08-22 07:36 - 00000000 ___SD C:\Windows\Downloaded Program Files
    2016-04-28 06:15 - 2016-01-26 15:37 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
    2016-04-28 02:06 - 2015-12-16 13:41 - 00000000 ____D C:\Users\gamegodessss\AppData\Local\Packages
    2016-04-28 02:06 - 2013-08-22 07:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-04-28 02:06 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
    2016-04-27 17:48 - 2014-03-18 02:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-04-27 17:48 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\Inf
    2016-04-27 17:41 - 2016-01-01 23:46 - 00000000 ____D C:\Users\gamegodessss\OneDrive
    2016-04-27 17:41 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-04-27 17:26 - 2016-01-26 15:37 - 00000000 ____D C:\Users\gamegodessss\AppData\Local\AVG Web TuneUp
    2016-04-27 17:26 - 2016-01-26 15:37 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
    2016-04-26 18:12 - 2015-12-16 14:05 - 00000000 ____D C:\Users\gamegodessss\AppData\Local\Avg
    2016-04-26 18:11 - 2015-12-16 14:07 - 00000000 ____D C:\ProgramData\Avg
    2016-04-26 18:11 - 2015-12-16 14:05 - 00000000 ____D C:\Users\gamegodessss\AppData\Local\AvgSetupLog
    2016-04-26 18:11 - 2013-08-22 07:36 - 00000000 ___HD C:\Windows\ELAMBKUP
    2016-04-26 17:56 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-04-25 16:34 - 2015-12-31 06:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-04-23 09:11 - 2015-12-31 06:21 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-04-23 09:11 - 2015-12-31 06:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-04-23 09:11 - 2015-12-31 06:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-04-23 04:52 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\system32\config\ELAM

    ==================== Files in the root of some directories =======

    2015-12-16 13:41 - 2016-04-27 17:41 - 0208311 _____ () C:\Users\gamegodessss\AppData\Local\BTServer.log
    2015-01-15 00:37 - 2015-01-15 00:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\gamegodessss\AppData\Local\Temp\avguirn_081340614278.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-04-30 05:58

    ==================== End of FRST.txt ============================

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #27 on: April 30, 2016, 01:23:24 PM »
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-04-2016
    Ran by gamegodessss (2016-04-30 12:19:43)
    Running from C:\Users\gamegodessss\Desktop
    Windows 8.1 (X64) (2015-12-16 21:41:19)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2414226335-1504749314-3964486275-500 - Administrator - Disabled)
    gamegodessss (S-1-5-21-2414226335-1504749314-3964486275-1001 - Administrator - Enabled) => C:\Users\gamegodessss
    Guest (S-1-5-21-2414226335-1504749314-3964486275-501 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    AMD Catalyst Install Manager (HKLM\...\{B5550B26-CD14-054D-FF0A-83405AE096B9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.15 - ASUSTeK Computer Inc.)
    ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
    ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.06 - ASUSTeK Computer Inc.)
    ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
    ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.05 - ASUSTeK Computer Inc.)
    ASUS Manager - SyncUp (HKLM-x32\...\{C2294792-457D-4DF7-9486-B630754C73D0}) (Version: 2.00.07 - ASUSTeK Computer Inc.)
    ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.08 - ASUSTeK Computer Inc.)
    ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.09.05 - ASUSTeK Computer Inc.)
    ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
    ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
    AVG (Version: 16.61.7539 - AVG Technologies) Hidden
    AVG 2016 (Version: 16.0.4563 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.61.7539 - AVG Technologies)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
    FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden
    Galerķa de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
    HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
    Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Maxthon App Store (HKLM-x32\...\Maxthon App Store 1.1.0.10848) (Version: 1.1.0.10848 - Maxthon, Inc.)
    Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.8.1000 - Maxthon International Limited)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30179 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0247 - REALTEK Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01DB8389-545E-43B5-8BB4-F7F0341DD078} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-09-12] (ASUSTeK)
    Task: {06152DE1-A276-45B9-8B70-E3D610825984} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
    Task: {082CB1F2-4FA2-4B32-9E68-D50041F2B9B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {23BDA590-11C9-4DFC-BEBC-738DCC4643F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {3E37279B-4F15-439E-912D-63A62DF2729C} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2016-02-24] (Maxthon International ltd.)
    Task: {84C04EEC-11D3-4A9E-8487-436E2ECDF417} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
    Task: {8556026B-18EB-43FA-8C40-2DA64C41B1A6} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2014-03-18] ()
    Task: {B32E88A5-96F3-43B6-A480-D8354CBE2943} - System32\Tasks\{BE346619-9FFD-440F-9C9F-7D9A409F0530} => pcalua.exe -a C:\Roadrash\RoadRash\ROADRASH\RASHME.EXE -d C:\Roadrash\RoadRash\ROADRASH
    Task: {CF5A8C22-C96B-4D1B-B7FA-D05E2DC1BA58} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-06-03] ()
    Task: {DB922BE1-5291-46A7-B4FC-4C3A1D28D273} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2014-03-20] ()
    Task: {FEE26D0B-57B7-4BDE-A85D-B96683114983} - System32\Tasks\ASUS\SyncUp => C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe [2014-11-03] (ASUSTeK Computer Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2015-04-20 03:53 - 2013-09-26 10:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
    2015-04-20 03:57 - 2014-06-03 14:59 - 00930448 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
    2015-04-20 03:57 - 2014-03-12 14:51 - 00907776 _____ () C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll
    2013-06-05 15:51 - 2013-06-05 15:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
    2013-06-05 15:51 - 2013-06-05 15:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
    2015-04-20 03:56 - 2013-11-06 02:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
    2016-04-30 12:14 - 2016-04-30 12:14 - 00139264 _____ () C:\Users\gamegodessss\Desktop\SystemLook.exe
    2015-08-18 23:13 - 2015-08-18 23:13 - 00952232 _____ () C:\Program Files (x86)\Maxthon App Store\1.1.0.10848\Plugins\Plugin.ServShellEx\ServShellEx.dll
    2015-04-20 03:57 - 2014-01-22 10:36 - 00753664 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\WiMoveHelp.dll
    2015-04-20 03:57 - 2014-01-22 10:35 - 00684032 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\PhoneCtrlAPI.dll
    2015-12-22 04:12 - 2009-05-26 21:06 - 00913408 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
    2015-04-20 03:56 - 2016-04-27 17:43 - 00036352 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
    2015-04-20 03:56 - 2010-06-28 18:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
    2016-04-26 18:11 - 2015-04-07 05:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gamegodessss\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run: => "BtServer"
    HKLM\...\StartupApproved\Run32: => "AVG_UI"
    HKU\S-1-5-21-2414226335-1504749314-3964486275-1001\...\StartupApproved\Run: => "Skype"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{6EA12058-4395-4ADF-8D51-EE86497ECE86}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CAC918E6-BEA5-4E12-A1BE-C25B2043025B}] => (Allow) LPort=2869
    FirewallRules: [{C4F65DE1-E416-4C7E-BACF-699A8159C467}] => (Allow) LPort=1900
    FirewallRules: [{A1CA7977-C383-4092-B6FD-FE9299A1FFF9}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    FirewallRules: [{7A768A18-45BC-496D-A8DB-E5E321DB8305}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    FirewallRules: [{D6814A72-7FEA-4B85-9850-6806A0E1846F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{A84E2F38-4DA7-46C8-9E3A-D205B550B9B4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
    FirewallRules: [{FC8C481A-0294-4C02-8E37-5A4016EA69E1}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{C1526945-4168-4BDB-9402-A4A318C48C58}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
    FirewallRules: [{23459288-A173-4F06-9641-98E612C64D3D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{011057C5-C96C-4AAE-8ECE-D4D5538C1598}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{B2BA2D0E-DAC0-4AAF-B082-3DF388B92F6A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{1515CC6B-D30E-40F1-B330-8B5DED51A9ED}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{A12093EF-7902-4E17-9171-3E43AC416275}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{57C2EFF5-4647-4386-91CB-0D322CA5E901}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{13083F17-558C-4955-8AB5-9AAFCB4EF2F1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{F5E0AA68-6C1C-48C2-B0C0-966B15F9CDE4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{B1206F66-3D36-444F-96D6-F76ACE0F55EB}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
    FirewallRules: [{985CE75A-C4E4-418A-8DF2-D773755D083C}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
    FirewallRules: [{0553EECF-58B4-48F1-B1A8-9E68A6A3C43E}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe
    FirewallRules: [{248B11BF-6591-479D-BD9B-AF4B288C2C39}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe

    ==================== Restore Points =========================

    14-04-2016 05:09:20 Scheduled Checkpoint
    22-04-2016 04:47:43 Scheduled Checkpoint
    24-04-2016 12:32:47 Configured eManual
    26-04-2016 17:54:34 Removed AVG
    27-04-2016 17:39:30 Restore Point Created by FRST

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/28/2016 06:54:11 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
    Faulting module name: ONLINE~1.OCX_unloaded, version: 1.0.0.7777, time stamp: 0x55546935
    Exception code: 0xc0000005
    Fault offset: 0x000a08e0
    Faulting process id: 0x510
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/27/2016 07:09:39 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
    Faulting module name: ONLINE~1.OCX_unloaded, version: 1.0.0.7777, time stamp: 0x55546935
    Exception code: 0xc0000005
    Fault offset: 0x000a08e0
    Faulting process id: 0x14ec
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/27/2016 05:42:04 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (04/27/2016 05:39:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    Details:
    AddWin32ServiceFiles: Unable to back up image of service WtuSystemSupport since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.
    .

    Error: (04/27/2016 05:39:30 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
       Gathering Writer Data

    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {6bbe7f7a-a016-46cd-8fb5-4e295d29ce5b}

    Error: (04/26/2016 07:05:12 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

    Error: (04/26/2016 07:03:43 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
    Faulting module name: ONLINE~1.OCX_unloaded, version: 1.0.0.7777, time stamp: 0x55546935
    Exception code: 0xc0000005
    Fault offset: 0x000a08e0
    Faulting process id: 0xda4
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3
    Faulting package full name: IEXPLORE.EXE4
    Faulting package-relative application ID: IEXPLORE.EXE5

    Error: (04/26/2016 05:57:26 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (04/26/2016 05:25:18 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

    Error: (04/24/2016 05:35:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: ScriptHelper.exe, version: 4.2.6.552, time stamp: 0x56bb401a
    Faulting module name: ScriptHelper.exe, version: 4.2.6.552, time stamp: 0x56bb401a
    Exception code: 0xc0000005
    Fault offset: 0x0000155e
    Faulting process id: 0x18cc
    Faulting application start time: 0xScriptHelper.exe0
    Faulting application path: ScriptHelper.exe1
    Faulting module path: ScriptHelper.exe2
    Report Id: ScriptHelper.exe3
    Faulting package full name: ScriptHelper.exe4
    Faulting package-relative application ID: ScriptHelper.exe5


    System errors:
    =============
    Error: (04/28/2016 02:38:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80073cf1: GAMELOFTSA.Asphalt8Airborne.

    Error: (04/28/2016 02:04:27 AM) (Source: DCOM) (EventID: 10016) (User: VIRGINIA)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VirginiagamegodessssS-1-5-21-2414226335-1504749314-3964486275-1001LocalHost (Using LRPC)40588MidwayStudios.PAC-MANOriginal_1.1.0.0_neutral__svrvwanpjnagmS-1-15-2-78110329-4293305703-3491148040-1048490581-3132400345-2559280165-1260876735

    Error: (04/27/2016 05:52:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The eapihdrv service failed to start due to the following error:
    %%1275

    Error: (04/27/2016 05:52:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\GAMEGO~1\AppData\Local\Temp\ehdrv.sys

    Error: (04/27/2016 05:52:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The eapihdrv service failed to start due to the following error:
    %%1275

    Error: (04/27/2016 05:52:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\GAMEGO~1\AppData\Local\Temp\ehdrv.sys

    Error: (04/27/2016 05:52:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The eapihdrv service failed to start due to the following error:
    %%1275

    Error: (04/27/2016 05:52:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: \??\C:\Users\GAMEGO~1\AppData\Local\Temp\ehdrv.sys

    Error: (04/27/2016 05:43:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%2

    Error: (04/27/2016 05:40:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\system32\Rtlihvs.dll


    CodeIntegrity:
    ===================================
      Date: 2016-04-29 18:18:15.276
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 18:18:14.776
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 18:18:01.698
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 18:17:48.667
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 18:17:48.463
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 18:17:48.260
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 18:17:43.354
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 06:17:13.774
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 06:17:13.040
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-04-29 06:17:05.868
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: AMD FX(tm)-8310 Eight-Core Processor
    Percentage of memory in use: 43%
    Total physical RAM: 8107.42 MB
    Available physical RAM: 4618.5 MB
    Total Virtual: 9387.42 MB
    Available Virtual: 6500.88 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:1847.81 GB) (Free:1811.14 GB) NTFS
    Drive e: (RoadRash) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 1863 GB) (Disk ID: D9C68D95)

    Partition: GPT.

    ==================== End of Addition.txt ============================

    Offline Foxfire

    • Malware Removal Staff
    • Bronze Member
    • Posts: 443
    Re: Computer clock keeps changing and slow page loading
    « Reply #28 on: April 30, 2016, 01:26:11 PM »

     
    Quote
    My clock was an hour behind again this morning. :(

    It is beginning to look as though it is not malware interfering with your clock
    Look HERE
    for further causes. Battery failure is most common.
    >>>>>>>>>>>>>>>>>
    platypuss

    Offline gamegodessss

    • Bronze Member
    • Posts: 99
    Re: Computer clock keeps changing and slow page loading
    « Reply #29 on: April 30, 2016, 01:34:56 PM »
    That makes no sense. My computer is only 5 months old. And nothing is changed but the time and its always setback exactly 1 hour. Nothing else gets changed

     

    Click Here