Jump to content

astrokenDi

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. That's Windows activation right? Should I reinstall the Windows with different CD to remove it?
  2. Malwarebytes log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 6/26/2015Scan Time: 6:52:16 PMLogfile: Administrator: Yes Version: 2.01.6.1022Malware Database: v2015.06.26.01Rootkit Database: v2015.06.22.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x86File System: NTFSUser: W7U Scan Type: Threat ScanResult: CompletedObjects Scanned: 295534Time Elapsed: 20 min, 14 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 3PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify, 1, Good: (0), Bad: (1),,[b99008b7f694b2847fb42025ce384cb4]PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify, 1, Good: (0), Bad: (1),,[78d1823dd2b8de58c96b62e36d995aa6]PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Good: (0), Bad: (1),,[9baebd028109fa3c4ce94df8679f2fd1] Folders: 0(No malicious items detected) Files: 1Trojan.Malpack.Gen, C:\yuqx.exe, , [5eebc6f93357d75fa56c82a98978a858], Physical Sectors: 0(No malicious items detected) (end)
  3. I'm sorry but I don't see the attached file, or how to save it .-.
  4. FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-06-2015Ran by W7U (administrator) on W7U-PC on 26-06-2015 17:54:00Running from C:\Users\W7U\DesktopLoaded Profiles: W7U (Available Profiles: W7U)Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SUPERAntiSpyware.com) G:\Super Anti-Spyware\SASCore.exe(Malwarebytes Corporation) G:\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) G:\Malwarebytes Anti-Malware\mbamservice.exe(Skype Technologies) G:\Skype\Updater\Updater.exe(Malwarebytes Corporation) G:\Malwarebytes Anti-Malware\mbam.exe(Skype Technologies S.A.) G:\Skype\Phone\Skype.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-246419875-1643227403-1005632818-1000\...\Run: [sUPERAntiSpyware] => G:\Super Anti-Spyware\SUPERAntiSpyware.exe [6787864 2015-06-25] (SUPERAntiSpyware)HKU\S-1-5-21-246419875-1643227403-1005632818-1000\...\Run: [skype] => G:\Skype\Phone\Skype.exe [53288576 2015-06-16] (Skype Technologies S.A.)AlternateShell: ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 4.2.2.2 10.10.10.1 FireFox:========FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-25] (Google Inc.) Chrome: =======CHR Profile: C:\Users\W7U\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-25]CHR Extension: (Google Docs) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-25]CHR Extension: (Google Drive) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-25]CHR Extension: (YouTube) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-25]CHR Extension: (Google Search) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-25]CHR Extension: (Google Sheets) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-25]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-25]CHR Extension: (Google Wallet) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-25]CHR Extension: (Gmail) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-25]CHR Profile: C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1CHR Extension: (Google Slides) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-25]CHR Extension: (Google Docs) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-25]CHR Extension: (Google Drive) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-25]CHR Extension: (YouTube) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-25]CHR Extension: (uBlock Origin) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-06-25]CHR Extension: (Google Search) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-25]CHR Extension: (Google Sheets) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-25]CHR Extension: (Hangman) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjplgbjgpnldhcanakncjkdgpbidibgn [2015-06-25]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-25]CHR Extension: (Google Wallet) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-25]CHR Extension: (Gmail) - C:\Users\W7U\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-25] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; G:\Super Anti-Spyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)R2 MBAMScheduler; G:\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)R2 MBAMService; G:\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)R2 SkypeUpdate; G:\Skype\Updater\Updater.exe [327296 2015-06-03] (Skype Technologies)S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-26] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)R0 oem-drv86; C:\Windows\System32\DRIVERS\oem-drv86.sys [28160 2015-06-26] (secr9tos) [File not signed]R1 SASDIFSV; G:\Super Anti-Spyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; G:\Super Anti-Spyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-26 17:54 - 2015-06-26 17:54 - 00007212 _____ C:\Users\W7U\Desktop\FRST.txt2015-06-26 17:43 - 2015-06-26 17:54 - 00000000 ____D C:\FRST2015-06-26 17:43 - 2015-06-26 17:18 - 01636352 _____ (Farbar) C:\Users\W7U\Desktop\FRST.exe2015-06-26 17:41 - 2015-06-26 17:41 - 00103140 _____ C:\yuqx.exe2015-06-26 17:17 - 2015-06-26 17:18 - 01636352 _____ (Farbar) C:\Users\W7U\Downloads\FRST.exe2015-06-26 13:52 - 2015-06-26 13:52 - 00000000 ____D C:\Users\W7U\Documents\My Cheat Tables2015-06-26 13:26 - 2015-06-26 13:55 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Little Inferno2015-06-26 13:25 - 2015-06-26 13:25 - 00001821 _____ C:\Users\W7U\Desktop\Little Inferno.lnk2015-06-26 13:25 - 2015-06-26 13:25 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Inferno2015-06-26 11:10 - 2015-06-26 17:54 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-06-26 11:09 - 2015-06-26 11:09 - 00000621 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-06-26 11:09 - 2015-06-26 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-06-26 11:09 - 2015-06-26 11:09 - 00000000 ____D C:\ProgramData\Malwarebytes2015-06-26 11:09 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-06-26 11:09 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-06-26 11:09 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-06-26 11:05 - 2015-06-26 11:08 - 21615712 _____ (Malwarebytes Corporation ) C:\Users\W7U\Downloads\mbam-setup-2.1.6.1022.exe2015-06-26 01:51 - 2015-06-26 01:51 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2015-06-26 00:22 - 2015-06-26 00:35 - 00000000 ____D C:\Users\W7U\Documents\WPR Files2015-06-26 00:17 - 2015-06-26 00:17 - 00000000 ____D C:\ProgramData\WindowsPerformanceRecorder2015-06-25 23:48 - 2015-06-25 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits2015-06-25 22:54 - 2015-06-26 00:20 - 00000000 ____D C:\Users\W7U\AppData\Roaming\vlc2015-06-25 20:10 - 2015-06-25 23:48 - 00000000 ____D C:\ProgramData\Package Cache2015-06-25 20:05 - 2015-06-25 20:06 - 01435680 _____ (Microsoft Corporation) C:\Users\W7U\Downloads\adksetup.exe2015-06-25 19:56 - 2015-06-25 19:56 - 00000000 ____D C:\Users\W7U\AppData\Local\2DBoy2015-06-25 19:56 - 2015-06-25 19:56 - 00000000 ____D C:\ProgramData\2DBoy2015-06-25 18:48 - 2015-05-11 13:56 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\W7U\Desktop\procexp.exe2015-06-25 18:47 - 2015-06-25 18:48 - 01186640 _____ C:\Users\W7U\Downloads\ProcessExplorer.zip2015-06-25 17:27 - 2015-06-25 17:27 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Process Hacker 22015-06-25 17:23 - 2011-10-24 20:12 - 00000423 _____ C:\Users\W7U\Desktop\chapter28.sav2015-06-25 17:23 - 2011-10-24 20:12 - 00000385 _____ C:\Users\W7U\Desktop\chapter0.sav2015-06-25 17:18 - 2015-06-25 17:18 - 00000000 ____D C:\Users\W7U\Documents\My Games2015-06-25 17:18 - 2015-06-25 17:18 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Microsoft Games2015-06-25 17:17 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll2015-06-25 17:17 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll2015-06-25 17:17 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll2015-06-25 17:17 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll2015-06-25 17:17 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll2015-06-25 17:17 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll2015-06-25 17:17 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll2015-06-25 17:17 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll2015-06-25 17:17 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll2015-06-25 17:17 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll2015-06-25 17:17 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll2015-06-25 17:17 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll2015-06-25 17:17 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll2015-06-25 17:17 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll2015-06-25 17:17 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll2015-06-25 17:17 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll2015-06-25 17:17 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll2015-06-25 17:17 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll2015-06-25 17:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll2015-06-25 17:17 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll2015-06-25 17:17 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll2015-06-25 17:17 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll2015-06-25 17:17 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll2015-06-25 17:17 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll2015-06-25 17:17 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll2015-06-25 17:17 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll2015-06-25 17:17 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll2015-06-25 17:17 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll2015-06-25 17:17 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll2015-06-25 17:17 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll2015-06-25 17:17 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll2015-06-25 17:17 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll2015-06-25 17:17 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll2015-06-25 17:17 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll2015-06-25 17:17 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll2015-06-25 17:17 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll2015-06-25 17:17 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll2015-06-25 17:17 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll2015-06-25 17:17 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll2015-06-25 17:17 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll2015-06-25 17:17 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll2015-06-25 17:17 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll2015-06-25 17:17 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll2015-06-25 17:17 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll2015-06-25 17:17 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll2015-06-25 17:17 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll2015-06-25 17:17 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll2015-06-25 17:17 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll2015-06-25 17:17 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll2015-06-25 17:17 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll2015-06-25 17:17 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll2015-06-25 17:17 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll2015-06-25 17:17 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll2015-06-25 17:17 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll2015-06-25 17:17 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll2015-06-25 17:17 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll2015-06-25 17:17 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll2015-06-25 17:17 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll2015-06-25 17:17 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll2015-06-25 17:17 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll2015-06-25 17:17 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll2015-06-25 17:17 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll2015-06-25 17:17 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll2015-06-25 17:17 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll2015-06-25 17:17 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll2015-06-25 17:17 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll2015-06-25 17:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll2015-06-25 17:17 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll2015-06-25 17:17 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll2015-06-25 17:17 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll2015-06-25 17:17 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll2015-06-25 17:17 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll2015-06-25 17:17 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll2015-06-25 17:17 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll2015-06-25 17:17 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll2015-06-25 17:17 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll2015-06-25 17:17 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll2015-06-25 17:17 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll2015-06-25 17:17 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll2015-06-25 17:17 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll2015-06-25 17:17 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll2015-06-25 17:17 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll2015-06-25 17:17 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll2015-06-25 17:17 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll2015-06-25 17:05 - 2015-06-25 17:17 - 00000000 ____D C:\Windows\system32\directx2015-06-25 17:05 - 2015-06-25 17:05 - 00370520 _____ (Microsoft Corporation) C:\Users\W7U\Downloads\dxwebsetup.exe2015-06-25 17:03 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll2015-06-25 17:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll2015-06-25 17:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll2015-06-25 17:01 - 2015-06-25 17:01 - 00035741 _____ C:\Windows\DirectX.log2015-06-25 17:01 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll2015-06-25 17:01 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll2015-06-25 17:01 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll2015-06-25 17:01 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll2015-06-25 16:27 - 2015-06-25 16:27 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-06-25 16:27 - 2015-06-25 16:27 - 00000000 ____D C:\Users\W7U\AppData\Local\Google2015-06-25 16:27 - 2015-06-25 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-06-25 16:24 - 2015-06-25 16:24 - 00186718 _____ C:\Users\W7U\Downloads\skypelogview.zip2015-06-25 16:17 - 2015-06-25 16:17 - 00000000 ____D C:\Users\W7U\Tracing2015-06-25 16:16 - 2015-06-26 17:53 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Skype2015-06-25 16:16 - 2015-06-25 16:16 - 00000000 ____D C:\Users\W7U\AppData\Local\Skype2015-06-25 16:15 - 2015-06-25 16:15 - 00002657 _____ C:\Users\Public\Desktop\Skype.lnk2015-06-25 16:15 - 2015-06-25 16:15 - 00000000 ____D C:\ProgramData\Skype2015-06-25 16:15 - 2015-06-25 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2015-06-25 16:15 - 2015-06-25 16:15 - 00000000 ____D C:\Program Files\Skype2015-06-25 16:15 - 2015-06-25 16:15 - 00000000 ____D C:\Program Files\Common Files\Skype2015-06-25 16:10 - 2015-06-26 17:53 - 00000876 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-06-25 16:10 - 2015-06-26 17:15 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-06-25 16:09 - 2015-06-25 16:27 - 00000000 ____D C:\Program Files\Google2015-06-25 16:01 - 2015-06-25 16:12 - 40508032 _____ (Skype Technologies S.A.) C:\Users\W7U\Downloads\SkypeSetupFull.exe2015-06-25 16:01 - 2015-06-25 16:02 - 00931408 _____ (Google Inc.) C:\Users\W7U\Downloads\ChromeSetup.exe2015-06-25 15:59 - 2015-06-25 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware2015-06-25 15:59 - 2015-06-25 15:59 - 00000714 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk2015-06-25 15:59 - 2015-06-25 15:59 - 00000000 ____D C:\Users\W7U\AppData\Roaming\SUPERAntiSpyware.com2015-06-25 15:59 - 2015-06-25 15:59 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com2015-06-25 15:41 - 2015-06-25 15:41 - 00000000 __SHD C:\Users\W7U\AppData\Local\EmieUserList2015-06-25 15:41 - 2015-06-25 15:41 - 00000000 __SHD C:\Users\W7U\AppData\Local\EmieSiteList2015-06-25 15:41 - 2015-06-25 15:41 - 00000000 __SHD C:\Users\W7U\AppData\Local\EmieBrowserModeList2015-06-25 15:36 - 2015-06-25 15:36 - 01465984 _____ (Skype Technologies S.A.) C:\Users\W7U\Downloads\SkypeSetup.exe2015-06-25 15:27 - 2015-06-26 01:41 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Mozilla2015-06-25 15:25 - 2015-06-25 15:25 - 00000000 ____D C:\Users\W7U\AppData\Roaming\WinRAR2015-06-25 15:25 - 2015-06-25 15:25 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2015-06-25 15:25 - 2015-06-25 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR2015-06-25 00:38 - 2015-06-25 00:38 - 00001413 _____ C:\Users\W7U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2015-06-25 00:38 - 2015-06-25 00:38 - 00000000 ____D C:\Users\W7U\AppData\Roaming\Adobe2015-06-25 00:37 - 2015-06-26 17:53 - 00028160 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv86.sys2015-06-25 00:37 - 2015-06-26 17:52 - 00037021 _____ C:\Windows\WindowsUpdate.log2015-06-25 00:37 - 2015-06-25 16:17 - 00000000 ____D C:\Users\W7U2015-06-25 00:37 - 2015-06-25 15:21 - 00000000 ____D C:\Users\W7U\AppData\Local\VirtualStore2015-06-25 00:37 - 2015-06-25 00:38 - 00001973 _____ C:\Windows\system32\WinToolkit_RunOnce_Log.log2015-06-25 00:37 - 2015-06-25 00:37 - 00058016 _____ C:\Users\W7U\AppData\Local\GDIPFONTCACHEV1.DAT2015-06-25 00:37 - 2015-06-25 00:37 - 00000020 ___SH C:\Users\W7U\ntuser.ini2015-06-25 00:37 - 2009-07-14 10:12 - 00000000 ___RD C:\Users\W7U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2015-06-25 00:37 - 2009-07-14 10:07 - 00000000 ___RD C:\Users\W7U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2015-06-25 00:36 - 2015-06-25 00:36 - 00000000 __SHD C:\Recovery2015-06-15 18:15 - 2015-06-15 18:15 - 00000616 _____ C:\Users\W7U\Desktop\Cheat Engine.lnk2015-06-15 10:25 - 2015-06-15 10:25 - 00000637 _____ C:\Users\W7U\Desktop\ResizeEnableRunner.exe - Shortcut.lnk2015-06-09 15:19 - 2015-06-09 15:19 - 00000858 _____ C:\Users\W7U\Desktop\Kung Fury Street Rage.lnk2015-06-08 18:06 - 2015-06-08 18:06 - 00000574 _____ C:\Users\W7U\Desktop\Recuva.lnk2015-06-02 21:02 - 2015-06-02 21:02 - 00000754 _____ C:\Users\W7U\Desktop\Cisco Packet Tracer.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-26 17:53 - 2009-07-14 10:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-06-26 17:53 - 2009-07-14 10:09 - 00029573 _____ C:\Windows\setupact.log2015-06-26 17:52 - 2009-07-14 10:04 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-06-26 17:52 - 2009-07-14 10:04 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-06-26 17:48 - 2010-11-21 03:18 - 00007970 _____ C:\Windows\PFRO.log2015-06-26 17:43 - 2010-11-21 02:31 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI2015-06-26 17:38 - 2011-04-12 07:54 - 00000000 ____D C:\Windows\RemotePackages2015-06-26 14:42 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\Microsoft.NET2015-06-25 17:18 - 2009-07-14 07:34 - 00000255 _____ C:\Windows\system.ini2015-06-25 17:00 - 2009-07-14 10:22 - 00000000 ____D C:\Windows\system32\restore2015-06-25 15:34 - 2015-05-13 22:45 - 00000668 _____ C:\Users\W7U\Desktop\Windows 7 Manager.lnk2015-06-25 00:37 - 2014-12-12 12:06 - 00000000 ____D C:\Windows\Panther ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-25 14:59 ==================== End of log ============================ Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-06-2015Ran by W7U at 2015-06-26 17:55:12Running from C:\Users\W7U\DesktopBoot Mode: Normal========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-246419875-1643227403-1005632818-500 - Administrator - Disabled)Guest (S-1-5-21-246419875-1643227403-1005632818-501 - Limited - Disabled)W7U (S-1-5-21-246419875-1643227403-1005632818-1000 - Administrator - Enabled) => C:\Users\W7U ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Assessments on Client (Version: 8.100.26866 - Microsoft) HiddenGoogle Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)Google Update Helper (Version: 1.3.27.5 - Google Inc.) HiddenKits Configuration Installer (Version: 8.100.25984 - Microsoft) HiddenLittle Inferno 1.2 (HKLM\...\{D3D39D29-432D-4151-BA0E-77FB6A115CD3}) (Version: 1.2.0 - Tomorrow Corporation)Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{20DEB77C-21D6-4D22-BB47-233E47613D57}) (Version: 1.1.0322 - Microsoft Corporation)Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)Toolkit Documentation (Version: 8.100.26866 - Microsoft) HiddenWindows Assessment and Deployment Kit for Windows 8.1 (HKLM\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)WPT Redistributables (Version: 8.100.26866 - Microsoft) HiddenWPTx86 (Version: 8.100.26837 - Microsoft) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 25-06-2015 17:00:38 Installed Microsoft Games for Windows - LIVE Redistributable25-06-2015 17:03:40 Installed DirectX25-06-2015 17:16:45 Installed DirectX26-06-2015 13:24:49 Installed Little Inferno 1.2 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 07:34 - 2009-06-11 03:09 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {5E6D8E5F-06FF-400A-9672-A7AE7034AE93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-25] (Google Inc.)Task: {BDBDB62E-8D67-4EDC-915F-AE5FF17718DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-25] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-246419875-1643227403-1005632818-1000\...\skype.com -> hxxps://apps.skype.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-246419875-1643227403-1005632818-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\W7U\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 4.2.2.2 - 10.10.10.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{C725A54A-522F-4D5C-B9CC-ED502D78830C}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exeFirewallRules: [uDP Query User{EEEA8C9E-935D-4F39-AB29-29C0A60DDADB}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exeFirewallRules: [{77A9818F-AD03-405C-A2BC-AFCAC888ABD8}] => (Allow) G:\Skype\Phone\Skype.exeFirewallRules: [{599D81AF-05BF-4FCD-850C-C2378F557FFF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exeFirewallRules: [TCP Query User{131B5BFC-31BA-4EB8-85F4-8A87BE36C1D3}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exeFirewallRules: [uDP Query User{F73A208B-32DB-4C10-B43C-EF184FB6AF81}C:\windows\system32\taskmgr.exe] => (Block) C:\windows\system32\taskmgr.exeFirewallRules: [TCP Query User{48D7A835-4BA8-43AE-AAFC-085CFF42A743}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exeFirewallRules: [uDP Query User{38D63DBA-A315-4E55-943D-333DCEC1253E}C:\windows\system32\taskhost.exe] => (Block) C:\windows\system32\taskhost.exeFirewallRules: [TCP Query User{11A10377-22B1-44EF-968F-E2168C4ECD9E}C:\users\w7u\desktop\procexp.exe] => (Block) C:\users\w7u\desktop\procexp.exeFirewallRules: [uDP Query User{64C67AFC-29D0-4DD1-B4BF-59D2E331ED18}C:\users\w7u\desktop\procexp.exe] => (Block) C:\users\w7u\desktop\procexp.exeFirewallRules: [TCP Query User{CA8DF04C-53FB-444C-8513-57BBAD5AB9CF}C:\windows\system32\dllhost.exe] => (Block) C:\windows\system32\dllhost.exeFirewallRules: [uDP Query User{BE69B681-3AA3-40BC-8340-18FD0DA1A730}C:\windows\system32\dllhost.exe] => (Block) C:\windows\system32\dllhost.exeFirewallRules: [TCP Query User{54A10101-7B4F-4360-9A34-90B44010E327}G:\malwarebytes anti-malware\mbam.exe] => (Block) G:\malwarebytes anti-malware\mbam.exeFirewallRules: [uDP Query User{6BE3A073-BB51-4F19-9D99-DE0793094705}G:\malwarebytes anti-malware\mbam.exe] => (Block) G:\malwarebytes anti-malware\mbam.exe ==================== Faulty Device Manager Devices ============= Name: CoprocessorDescription: CoprocessorClass Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors:==================Error: (06/26/2015 05:55:01 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 05:50:34 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 05:40:40 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 05:23:49 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 11:57:39 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 11:39:31 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 11:03:41 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/25/2015 06:29:16 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/25/2015 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/25/2015 05:16:45 PM) (Source: VSS) (EventID: 8194) (User: )Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied..This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {803b0aa6-d9f3-4aed-a365-8b86651dd4cc} System errors:=============Error: (06/26/2015 05:28:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (06/26/2015 05:22:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (06/26/2015 05:22:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (06/26/2015 05:22:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (06/26/2015 05:22:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (06/26/2015 05:22:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (06/26/2015 05:22:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (06/26/2015 05:22:23 PM) (Source: DCOM) (EventID: 10005) (User: )Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (06/26/2015 05:22:23 PM) (Source: DCOM) (EventID: 10005) (User: )Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (06/26/2015 05:22:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Microsoft Office:=========================Error: (06/26/2015 05:55:01 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 05:50:34 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 05:40:40 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 05:23:49 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 11:57:39 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 11:39:31 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 11:03:41 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/25/2015 06:29:16 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/25/2015 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/25/2015 05:16:45 PM) (Source: VSS) (EventID: 8194) (User: )Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {803b0aa6-d9f3-4aed-a365-8b86651dd4cc} ==================== Memory info =========================== Processor: AMD Athlon 64 X2 Dual Core Processor 5000+Percentage of memory in use: 34%Total physical RAM: 1983.37 MBAvailable physical RAM: 1307.99 MBTotal Pagefile: 3966.73 MBAvailable Pagefile: 3189.5 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1902.35 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:27.56 GB) (Free:10.13 GB) NTFSDrive d: (TATTOO) (Fixed) (Total:58.23 GB) (Free:21.55 GB) NTFSDrive e: (MANNY) (Fixed) (Total:30.67 GB) (Free:21.03 GB) NTFSDrive f: (MUSIC) (Fixed) (Total:58.2 GB) (Free:25.2 GB) NTFSDrive g: (Programs) (Fixed) (Total:29.81 GB) (Free:24.87 GB) NTFSDrive h: (Secondary) (Fixed) (Total:28.32 GB) (Free:19.58 GB) NTFSDrive j: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:10.2 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E55DE55D)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=28.3 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=174.7 GB) - (Type=OF Extended) ========================================================Disk: 1 (Size: 931.5 GB) (Disk ID: 4251AEA0)Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of log ============================
  5. Update: file wikq.exe is replaced with yuqx.exe, which I can't delete as well. I redownloaded Malwarebytes and scanned the system but all it found is this one yuqx.exe file and apparently 3 registries: Security Center from Microsoft. A new process now appears sometimes called dllhandle.exe and takes 50% of CPU. Also I tried to run SFC scan in Safe Mode and it didn't help (Windows Resource Protection did not find any inegrity violations). Bump .___.
  6. So it first started with Malwarebytes finding a wikq.exe file in the C: drive. It only found that file and NOTHING else. Every time it would delete it, the file would reappear again in few seconds. Later, every single program started asking for permission to network. Even programs like exlporer.exe or taskhost.exe would ask for permission which was very weird. Then random processes started taking about 50% of CPU. Processes like skype.exe, chrome.exe, taskhost.exe, svchost.exe, explorer.exe. Only one of them would use too much CPU at a time, if I shut that process down then after few seconds another random process starts to use too much CPU. I tried to reinstall the Windows, the problem disappeared for about 10 minutes and then it came back. I tried to fully scan with Malwarebytes, it found nothing. After that I even tried SUPERAntiSpyware, it found few files but nothing was fixed. Now, both Anti-viruses won't even start, they would crash on the startup giving a Runtime error. Games that used to work before now won't start as well, and just give a random error code. I've no idea what to do, so I came here for help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.